diff options
| author | Peder Bergebakken Sundt <pbsds@hotmail.com> | 2023-11-30 18:17:24 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-11-30 18:17:24 +0100 |
| commit | 637577f1bb470621820900dcbc3ceef400d37f65 (patch) | |
| tree | 602fae4c18148fa47c55d583a4bd0a59a5eda5dd /nixos/tests | |
| parent | c4b427e1555e1c6e40c71492c70650f2892f802f (diff) | |
| parent | 070bcf9da438a76495f624fc31b2be8036ee7a30 (diff) | |
| download | nixlib-637577f1bb470621820900dcbc3ceef400d37f65.tar nixlib-637577f1bb470621820900dcbc3ceef400d37f65.tar.gz nixlib-637577f1bb470621820900dcbc3ceef400d37f65.tar.bz2 nixlib-637577f1bb470621820900dcbc3ceef400d37f65.tar.lz nixlib-637577f1bb470621820900dcbc3ceef400d37f65.tar.xz nixlib-637577f1bb470621820900dcbc3ceef400d37f65.tar.zst nixlib-637577f1bb470621820900dcbc3ceef400d37f65.zip | |
Merge pull request #261704 from baloo/baloo/dublin-traceroute/init
dublin-traceroute: init at 2023.04.12
Diffstat (limited to 'nixos/tests')
| -rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/dublin-traceroute.nix | 63 |
2 files changed, 64 insertions, 0 deletions
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 480439c2a25e..9caffa97ec8c 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -253,6 +253,7 @@ in { domination = handleTest ./domination.nix {}; dovecot = handleTest ./dovecot.nix {}; drbd = handleTest ./drbd.nix {}; + dublin-traceroute = handleTest ./dublin-traceroute.nix {}; earlyoom = handleTestOn ["x86_64-linux"] ./earlyoom.nix {}; early-mount-options = handleTest ./early-mount-options.nix {}; ec2-config = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-config or {}; diff --git a/nixos/tests/dublin-traceroute.nix b/nixos/tests/dublin-traceroute.nix new file mode 100644 index 000000000000..b359b7fcdd6f --- /dev/null +++ b/nixos/tests/dublin-traceroute.nix @@ -0,0 +1,63 @@ +# This is a simple distributed test involving a topology with two +# separate virtual networks - the "inside" and the "outside" - with a +# client on the inside network, a server on the outside network, and a +# router connected to both that performs Network Address Translation +# for the client. +import ./make-test-python.nix ({ pkgs, lib, ... }: + let + routerBase = + lib.mkMerge [ + { virtualisation.vlans = [ 2 1 ]; + networking.nftables.enable = true; + networking.nat.internalIPs = [ "192.168.1.0/24" ]; + networking.nat.externalInterface = "eth1"; + } + ]; + in + { + name = "dublin-traceroute"; + meta = with pkgs.lib.maintainers; { + maintainers = [ baloo ]; + }; + + nodes.client = { nodes, ... }: { + imports = [ ./common/user-account.nix ]; + virtualisation.vlans = [ 1 ]; + + networking.defaultGateway = + (builtins.head nodes.router.networking.interfaces.eth2.ipv4.addresses).address; + networking.nftables.enable = true; + + programs.dublin-traceroute.enable = true; + }; + + nodes.router = { ... }: { + virtualisation.vlans = [ 2 1 ]; + networking.nftables.enable = true; + networking.nat.internalIPs = [ "192.168.1.0/24" ]; + networking.nat.externalInterface = "eth1"; + networking.nat.enable = true; + }; + + nodes.server = { ... }: { + virtualisation.vlans = [ 2 ]; + networking.firewall.enable = false; + services.httpd.enable = true; + services.httpd.adminAddr = "foo@example.org"; + services.vsftpd.enable = true; + services.vsftpd.anonymousUser = true; + }; + + testScript = '' + client.start() + router.start() + server.start() + + server.wait_for_unit("network.target") + router.wait_for_unit("network.target") + client.wait_for_unit("network.target") + + # Make sure we can trace from an unprivileged user + client.succeed("sudo -u alice dublin-traceroute server") + ''; + }) |