commit b7f27cb61a09c76973cdeb4ed4207b7f2e6f4c65 · pyrox.dev/nixpkgs

nixos/tests/all-tests.nix

···

       130
        
         initrd-network-ssh = handleTest ./initrd-network-ssh {};

     

       131
        
         initrdNetwork = handleTest ./initrd-network.nix {};

     

       132
        
         installer = handleTest ./installer.nix {};

     

       0
        
       
     

       133
        
         ipv6 = handleTest ./ipv6.nix {};

     

       134
        
         jackett = handleTest ./jackett.nix {};

     

       135
        
         jellyfin = handleTest ./jellyfin.nix {};

···

       130
        
         initrd-network-ssh = handleTest ./initrd-network-ssh {};

     

       131
        
         initrdNetwork = handleTest ./initrd-network.nix {};

     

       132
        
         installer = handleTest ./installer.nix {};

     

       133
       +
         iodine = handleTest ./iodine.nix {};

     

       134
        
         ipv6 = handleTest ./ipv6.nix {};

     

       135
        
         jackett = handleTest ./jackett.nix {};

     

       136
        
         jellyfin = handleTest ./jellyfin.nix {};

+63

nixos/tests/iodine.nix

···

       1
       +
       import ./make-test-python.nix (

     

       2
       +
         { pkgs, ... }: let

     

       3
       +
           domain = "whatever.example.com";

     

       4
       +
         in

     

       5
       +
           {

     

       6
       +
             name = "iodine";

     

       7
       +
             nodes = {

     

       8
       +
               server =

     

       9
       +
                 { ... }:

     

       10
       +
       

     

       11
       +
                   {

     

       12
       +
                     networking.firewall = {

     

       13
       +
                       allowedUDPPorts = [ 53 ];

     

       14
       +
                       trustedInterfaces = [ "dns0" ];

     

       15
       +
                     };

     

       16
       +
                     boot.kernel.sysctl = {

     

       17
       +
                       "net.ipv4.ip_forward" = 1;

     

       18
       +
                       "net.ipv6.ip_forward" = 1;

     

       19
       +
                     };

     

       20
       +
       

     

       21
       +
                     services.iodine.server = {

     

       22
       +
                       enable = true;

     

       23
       +
                       ip = "10.53.53.1/24";

     

       24
       +
                       passwordFile = "${builtins.toFile "password" "foo"}";

     

       25
       +
                       inherit domain;

     

       26
       +
                     };

     

       27
       +
       

     

       28
       +
                     # test resource: accessible only via tunnel

     

       29
       +
                     services.openssh = {

     

       30
       +
                       enable = true;

     

       31
       +
                       openFirewall = false;

     

       32
       +
                     };

     

       33
       +
                   };

     

       34
       +
       

     

       35
       +
               client =

     

       36
       +
                 { ... }: {

     

       37
       +
                   services.iodine.clients.testClient = {

     

       38
       +
                     # test that ProtectHome is "read-only"

     

       39
       +
                     passwordFile = "/root/pw";

     

       40
       +
                     relay = "server";

     

       41
       +
                     server = domain;

     

       42
       +
                   };

     

       43
       +
                   systemd.tmpfiles.rules = [

     

       44
       +
                     "f /root/pw 0666 root root - foo"

     

       45
       +
                   ];

     

       46
       +
                   environment.systemPackages = [

     

       47
       +
                     pkgs.nagiosPluginsOfficial

     

       48
       +
                   ];

     

       49
       +
                 };

     

       50
       +
       

     

       51
       +
             };

     

       52
       +
       

     

       53
       +
             testScript = ''

     

       54
       +
               start_all()

     

       55
       +
       

     

       56
       +
               server.wait_for_unit("sshd")

     

       57
       +
               server.wait_for_unit("iodined")

     

       58
       +
               client.wait_for_unit("iodine-testClient")

     

       59
       +
       

     

       60
       +
               client.succeed("check_ssh -H 10.53.53.1")

     

       61
       +
             '';

     

       62
       +
           }

     

       63
       +
       )

+5 -1

pkgs/tools/networking/iodine/default.nix

···

       1
       -
       { stdenv, fetchFromGitHub, zlib, nettools }:

     

       2
        
       

     

       3
        
       stdenv.mkDerivation rec {

     

       4
        
         pname = "iodine";

     
···

       18
        
         NIX_CFLAGS_COMPILE = "-DIFCONFIGPATH=\"${nettools}/bin/\"";

     

       19
        
       

     

       20
        
         installFlags = [ "prefix=\${out}" ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       21
        
       

     

       22
        
         meta = {

     

       23
        
           homepage = http://code.kryo.se/iodine/;

···

       1
       +
       { stdenv, fetchFromGitHub, zlib, nettools, nixosTests }:

     

       2
        
       

     

       3
        
       stdenv.mkDerivation rec {

     

       4
        
         pname = "iodine";

     
···

       18
        
         NIX_CFLAGS_COMPILE = "-DIFCONFIGPATH=\"${nettools}/bin/\"";

     

       19
        
       

     

       20
        
         installFlags = [ "prefix=\${out}" ];

     

       21
       +
       

     

       22
       +
         passthru.tests = {

     

       23
       +
           inherit (nixosTests) iodine;

     

       24
       +
         };

     

       25
        
       

     

       26
        
         meta = {

     

       27
        
           homepage = http://code.kryo.se/iodine/;