yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'make zerotier name configureable' (#711) from Mic92-zerotier into main

Browse Source
This commit is contained in:
clan-bot
2024-01-11 17:05:54 +00:00
parent 0429291d40 72409a800a
commit 0d9f0c3ec1
6 changed files with 39 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
checks/impure/flake-module.nix
View File

@@ -1,66 +1,18 @@
{ ... }: { {
perSystem = { pkgs, lib, ... }: { perSystem = { pkgs, lib, ... }: {
packages = rec { # a script that executes all other checks
# a script that executes all other checks packages.impure-checks = pkgs.writeShellScriptBin "impure-checks" ''
impure-checks = pkgs.writeShellScriptBin "impure-checks" '' #!${pkgs.bash}/bin/bash
#!${pkgs.bash}/bin/bash set -euo pipefail
set -euo pipefail
export PATH="${lib.makeBinPath [ export PATH="${lib.makeBinPath [
pkgs.gitMinimal pkgs.gitMinimal
pkgs.nix pkgs.nix
pkgs.rsync # needed to have rsync installed on the dummy ssh server pkgs.rsync # needed to have rsync installed on the dummy ssh server
]}" ]}"
ROOT=$(git rev-parse --show-toplevel) ROOT=$(git rev-parse --show-toplevel)
cd "$ROOT/pkgs/clan-cli" cd "$ROOT/pkgs/clan-cli"
nix develop "$ROOT#clan-cli" -c bash -c "TMPDIR=/tmp python -m pytest -m impure ./tests $@" nix develop "$ROOT#clan-cli" -c bash -c "TMPDIR=/tmp python -m pytest -m impure ./tests $@"
''; '';
runMockApi = pkgs.writeShellScriptBin "run-mock-api" ''
#!${pkgs.bash}/bin/bash
set -euo pipefail
export PATH="${lib.makeBinPath [
pkgs.gitMinimal
pkgs.nix
pkgs.rsync # needed to have rsync installed on the dummy ssh server
pkgs.coreutils
pkgs.procps
]}"
ROOT=$(git rev-parse --show-toplevel)
cd "$ROOT/pkgs/clan-cli"
nix develop "$ROOT#clan-cli" -c bash -c 'TMPDIR=/tmp clan webui --no-open --port 5757'
'';
runSchemaTests = pkgs.writeShellScriptBin "runSchemaTests" ''
#!${pkgs.bash}/bin/bash
set -euo pipefail
${runMockApi}/bin/run-mock-api &
MOCK_API_PID=$!
echo "Started mock api with pid $MOCK_API_PID"
function cleanup {
echo "Stopping server..."
pkill -9 -f "python -m clan webui --no-open --port 5757"
}
trap cleanup EXIT
export PATH="${lib.makeBinPath [
pkgs.gitMinimal
pkgs.nix
pkgs.rsync # needed to have rsync installed on the dummy ssh server
pkgs.procps
pkgs.coreutils
]}"
sleep 3
ROOT=$(git rev-parse --show-toplevel)
cd "$ROOT/pkgs/clan-cli"
nix develop "$ROOT#clan-cli" -c bash -c 'TMPDIR=/tmp st auth login RHtr8nLtz77tqRP8yUGyf-Flv_9SLI'
nix develop "$ROOT#clan-cli" -c bash -c 'TMPDIR=/tmp st run http://localhost:5757/openapi.json --experimental=openapi-3.1 --report --workers 8 --max-response-time=50 --request-timeout=1000 -M GET'
'';
};
}; };
} }

54
checks/schema.nix
View File

@@ -1,54 +0,0 @@
{ self, lib, inputs, ... }:
let
inherit (builtins)
mapAttrs
toJSON
toFile
;
inherit (lib)
mapAttrs'
;
clanLib = self.lib;
clanModules = self.clanModules;
in
{
perSystem = { pkgs, ... }:
let
baseModule = {
imports =
(import (inputs.nixpkgs + "/nixos/modules/module-list.nix"))
++ [{
nixpkgs.hostPlatform = pkgs.system;
}];
};
optionsFromModule = module:
let
evaled = lib.evalModules {
modules = [ module baseModule ];
};
in
evaled.options.clan.networking;
clanModuleSchemas =
mapAttrs
(_: module: clanLib.jsonschema.parseOptions (optionsFromModule module))
clanModules;
mkTest = name: schema: pkgs.runCommand "schema-${name}" { } ''
${pkgs.check-jsonschema}/bin/check-jsonschema \
--check-metaschema ${toFile "schema-${name}" (toJSON schema)}
touch $out
'';
in
{
checks = mapAttrs'
(name: schema: {
name = "schema-${name}";
value = mkTest name schema;
})
clanModuleSchemas;
};
}

1
checks/schemas.nix
View File

@@ -7,6 +7,7 @@ let
(import (pkgs.path + "/nixos/modules/module-list.nix")) (import (pkgs.path + "/nixos/modules/module-list.nix"))
++ [{ ++ [{
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
clanCore.clanName = "dummy";
}]; }];
}; };

8
docs/contributing.md
View File

@@ -174,14 +174,6 @@ nix build .#checks.x86_64-linux.clan-pytest --rebuild
This command will run all pure test functions. This command will run all pure test functions.
### Running schemathesis fuzzer on GET requests
```bash
nix run .#runSchemaTests
```
If you want to test more request types edit the file `checks/impure/flake-module.nix`
### Inspecting the Nix Sandbox ### Inspecting the Nix Sandbox
If you need to inspect the Nix sandbox while running tests, follow these steps: If you need to inspect the Nix sandbox while running tests, follow these steps:

25
nixosModules/clanCore/zerotier/default.nix
View File

@@ -15,7 +15,7 @@ let
ipAssignmentPools = [ ]; ipAssignmentPools = [ ];
mtu = 2800; mtu = 2800;
multicastLimit = 32; multicastLimit = 32;
name = ""; name = cfg.name;
uwid = cfg.networkId; uwid = cfg.networkId;
objtype = "network"; objtype = "network";
private = !cfg.controller.public; private = !cfg.controller.public;
@@ -52,6 +52,13 @@ in
zerotier networking id zerotier networking id
''; '';
}; };
name = lib.mkOption {
type = lib.types.str;
default = config.clanCore.clanName;
description = ''
zerotier network name
'';
};
subnet = lib.mkOption { subnet = lib.mkOption {
type = lib.types.nullOr lib.types.str; type = lib.types.nullOr lib.types.str;
readOnly = true; readOnly = true;
@@ -129,6 +136,21 @@ in
fi fi
''}" ''}"
]; ];
systemd.services.zerotierone.serviceConfig.ExecStartPost = [
"+${pkgs.writeShellScript "configure-interface" ''
while ! ${pkgs.netcat}/bin/nc -z localhost 9993; do
sleep 0.1
done
zerotier-cli listnetworks -j | ${pkgs.jq}/bin/jq -r '.[] | [.portDeviceName, .name] | @tsv' \
| while IFS=$'\t' read -r portDeviceName name; do
if [[ -z "$name" ]] || [[ -z "$portDeviceName" ]]; then
continue
fi
# Execute the command for each element
${pkgs.iproute2}/bin/ip link property add dev "$portDeviceName" altname "$name"
done
''}"
];
networking.firewall.interfaces."zt+".allowedTCPPorts = [ 5353 ]; # mdns networking.firewall.interfaces."zt+".allowedTCPPorts = [ 5353 ]; # mdns
networking.firewall.interfaces."zt+".allowedUDPPorts = [ 5353 ]; # mdns networking.firewall.interfaces."zt+".allowedUDPPorts = [ 5353 ]; # mdns
@@ -165,7 +187,6 @@ in
environment.systemPackages = [ config.clanCore.clanPkgs.zerotier-members ]; environment.systemPackages = [ config.clanCore.clanPkgs.zerotier-members ];
}) })
(lib.mkIf (config.clanCore.secretsUploadDirectory != null && !cfg.controller.enable && cfg.networkId != null) { (lib.mkIf (config.clanCore.secretsUploadDirectory != null && !cfg.controller.enable && cfg.networkId != null) {
clanCore.secrets.zerotier = { clanCore.secrets.zerotier = {
facts.zerotier-ip = { }; facts.zerotier-ip = { };
facts.zerotier-meshname = { }; facts.zerotier-meshname = { };

1
pkgs/clan-cli/clan_cli/config/schema.py
View File

@@ -87,6 +87,7 @@ def machine_schema(
# potentially the config might affect submodule options, # potentially the config might affect submodule options,
# therefore we need to import it # therefore we need to import it
config config
{{ clanCore.clanName = "fakeClan"; }}
] ]
# add all clan modules specified via clanImports # add all clan modules specified via clanImports
++ (map (name: clan-core.clanModules.${{name}}) config.clanImports or []); ++ (map (name: clan-core.clanModules.${{name}}) config.clanImports or []);