2017-12-19 23:42:18 +01:00
|
|
|
with import <stockholm/lib>;
|
2017-12-31 03:59:13 +01:00
|
|
|
import <nixpkgs/nixos/tests/make-test.nix> ({ ... }:
|
2017-12-19 23:42:18 +01:00
|
|
|
|
|
|
|
let
|
2017-12-31 03:59:13 +01:00
|
|
|
pkgs = import <nixpkgs> { overlays = [(import ../5pkgs)]; };
|
2017-12-19 23:42:18 +01:00
|
|
|
test-config = <stockholm/krebs/6tests/data/test-config.nix>;
|
|
|
|
privKey = ''
|
|
|
|
-----BEGIN OPENSSH PRIVATE KEY-----
|
|
|
|
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
|
|
|
|
QyNTUxOQAAACD1tYD8r6Fcd7bq3Z0nvo5483nXQ8c4LFh0fcw8rOCQtQAAAJBTNHK6UzRy
|
|
|
|
ugAAAAtzc2gtZWQyNTUxOQAAACD1tYD8r6Fcd7bq3Z0nvo5483nXQ8c4LFh0fcw8rOCQtQ
|
|
|
|
AAAECK2ZlEIofZyGbh7rXlUq5lUsUyotamtp9QrlvoS3qgePW1gPyvoVx3turdnSe+jnjz
|
|
|
|
eddDxzgsWHR9zDys4JC1AAAACWxhc3NAbW9ycwECAwQ=
|
|
|
|
-----END OPENSSH PRIVATE KEY-----
|
|
|
|
'';
|
|
|
|
pubKey = ''
|
|
|
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPW1gPyvoVx3turdnSe+jnjzeddDxzgsWHR9zDys4JC1
|
|
|
|
'';
|
|
|
|
|
|
|
|
ssh-config = pkgs.writeText "ssh-config" ''
|
|
|
|
Host server
|
|
|
|
StrictHostKeyChecking no
|
|
|
|
UserKnownHostsFile=/dev/null
|
|
|
|
'';
|
|
|
|
|
|
|
|
populate-source = {
|
|
|
|
nixos-config = {
|
|
|
|
symlink.target = test-config;
|
|
|
|
type = "symlink";
|
|
|
|
};
|
|
|
|
nixpkgs = {
|
|
|
|
symlink.target = <nixpkgs>;
|
|
|
|
type = "symlink";
|
|
|
|
};
|
|
|
|
stockholm = {
|
|
|
|
symlink.target = <stockholm>;
|
|
|
|
type = "symlink";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
test-deploy = pkgs.writeDash "test-deploy" ''
|
|
|
|
cd ${<stockholm>}
|
|
|
|
export NIX_PATH=stockholm=${<stockholm>}:nixpkgs=${<nixpkgs>}:$NIX_PATH
|
|
|
|
exec >&2
|
|
|
|
: ${minimalSystem}
|
|
|
|
source=${pkgs.writeJSON "source.json" populate-source}
|
|
|
|
cat > /tmp/derp <<EOF
|
|
|
|
builtins.fromJSON (builtins.readFile "$source")
|
|
|
|
EOF
|
|
|
|
LOGNAME=krebs ${pkgs.populate}/bin/populate --force root@server:22/var/src/ < "$source"
|
|
|
|
#LOGNAME=krebs ${pkgs.stockholm}/bin/deploy \
|
|
|
|
# --force-populate \
|
|
|
|
# --source=/tmp/derp \
|
|
|
|
# --system=server \
|
|
|
|
'';
|
|
|
|
minimalSystem = (import <nixpkgs/nixos/lib/eval-config.nix> {
|
|
|
|
modules = [
|
|
|
|
test-config
|
|
|
|
];
|
|
|
|
}).config.system.build.toplevel;
|
|
|
|
|
|
|
|
in {
|
|
|
|
name = "deploy";
|
|
|
|
|
|
|
|
nodes = {
|
|
|
|
|
|
|
|
server =
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
{
|
|
|
|
imports = [ test-config ];
|
|
|
|
environment.variables = {
|
|
|
|
NIX_PATH = mkForce "nixpkgs=${<nixpkgs>}";
|
|
|
|
#LOL = minimalSystem;
|
|
|
|
};
|
|
|
|
services.openssh.enable = true;
|
|
|
|
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
|
|
|
pubKey
|
|
|
|
];
|
|
|
|
#virtualisation.writableStore = true;
|
|
|
|
virtualisation.pathsInNixDB = [
|
|
|
|
minimalSystem
|
|
|
|
pkgs.stockholm
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
client =
|
|
|
|
{ config, pkgs, ... }: { };
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
testScript = ''
|
|
|
|
startAll;
|
|
|
|
|
|
|
|
$server->waitForUnit("sshd");
|
|
|
|
|
|
|
|
$client->succeed("mkdir -p -m 700 /root/.ssh");
|
|
|
|
$client->succeed("echo '${privKey}' > /root/.ssh/id_ed25519");
|
|
|
|
$client->succeed("cp ${ssh-config} /root/.ssh/config");
|
|
|
|
$client->succeed("chmod 600 /root/.ssh/id_ed25519");
|
|
|
|
|
|
|
|
$server->waitForUnit("network.target");
|
|
|
|
$server->succeed("ip route show 1>&2");
|
|
|
|
$client->waitForUnit("network.target");
|
|
|
|
$client->succeed("${test-deploy}");
|
|
|
|
$server->succeed("nixos-rebuild -I /var/src switch");
|
|
|
|
|
|
|
|
$client->shutdown;
|
|
|
|
$server->shutdown;
|
|
|
|
'';
|
|
|
|
})
|