nixos/tests/wstunnel.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / wstunnel.nix
at master 2.5 kB view raw
 1let
 2  certs = import ./common/acme/server/snakeoil-certs.nix;
 3  domain = certs.domain;
 4in
 5
 6{
 7  name = "wstunnel";
 8
 9  nodes = {
10    server = {
11      virtualisation.vlans = [ 1 ];
12
13      security.pki.certificateFiles = [ certs.ca.cert ];
14
15      networking = {
16        useNetworkd = true;
17        useDHCP = false;
18        firewall.enable = false;
19      };
20
21      systemd.network.networks."01-eth1" = {
22        name = "eth1";
23        networkConfig.Address = "10.0.0.1/24";
24      };
25
26      services.wstunnel = {
27        enable = true;
28        servers.my-server = {
29          listen = {
30            host = "10.0.0.1";
31            port = 443;
32          };
33          settings = {
34            tls-certificate = "${certs.${domain}.cert}";
35            tls-private-key = "${certs.${domain}.key}";
36          };
37        };
38      };
39    };
40
41    client = {
42      virtualisation.vlans = [ 1 ];
43
44      security.pki.certificateFiles = [ certs.ca.cert ];
45
46      networking = {
47        useNetworkd = true;
48        useDHCP = false;
49        firewall.enable = false;
50        hosts = {
51          "10.0.0.1" = [ domain ];
52        };
53      };
54
55      systemd.network.networks."01-eth1" = {
56        name = "eth1";
57        networkConfig.Address = "10.0.0.2/24";
58      };
59
60      services.wstunnel = {
61        enable = true;
62        clients.my-client = {
63          autoStart = false;
64          connectTo = "wss://${domain}:443";
65          settings = {
66            local-to-remote = [ "tcp://8080:localhost:2080" ];
67            remote-to-local = [ "tcp://2081:localhost:8081" ];
68          };
69        };
70      };
71    };
72  };
73
74  testScript = # python
75    ''
76      start_all()
77      server.wait_for_unit("wstunnel-server-my-server.service")
78      client.wait_for_open_port(443, "10.0.0.1")
79
80      client.systemctl("start wstunnel-client-my-client.service")
81      client.wait_for_unit("wstunnel-client-my-client.service")
82
83      with subtest("connection from client to server"):
84        server.succeed("nc -l 2080 >/tmp/msg &")
85        client.sleep(1)
86        client.succeed('nc -w1 localhost 8080 <<<"Hello from client"')
87        server.succeed('grep "Hello from client" /tmp/msg')
88
89      with subtest("connection from server to client"):
90        client.succeed("nc -l 8081 >/tmp/msg &")
91        server.sleep(1)
92        server.succeed('nc -w1 localhost 2081 <<<"Hello from server"')
93        client.succeed('grep "Hello from server" /tmp/msg')
94
95      client.systemctl("stop wstunnel-client-my-client.service")
96    '';
97}