pyrox.dev / nixpkgs
lol
fork atom

nixos/tests/wireguard: test for pre shared keys working with networkd

networkException 61d11b7e c1eb3b68

options
unified split
Changed files
+12
nixos
tests
wireguard
networkd.nix
snakeoil-keys.nix
+10
nixos/tests/wireguard/networkd.nix 
···

       
39

       
39

       
 

       
                "fc00::2/128"


     

       
40

       
40

       
 

       
              ];


     

       
41

       
41

       
 

       



     

       

       
42

       
+

       
              # !!! Don't do this with real keys. The /nix store is world-readable!


     

       

       
43

       
+

       
              presharedKeyFile = toString (pkgs.writeText "presharedKey" wg-snakeoil-keys.presharedKey);


     

       

       
44

       
+

       



     

       
42

       
45

       
 

       
              inherit (wg-snakeoil-keys.peer1) publicKey;


     

       
43

       
46

       
 

       
            };


     

       
44

       
47

       
 

       
          };


     
···

       
69

       
72

       
 

       
              endpoint = "192.168.0.1:23542";


     

       
70

       
73

       
 

       
              persistentKeepalive = 25;


     

       
71

       
74

       
 

       



     

       

       
75

       
+

       
              # !!! Don't do this with real keys. The /nix store is world-readable!


     

       

       
76

       
+

       
              presharedKeyFile = toString (pkgs.writeText "presharedKey" wg-snakeoil-keys.presharedKey);


     

       

       
77

       
+

       



     

       
72

       
78

       
 

       
              inherit (wg-snakeoil-keys.peer0) publicKey;


     

       
73

       
79

       
 

       
            };


     

       
74

       
80

       
 

       
          };


     
···

       
87

       
93

       
 

       



     

       
88

       
94

       
 

       
      peer1.succeed("ping -c5 fc00::1")


     

       
89

       
95

       
 

       
      peer1.succeed("ping -c5 10.23.42.1")


     

       

       
96

       
+

       



     

       

       
97

       
+

       
      with subtest("Has PSK set"):


     

       

       
98

       
+

       
        peer0.succeed("wg | grep 'preshared key'")


     

       

       
99

       
+

       
        peer1.succeed("wg | grep 'preshared key'")


     

       
90

       
100

       
 

       
    '';


     

       
91

       
101

       
 

       
  }


     

       
92

       
102

       
 

       
)
+2
nixos/tests/wireguard/snakeoil-keys.nix 
···

       
1

       
1

       
 

       
{


     

       

       
2

       
+

       
  presharedKey = "7myEJlGAWLTg83y7Py29pp7REQBVmZfI4xcawjcZpjg=";


     

       

       
3

       
+

       



     

       
2

       
4

       
 

       
  peer0 = {


     

       
3

       
5

       
 

       
    privateKey = "OPuVRS2T0/AtHDp3PXkNuLQYDiqJaBEEnYe42BSnJnQ=";


     

       
4

       
6

       
 

       
    publicKey = "IujkG119YPr2cVQzJkSLYCdjpHIDjvr/qH1w1tdKswY=";