From 147cb81ba2bee9ba9b99bd424de18c3a7837d0c3 Mon Sep 17 00:00:00 2001 From: a-kenji Date: Mon, 9 Jun 2025 12:46:32 +0200 Subject: [PATCH] clanServices: Move mycelium test to appropriate location Move the mycelium clanService test to the mycelium clan service. The tests should live close to the definition of the service, so that debugging and discoverability is better. --- checks/flake-module.nix | 1 - clanServices/mycelium/flake-module.nix | 13 ++++- clanServices/mycelium/tests/vm/default.nix | 53 +++++++++++++++++++ .../tests/vm/sops/machines/server/key.json | 6 +++ .../vm/sops/secrets/server-age.key/secret | 15 ++++++ .../sops/secrets/server-age.key/users/admin | 1 + .../tests/vm/sops/users/admin/key.json | 4 ++ .../vars/per-machine/server/mycelium/ip/value | 1 + .../server/mycelium/key/machines/server | 1 + .../per-machine/server/mycelium/key/secret | 19 +++++++ .../server/mycelium/key/users/admin | 1 + .../per-machine/server/mycelium/pubkey/value | 1 + 12 files changed, 114 insertions(+), 2 deletions(-) create mode 100644 clanServices/mycelium/tests/vm/default.nix create mode 100755 clanServices/mycelium/tests/vm/sops/machines/server/key.json create mode 100644 clanServices/mycelium/tests/vm/sops/secrets/server-age.key/secret create mode 120000 clanServices/mycelium/tests/vm/sops/secrets/server-age.key/users/admin create mode 100644 clanServices/mycelium/tests/vm/sops/users/admin/key.json create mode 100644 clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/ip/value create mode 120000 clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/machines/server create mode 100644 clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/secret create mode 120000 clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/users/admin create mode 100644 clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/pubkey/value diff --git a/checks/flake-module.nix b/checks/flake-module.nix index aac353245..7f57f622d 100644 --- a/checks/flake-module.nix +++ b/checks/flake-module.nix @@ -58,7 +58,6 @@ in deltachat = import ./deltachat nixosTestArgs; ergochat = import ./ergochat nixosTestArgs; heisenbridge = import ./heisenbridge nixosTestArgs; - mycelium = import ./mycelium nixosTestArgs; } // lib.optionalAttrs (pkgs.stdenv.hostPlatform.system == "aarch64-linux") { # for some reason this hangs in an odd place in CI, but it works on my machine ... diff --git a/clanServices/mycelium/flake-module.nix b/clanServices/mycelium/flake-module.nix index d3687e5e7..a95c8a106 100644 --- a/clanServices/mycelium/flake-module.nix +++ b/clanServices/mycelium/flake-module.nix @@ -1,6 +1,17 @@ -{ lib, ... }: +{ lib, self, ... }: { clan.modules = { mycelium = lib.modules.importApply ./default.nix { }; }; + perSystem = + { pkgs, ... }: + { + checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { + mycelium = import ./tests/vm/default.nix { + inherit pkgs; + clan-core = self; + nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; + }; + }; + }; } diff --git a/clanServices/mycelium/tests/vm/default.nix b/clanServices/mycelium/tests/vm/default.nix new file mode 100644 index 000000000..223e428eb --- /dev/null +++ b/clanServices/mycelium/tests/vm/default.nix @@ -0,0 +1,53 @@ +{ + pkgs, + nixosLib, + clan-core, + ... +}: +nixosLib.runTest ( + { ... }: + { + imports = [ + clan-core.modules.nixosVmTest.clanTest + ]; + + hostPkgs = pkgs; + + name = "mycelium"; + + clan = { + + test.useContainers = false; + directory = ./.; + modules."@clan/mycelium" = ../../default.nix; + inventory = { + machines.server = { }; + + instances = { + mycelium-test = { + module.name = "@clan/mycelium"; + roles.peer.machines."server".settings = { + openFirewall = true; + addHostedPublicNodes = true; + }; + }; + }; + }; + }; + + nodes = { + server = { }; + }; + + testScript = '' + start_all() + + # Check that mycelium service is running + server.wait_for_unit("mycelium") + server.succeed("systemctl status mycelium") + + # Check that mycelium is listening on its default port + server.wait_until_succeeds("${pkgs.iproute2}/bin/ss -tulpn | grep -q 'mycelium'", 10) + ''; + } +) diff --git a/clanServices/mycelium/tests/vm/sops/machines/server/key.json b/clanServices/mycelium/tests/vm/sops/machines/server/key.json new file mode 100755 index 000000000..5543597d7 --- /dev/null +++ b/clanServices/mycelium/tests/vm/sops/machines/server/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age122lc4fvw2p22gcvwqeme5k49qxtjanqkl2xvr6qvf3r0zyh7scuqz28cam", + "type": "age" + } +] diff --git a/clanServices/mycelium/tests/vm/sops/secrets/server-age.key/secret b/clanServices/mycelium/tests/vm/sops/secrets/server-age.key/secret new file mode 100644 index 000000000..9d63a2541 --- /dev/null +++ b/clanServices/mycelium/tests/vm/sops/secrets/server-age.key/secret @@ -0,0 +1,15 @@ +{ + "data": "ENC[AES256_GCM,data:hLJS+CJllYM50KxKuiYamxBLGd9lwoeIFapP9mZAlVGH5DSenylcKUfsphxafASoB516qns2DznBoS9mWqg9uTsRZjk4WlR3x6A=,iv:uRiIpUKIiV3riNcBAWUqhZbE+Vb7lLMfU0C/TClVZ6M=,tag:4+nsMssiSyq9Iv7sDuWmoQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPUWFOMzluRmdOQXBmRjRN\ncXNSUlB5Z0t6dWYxNVkvMmhrN1FDdmxHcTNJCkhPL3BYMFFXMmU5ZGRqOC9KWEgv\nSHB5OUJqTk5Dd0tDTks1R1ZhYktrLzgKLS0tIHJIMlFRVWphZXlISmR3VUJKUjNk\ndWF4eCt6UHBrSndBay95RVJ3dldiaFkKCgYqrt0aCGRTaHycBoeqv/zeByu2ZZ3Z\nVfgxnD9liIQkS2wERbpk0/Yq9wkKgVxj+DZoWwHYhP0eKCw2UOorCA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-06-04T11:54:59Z", + "mac": "ENC[AES256_GCM,data:xoeOz7FRCPJ18UTsfbY1x/N65pxbTsehT9Kv3MgEd6NQJn6FTvquaj3HEZ0KvIzStBz1FNOhSql9CZUFc4StYps05EbX61MMMnz6Nlj3xcTwuVQFabGoinxcXbCDSA+tAW7VqzVxumj6FMDg+r77gdcIApZjGJg4Z9ws2RZd3u4=,iv:U8IUDwmfg8Umob9mtKgGaKoIY4SKNL895BABJxzx5n8=,tag:tnMCx6D/17ZYgI6SgNS29A==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/mycelium/tests/vm/sops/secrets/server-age.key/users/admin b/clanServices/mycelium/tests/vm/sops/secrets/server-age.key/users/admin new file mode 120000 index 000000000..9e21a9938 --- /dev/null +++ b/clanServices/mycelium/tests/vm/sops/secrets/server-age.key/users/admin @@ -0,0 +1 @@ +../../../users/admin \ No newline at end of file diff --git a/clanServices/mycelium/tests/vm/sops/users/admin/key.json b/clanServices/mycelium/tests/vm/sops/users/admin/key.json new file mode 100644 index 000000000..e408aa96b --- /dev/null +++ b/clanServices/mycelium/tests/vm/sops/users/admin/key.json @@ -0,0 +1,4 @@ +{ + "publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "type": "age" +} diff --git a/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/ip/value b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/ip/value new file mode 100644 index 000000000..347f99246 --- /dev/null +++ b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/ip/value @@ -0,0 +1 @@ +52d:87c1:4222:b550:ee01:a7ae:254:5a66 diff --git a/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/machines/server b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/machines/server new file mode 120000 index 000000000..2bd819ecb --- /dev/null +++ b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/machines/server @@ -0,0 +1 @@ +../../../../../../sops/machines/server \ No newline at end of file diff --git a/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/secret b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/secret new file mode 100644 index 000000000..d698d0e8e --- /dev/null +++ b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:DGzl2G4H+NkwXq0fCUQS0+8FG1x9xoIsYvAgUxP4Qp8=,iv:CXOJVgYNthVOZ4vbdI3n4KLXSFVemzaoEnRGMC+m0i8=,tag:/u+pV3xWpUq0ZtAm6LKuGQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age122lc4fvw2p22gcvwqeme5k49qxtjanqkl2xvr6qvf3r0zyh7scuqz28cam", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZZHZjdXMwclBTeGthcGpM\nV1ArVy83akNHNEpXVFhoR1FWNlJUeHNKTW00CjJFTFZneFNrL0hDMXJpaTQ2M1ln\nTmdPMGhzeUp0NU55QnhCZEU2QVk1OG8KLS0tIDFhQmJhOHJsTjhYNEhITEw0WFgy\nWC9pTi9od0wyMWtZRVZJYWo0Nmo5SHMKDohnAAfrnGOiw55huMme2EEWE53N/feS\nutvbiTZh1ECHCi/uoK757fjnJ/WrQMSxUpctT9I8bpJRtbTqkx3XRw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZeTZENGFpWndDbmdsWDRw\nMTBCVXg5Zkg2a2s5Yk1HSERIVlVQRXdUSUNnCnREbno0dEN0ZEgvOFNMRG1ReGx4\na0h1YUFuMkxBZXJUTE9xOUVUMitEalkKLS0tIFZMZ21qclRqUFR0dlAyMFkzdUNX\nNjRLTWVRVWtHSDlDakEzMmpRVWkyc0EKabm8mTKJVxQNTaIgU+8rb/xk9Dpg+Zjz\nb+wgD0+TlARlenMtIub8Y6N06ENOc20oovylfu+g7xV+EkvRPCd6tA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-06-04T11:55:02Z", + "mac": "ENC[AES256_GCM,data:UIBaD/3mACgFzkajkFXz3oKai8IxpYQriR2t0mc5fL92P5ECloxCobY386TDZYOEVrDJ45Bw+IzqZbsCx/G9f1xCCTR2JvqygxYIsK3TpQPsboJzb9Cz3dBNBCXGboVykcg/NobEMaJBw1xtdAQBhuo8S7ymIuOPtGz0vPFJkf8=,iv:g0YAOBsRpgAOikKDMJDyOtcVx+0QwetfA8R6wQFH7lY=,tag:sfdFLjtiqFHdP/Qe1suBBQ==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/users/admin b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/key/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/pubkey/value b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/pubkey/value new file mode 100644 index 000000000..27bc22556 --- /dev/null +++ b/clanServices/mycelium/tests/vm/vars/per-machine/server/mycelium/pubkey/value @@ -0,0 +1 @@ +2125c6b039374467eaa3eaf552bd3e97f434d16006433cfbba3e6823c958b728