diff options
| author | Christian Kögler <ck3d@gmx.de> | 2024-03-14 22:46:14 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-03-14 22:46:14 +0100 |
| commit | f56c78f50a52a22516de48aea184c5030b07c84d (patch) | |
| tree | 127192d401aa39d6e46e4ba7265bac12925c4ece | |
| parent | 762e47db03e2580d87064a2000c082971f1c655a (diff) | |
| parent | f4f99bf8cc1b1ede7b3cd7274348d302701166f9 (diff) | |
| download | nixlib-f56c78f50a52a22516de48aea184c5030b07c84d.tar nixlib-f56c78f50a52a22516de48aea184c5030b07c84d.tar.gz nixlib-f56c78f50a52a22516de48aea184c5030b07c84d.tar.bz2 nixlib-f56c78f50a52a22516de48aea184c5030b07c84d.tar.lz nixlib-f56c78f50a52a22516de48aea184c5030b07c84d.tar.xz nixlib-f56c78f50a52a22516de48aea184c5030b07c84d.tar.zst nixlib-f56c78f50a52a22516de48aea184c5030b07c84d.zip | |
Merge pull request #295443 from ck3d/machinectl-routable
nixos.test.machinectl: add routable network and shared store
| -rw-r--r-- | nixos/tests/systemd-machinectl.nix | 41 |
1 files changed, 38 insertions, 3 deletions
diff --git a/nixos/tests/systemd-machinectl.nix b/nixos/tests/systemd-machinectl.nix index b8ed0c33e8e4..02b4d9c590b5 100644 --- a/nixos/tests/systemd-machinectl.nix +++ b/nixos/tests/systemd-machinectl.nix @@ -42,8 +42,18 @@ import ./make-test-python.nix ({ pkgs, ... }: virtualisation.additionalPaths = [ containerSystem ]; - # not needed, but we want to test the nspawn file generation - systemd.nspawn.${containerName} = { }; + systemd.tmpfiles.rules = [ + "d /var/lib/machines/shared-decl 0755 root root - -" + ]; + systemd.nspawn.shared-decl = { + execConfig = { + Boot = false; + Parameters = "${containerSystem}/init"; + }; + filesConfig = { + BindReadOnly = "/nix/store"; + }; + }; systemd.services."systemd-nspawn@${containerName}" = { serviceConfig.Environment = [ @@ -52,14 +62,33 @@ import ./make-test-python.nix ({ pkgs, ... }: ]; overrideStrategy = "asDropin"; }; + + # open DHCP for container + networking.firewall.extraCommands = '' + ${pkgs.iptables}/bin/iptables -A nixos-fw -i ve-+ -p udp -m udp --dport 67 -j nixos-fw-accept + ''; }; testScript = '' start_all() machine.wait_for_unit("default.target"); - # Install container + # Test machinectl start stop of shared-decl + machine.succeed("machinectl start shared-decl"); + machine.wait_until_succeeds("systemctl -M shared-decl is-active default.target"); + machine.succeed("machinectl stop shared-decl"); + + # create containers root machine.succeed("mkdir -p ${containerRoot}"); + + # start container with shared nix store by using same arguments as for systemd-nspawn@.service + machine.succeed("systemd-run systemd-nspawn --machine=${containerName} --network-veth -U --bind-ro=/nix/store ${containerSystem}/init") + machine.wait_until_succeeds("systemctl -M ${containerName} is-active default.target"); + + # Test machinectl stop + machine.succeed("machinectl stop ${containerName}"); + + # Install container # Workaround for nixos-install machine.succeed("chmod o+rx /var/lib/machines"); machine.succeed("nixos-install --root ${containerRoot} --system ${containerSystem} --no-channel-copy --no-root-passwd"); @@ -77,6 +106,12 @@ import ./make-test-python.nix ({ pkgs, ... }: # Test nss_mymachines via nscd machine.succeed("getent hosts ${containerName}"); + # Test systemd-nspawn network configuration to container + machine.succeed("networkctl --json=short status ve-${containerName} | ${pkgs.jq}/bin/jq -e '.OperationalState == \"routable\"'"); + + # Test systemd-nspawn network configuration to host + machine.succeed("machinectl shell ${containerName} /run/current-system/sw/bin/networkctl --json=short status host0 | ${pkgs.jq}/bin/jq -r '.OperationalState == \"routable\"'"); + # Test systemd-nspawn network configuration machine.succeed("ping -n -c 1 ${containerName}"); |