pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / tmate-ssh-server.nix
at master 2.4 kB view raw
1{ pkgs, lib, ... }: 2let 3 inherit (import ./ssh-keys.nix pkgs) 4 snakeOilPrivateKey 5 snakeOilPublicKey 6 ; 7 8 setUpPrivateKey = name: '' 9 ${name}.succeed( 10 "mkdir -p /root/.ssh", 11 "chmod 700 /root/.ssh", 12 "cat '${snakeOilPrivateKey}' > /root/.ssh/id_snakeoil", 13 "chmod 600 /root/.ssh/id_snakeoil", 14 ) 15 ${name}.wait_for_file("/root/.ssh/id_snakeoil") 16 ''; 17 18 sshOpts = "-oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -oIdentityFile=/root/.ssh/id_snakeoil"; 19 20in 21{ 22 name = "tmate-ssh-server"; 23 nodes = { 24 server = 25 { ... }: 26 { 27 services.tmate-ssh-server = { 28 enable = true; 29 port = 2223; 30 openFirewall = true; 31 }; 32 }; 33 client = 34 { ... }: 35 { 36 environment.systemPackages = [ pkgs.tmate ]; 37 services.openssh.enable = true; 38 users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; 39 }; 40 client2 = 41 { ... }: 42 { 43 environment.systemPackages = [ pkgs.openssh ]; 44 }; 45 }; 46 testScript = '' 47 start_all() 48 49 server.wait_for_unit("tmate-ssh-server.service") 50 server.wait_for_open_port(2223) 51 server.wait_for_file("/etc/tmate-ssh-server-keys/ssh_host_ed25519_key.pub") 52 server.wait_for_file("/etc/tmate-ssh-server-keys/ssh_host_rsa_key.pub") 53 server.succeed("tmate-client-config > /tmp/tmate.conf") 54 server.wait_for_file("/tmp/tmate.conf") 55 56 ${setUpPrivateKey "server"} 57 client.wait_for_unit("sshd.service") 58 client.wait_for_open_port(22) 59 server.succeed("scp ${sshOpts} /tmp/tmate.conf client:/tmp/tmate.conf") 60 61 client.wait_for_file("/tmp/tmate.conf") 62 client.wait_until_tty_matches("1", "login:") 63 client.send_chars("root\n") 64 client.sleep(2) 65 client.send_chars("tmate -f /tmp/tmate.conf\n") 66 client.sleep(2) 67 client.send_chars("q") 68 client.sleep(2) 69 client.send_chars("tmate display -p '#{tmate_ssh}' > /tmp/ssh_command\n") 70 client.wait_for_file("/tmp/ssh_command") 71 ssh_cmd = client.succeed("cat /tmp/ssh_command") 72 73 client2.succeed("mkdir -p ~/.ssh; ssh-keyscan -4 -p 2223 server > ~/.ssh/known_hosts") 74 client2.wait_until_tty_matches("1", "login:") 75 client2.send_chars("root\n") 76 client2.sleep(2) 77 client2.send_chars(ssh_cmd.strip() + "\n") 78 client2.sleep(2) 79 client2.send_chars("touch /tmp/client_2\n") 80 81 client.wait_for_file("/tmp/client_2") 82 ''; 83}