diff --git a/clanServices/admin/flake-module.nix b/clanServices/admin/flake-module.nix index 154d41e43..bedd498e3 100644 --- a/clanServices/admin/flake-module.nix +++ b/clanServices/admin/flake-module.nix @@ -1,17 +1,18 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - admin = lib.modules.importApply ./default.nix { }; + admin = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - admin = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.admin = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/admin" = module; }; }; } diff --git a/clanServices/admin/tests/vm/default.nix b/clanServices/admin/tests/vm/default.nix index 1cff69cff..1e8233cc2 100644 --- a/clanServices/admin/tests/vm/default.nix +++ b/clanServices/admin/tests/vm/default.nix @@ -1,62 +1,45 @@ -{ - pkgs, - nixosLib, - clan-core, - ... -}: - let public-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII6zj7ubTg6z/aDwRNwvM/WlQdUocMprQ8E92NWxl6t+ test@test"; in -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; +{ + name = "admin"; - hostPkgs = pkgs; + clan = { + directory = ./.; + inventory = { - name = "admin"; + machines.client = { }; + machines.server = { }; - clan = { - directory = ./.; - modules."@clan/admin" = ../../default.nix; - inventory = { - - machines.client = { }; - machines.server = { }; - - instances = { - ssh-test-one = { - module.name = "@clan/admin"; - roles.default.machines."server".settings = { - allowedKeys.testkey = public-key; - }; + instances = { + ssh-test-one = { + module.name = "@clan/admin"; + roles.default.machines."server".settings = { + allowedKeys.testkey = public-key; }; }; }; }; + }; - nodes = { - client.environment.etc.private-test-key.source = ./private-test-key; + nodes = { + client.environment.etc.private-test-key.source = ./private-test-key; - server = { - services.openssh.enable = true; - }; + server = { + services.openssh.enable = true; }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - machines = [client, server] - for m in machines: - m.systemctl("start network-online.target") + machines = [client, server] + for m in machines: + m.systemctl("start network-online.target") - for m in machines: - m.wait_for_unit("network-online.target") + for m in machines: + m.wait_for_unit("network-online.target") - client.succeed(f"ssh -F /dev/null -i /etc/private-test-key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o BatchMode=yes root@server true &>/dev/null") - ''; - } -) + client.succeed(f"ssh -F /dev/null -i /etc/private-test-key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o BatchMode=yes root@server true &>/dev/null") + ''; +} diff --git a/clanServices/borgbackup/flake-module.nix b/clanServices/borgbackup/flake-module.nix index 92c4fc46b..78066d14d 100644 --- a/clanServices/borgbackup/flake-module.nix +++ b/clanServices/borgbackup/flake-module.nix @@ -1,17 +1,18 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - borgbackup = lib.modules.importApply ./default.nix { }; + borgbackup = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - borgbackup = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.borgbackup = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/borgbackup" = module; }; }; } diff --git a/clanServices/borgbackup/tests/vm/default.nix b/clanServices/borgbackup/tests/vm/default.nix index d8ed40e7b..3b703066c 100644 --- a/clanServices/borgbackup/tests/vm/default.nix +++ b/clanServices/borgbackup/tests/vm/default.nix @@ -1,118 +1,112 @@ { + module, pkgs, - nixosLib, - clan-core, ... }: -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; +{ + name = "borgbackup"; - hostPkgs = pkgs; + clan = { + directory = ./.; + test.useContainers = true; + inventory = { - name = "borgbackup"; + machines.clientone = { }; + machines.serverone = { }; - clan = { - directory = ./.; - test.useContainers = true; - modules."@clan/borgbackup" = ../../default.nix; - inventory = { + instances = { + borgone = { - machines.clientone = { }; - machines.serverone = { }; + module.name = "@clan/borgbackup"; - instances = { - borgone = { - - module.name = "@clan/borgbackup"; - - roles.client.machines."clientone" = { }; - roles.server.machines."serverone".settings.directory = "/tmp/borg-test"; - }; + roles.client.machines."clientone" = { }; + roles.server.machines."serverone".settings.directory = "/tmp/borg-test"; }; }; }; + }; - nodes = { + nodes = { + + serverone = { + services.openssh.enable = true; + # Needed so PAM doesn't see the user as locked + users.users.borg.password = "borg"; + }; + + clientone = + { + config, + pkgs, + clan-core, + ... + }: + let + dependencies = [ + clan-core + pkgs.stdenv.drvPath + ] ++ builtins.map (i: i.outPath) (builtins.attrValues clan-core.inputs); + closureInfo = pkgs.closureInfo { rootPaths = dependencies; }; + + in + { - serverone = { services.openssh.enable = true; - # Needed so PAM doesn't see the user as locked - users.users.borg.password = "borg"; + + users.users.root.openssh.authorizedKeys.keyFiles = [ ../../../../checks/assets/ssh/pubkey ]; + + clan.core.networking.targetHost = config.networking.hostName; + + environment.systemPackages = [ clan-core.packages.${pkgs.system}.clan-cli ]; + + environment.etc.install-closure.source = "${closureInfo}/store-paths"; + nix.settings = { + substituters = pkgs.lib.mkForce [ ]; + hashed-mirrors = null; + connect-timeout = pkgs.lib.mkForce 3; + flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}''; + }; + system.extraDependencies = dependencies; + + clan.core.state.test-backups.folders = [ "/var/test-backups" ]; }; - clientone = - { config, pkgs, ... }: - let - dependencies = [ - clan-core - pkgs.stdenv.drvPath - ] ++ builtins.map (i: i.outPath) (builtins.attrValues clan-core.inputs); - closureInfo = pkgs.closureInfo { rootPaths = dependencies; }; + }; - in - { + testScript = '' + import json + start_all() - services.openssh.enable = true; + machines = [clientone, serverone] - users.users.root.openssh.authorizedKeys.keyFiles = [ ../../../../checks/assets/ssh/pubkey ]; + for m in machines: + m.systemctl("start network-online.target") - clan.core.networking.targetHost = config.networking.hostName; + for m in machines: + m.wait_for_unit("network-online.target") - environment.systemPackages = [ clan-core.packages.${pkgs.system}.clan-cli ]; + # dummy data + clientone.succeed("mkdir -p /var/test-backups /var/test-service") + clientone.succeed("echo testing > /var/test-backups/somefile") - environment.etc.install-closure.source = "${closureInfo}/store-paths"; - nix.settings = { - substituters = pkgs.lib.mkForce [ ]; - hashed-mirrors = null; - connect-timeout = pkgs.lib.mkForce 3; - flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}''; - }; - system.extraDependencies = dependencies; + clientone.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../../../../checks/assets/ssh/privkey} /root/.ssh/id_ed25519") + clientone.succeed("${pkgs.coreutils}/bin/touch /root/.ssh/known_hosts") + clientone.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new localhost hostname") + clientone.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new $(hostname) hostname") - clan.core.state.test-backups.folders = [ "/var/test-backups" ]; - }; + # create + clientone.succeed("borgbackup-create >&2") + clientone.wait_until_succeeds("! systemctl is-active borgbackup-job-serverone >&2") - }; + # list + backup_id = json.loads(clientone.succeed("borg-job-serverone list --json"))["archives"][0]["archive"] + out = clientone.succeed("borgbackup-list").strip() + print(out) + assert backup_id in out, f"backup {backup_id} not found in {out}" - testScript = '' - import json - start_all() - - machines = [clientone, serverone] - - for m in machines: - m.systemctl("start network-online.target") - - for m in machines: - m.wait_for_unit("network-online.target") - - # dummy data - clientone.succeed("mkdir -p /var/test-backups /var/test-service") - clientone.succeed("echo testing > /var/test-backups/somefile") - - clientone.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../../../../checks/assets/ssh/privkey} /root/.ssh/id_ed25519") - clientone.succeed("${pkgs.coreutils}/bin/touch /root/.ssh/known_hosts") - clientone.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new localhost hostname") - clientone.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new $(hostname) hostname") - - # create - clientone.succeed("borgbackup-create >&2") - clientone.wait_until_succeeds("! systemctl is-active borgbackup-job-serverone >&2") - - # list - backup_id = json.loads(clientone.succeed("borg-job-serverone list --json"))["archives"][0]["archive"] - out = clientone.succeed("borgbackup-list").strip() - print(out) - assert backup_id in out, f"backup {backup_id} not found in {out}" - - # borgbackup restore - clientone.succeed("rm -f /var/test-backups/somefile") - clientone.succeed(f"NAME='serverone::borg@serverone:.::{backup_id}' borgbackup-restore >&2") - assert clientone.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed" - ''; - } -) + # borgbackup restore + clientone.succeed("rm -f /var/test-backups/somefile") + clientone.succeed(f"NAME='serverone::borg@serverone:.::{backup_id}' borgbackup-restore >&2") + assert clientone.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed" + ''; +} diff --git a/clanServices/deltachat/flake-module.nix b/clanServices/deltachat/flake-module.nix index 0fad43bfd..c81973e0c 100644 --- a/clanServices/deltachat/flake-module.nix +++ b/clanServices/deltachat/flake-module.nix @@ -1,17 +1,18 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - deltachat = lib.modules.importApply ./default.nix { }; + deltachat = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - deltachat = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.deltachat = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/deltachat" = module; }; }; } diff --git a/clanServices/deltachat/tests/vm/default.nix b/clanServices/deltachat/tests/vm/default.nix index 7b25c41f4..b763adf68 100644 --- a/clanServices/deltachat/tests/vm/default.nix +++ b/clanServices/deltachat/tests/vm/default.nix @@ -1,50 +1,39 @@ { + module, pkgs, - nixosLib, - clan-core, ... }: -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; +{ + name = "deltachat"; - hostPkgs = pkgs; + clan = { + directory = ./.; + inventory = { + machines.server = { }; - name = "deltachat"; - - clan = { - directory = ./.; - modules."@clan/deltachat" = ../../default.nix; - inventory = { - machines.server = { }; - - instances = { - deltachat-test = { - module.name = "@clan/deltachat"; - roles.default.machines."server".settings = { }; - }; + instances = { + deltachat-test = { + module.name = "@clan/deltachat"; + roles.default.machines."server".settings = { }; }; }; }; + }; - nodes = { - server = { }; - }; + nodes = { + server = { }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - server.wait_for_unit("maddy") + server.wait_for_unit("maddy") - # imap - server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 143") - # smtp submission - server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 587") - # smtp - server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 25") - ''; - } -) + # imap + server.wait_until_succeeds("${pkgs.netcat}/bin/nc -z -v ::1 143") + # smtp submission + server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 587") + # smtp + server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 25") + ''; +} diff --git a/clanServices/ergochat/flake-module.nix b/clanServices/ergochat/flake-module.nix index c0dde306a..ae9bb8d58 100644 --- a/clanServices/ergochat/flake-module.nix +++ b/clanServices/ergochat/flake-module.nix @@ -1,17 +1,18 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - ergochat = lib.modules.importApply ./default.nix { }; + ergochat = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - ergochat = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.ergochat = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/ergochat" = module; }; }; } diff --git a/clanServices/ergochat/tests/vm/default.nix b/clanServices/ergochat/tests/vm/default.nix index f474bd40e..405756b69 100644 --- a/clanServices/ergochat/tests/vm/default.nix +++ b/clanServices/ergochat/tests/vm/default.nix @@ -1,51 +1,41 @@ { + module, pkgs, - nixosLib, - clan-core, ... }: -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; +{ + name = "ergochat"; - hostPkgs = pkgs; - name = "ergochat"; + clan = { + directory = ./.; + inventory = { + machines.server = { }; - clan = { - directory = ./.; - modules."@clan/ergochat" = ../../default.nix; - inventory = { - machines.server = { }; - - instances = { - ergochat-test = { - module.name = "@clan/ergochat"; - roles.default.machines."server".settings = { }; - }; + instances = { + ergochat-test = { + module.name = "@clan/ergochat"; + roles.default.machines."server".settings = { }; }; }; }; + }; - nodes = { - server = { }; - }; + nodes = { + server = { }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - server.wait_for_unit("ergochat") + server.wait_for_unit("ergochat") - # Check that ergochat is running - server.succeed("systemctl status ergochat") + # Check that ergochat is running + server.succeed("systemctl status ergochat") - # Check that the data directory exists - server.succeed("test -d /var/lib/ergo") + # Check that the data directory exists + server.succeed("test -d /var/lib/ergo") - # Check that the server is listening on the correct ports - server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 6667") - ''; - } -) + # Check that the server is listening on the correct ports + server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 6667") + ''; +} diff --git a/clanServices/garage/flake-module.nix b/clanServices/garage/flake-module.nix index 515018419..21c34d0de 100644 --- a/clanServices/garage/flake-module.nix +++ b/clanServices/garage/flake-module.nix @@ -1,18 +1,19 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - garage = lib.modules.importApply ./default.nix { }; + garage = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - garage = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.garage = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/garage" = module; }; }; } diff --git a/clanServices/garage/tests/vm/default.nix b/clanServices/garage/tests/vm/default.nix index 7df983a19..deeca4ca7 100644 --- a/clanServices/garage/tests/vm/default.nix +++ b/clanServices/garage/tests/vm/default.nix @@ -1,87 +1,76 @@ { + module, pkgs, - nixosLib, - clan-core, ... }: -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; +{ + name = "garage"; - hostPkgs = pkgs; + clan = { + directory = ./.; + inventory = { + machines.server = { }; - name = "garage"; + instances = { + garage-test = { + module.name = "@clan/garage"; + roles.default.machines."server".settings = { }; + }; + }; + }; + }; - clan = { - directory = ./.; - modules."@clan/garage" = ../../default.nix; - inventory = { - machines.server = { }; + nodes = { + server = { + services.garage = { + enable = true; + package = pkgs.garage; + settings = { - instances = { - garage-test = { - module.name = "@clan/garage"; - roles.default.machines."server".settings = { }; + metadata_dir = "/var/lib/garage/meta"; + data_dir = "/var/lib/garage/data"; + db_engine = "sqlite"; + + replication_factor = 1; + + rpc_bind_addr = "127.0.0.1:3901"; + + s3_api = { + api_bind_addr = "127.0.0.1:3900"; + s3_region = "garage"; + root_domain = ".s3.garage"; + }; + + s3_web = { + bind_addr = "127.0.0.1:3902"; + root_domain = ".web.garage"; + }; + + admin = { + api_bind_addr = "127.0.0.1:3903"; }; }; }; }; + }; - nodes = { - server = { - services.garage = { - enable = true; - package = pkgs.garage; - settings = { + testScript = '' + start_all() - metadata_dir = "/var/lib/garage/meta"; - data_dir = "/var/lib/garage/data"; - db_engine = "sqlite"; + server.wait_for_unit("network-online.target") + server.wait_for_unit("garage") - replication_factor = 1; + # Check that garage is running + server.succeed("systemctl status garage") - rpc_bind_addr = "127.0.0.1:3901"; + # Check that the data directories exist + server.succeed("test -d /var/lib/garage/meta") + server.succeed("test -d /var/lib/garage/data") - s3_api = { - api_bind_addr = "127.0.0.1:3900"; - s3_region = "garage"; - root_domain = ".s3.garage"; - }; - - s3_web = { - bind_addr = "127.0.0.1:3902"; - root_domain = ".web.garage"; - }; - - admin = { - api_bind_addr = "127.0.0.1:3903"; - }; - }; - }; - }; - }; - - testScript = '' - start_all() - - server.wait_for_unit("network-online.target") - server.wait_for_unit("garage") - - # Check that garage is running - server.succeed("systemctl status garage") - - # Check that the data directories exist - server.succeed("test -d /var/lib/garage/meta") - server.succeed("test -d /var/lib/garage/data") - - # Check that the ports are open to confirm that garage is running - server.wait_until_succeeds("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3901") - server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3900") - server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3902") - server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3903") - ''; - } -) + # Check that the ports are open to confirm that garage is running + server.wait_until_succeeds("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3901") + server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3900") + server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3902") + server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3903") + ''; +} diff --git a/clanServices/heisenbridge/flake-module.nix b/clanServices/heisenbridge/flake-module.nix index a262b7672..e45df32b0 100644 --- a/clanServices/heisenbridge/flake-module.nix +++ b/clanServices/heisenbridge/flake-module.nix @@ -1,17 +1,18 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - heisenbridge = lib.modules.importApply ./default.nix { }; + heisenbridge = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - heisenbridge = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.heisenbridge = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/heisenbridge" = module; }; }; } diff --git a/clanServices/heisenbridge/tests/vm/default.nix b/clanServices/heisenbridge/tests/vm/default.nix index 32046f93c..e9234706f 100644 --- a/clanServices/heisenbridge/tests/vm/default.nix +++ b/clanServices/heisenbridge/tests/vm/default.nix @@ -1,65 +1,53 @@ { + module, pkgs, - nixosLib, - clan-core, ... }: +{ + name = "heisenbridge"; -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; + clan = { + directory = ./.; + inventory = { + machines.server = { }; - hostPkgs = pkgs; - - name = "heisenbridge"; - - clan = { - directory = ./.; - modules."@clan/heisenbridge" = ../../default.nix; - inventory = { - machines.server = { }; - - instances = { - heisenbridge-test = { - module.name = "@clan/heisenbridge"; - roles.default.machines."server".settings = { - homeserver = "http://127.0.0.1:8008"; - }; + instances = { + heisenbridge-test = { + module.name = "@clan/heisenbridge"; + roles.default.machines."server".settings = { + homeserver = "http://127.0.0.1:8008"; }; }; }; }; + }; - nodes = { - server = { - # Setup a minimal matrix-synapse to test with - services.matrix-synapse = { - enable = true; - settings.server_name = "example.com"; - settings.database = { - name = "sqlite3"; - }; + nodes = { + server = { + # Setup a minimal matrix-synapse to test with + services.matrix-synapse = { + enable = true; + settings.server_name = "example.com"; + settings.database = { + name = "sqlite3"; }; }; }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - server.wait_for_unit("matrix-synapse") - server.wait_for_unit("heisenbridge") + server.wait_for_unit("matrix-synapse") + server.wait_for_unit("heisenbridge") - # Check that heisenbridge is running - server.succeed("systemctl status heisenbridge") + # Check that heisenbridge is running + server.succeed("systemctl status heisenbridge") - # Wait for the bridge to initialize - server.wait_until_succeeds("journalctl -u heisenbridge | grep -q 'bridge is now running'") + # Wait for the bridge to initialize + server.wait_until_succeeds("journalctl -u heisenbridge | grep -q 'bridge is now running'") - # Check that heisenbridge is listening on the default port - server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 9898") - ''; - } -) + # Check that heisenbridge is listening on the default port + server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 9898") + ''; +} diff --git a/clanServices/hello-world/flake-module.nix b/clanServices/hello-world/flake-module.nix index b3d8d6394..239078ec5 100644 --- a/clanServices/hello-world/flake-module.nix +++ b/clanServices/hello-world/flake-module.nix @@ -14,7 +14,7 @@ in hello-world = module; }; perSystem = - { pkgs, ... }: + { ... }: let # Module that contains the tests # This module adds: @@ -41,15 +41,10 @@ in 2. To run the test nix build .#checks.x86_64-linux.hello-service */ - checks = - # Currently we don't support nixos-integration tests on darwin - lib.optionalAttrs (pkgs.stdenv.isLinux) { - hello-service = import ./tests/vm/default.nix { - inherit module; - inherit self inputs pkgs; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - clan-core = self; - }; - }; + clan.nixosTests.hello-service = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules.hello-service = module; + }; }; } diff --git a/clanServices/hello-world/tests/vm/default.nix b/clanServices/hello-world/tests/vm/default.nix index bddf8a808..8fb4f7b3f 100644 --- a/clanServices/hello-world/tests/vm/default.nix +++ b/clanServices/hello-world/tests/vm/default.nix @@ -1,44 +1,29 @@ { - pkgs, - nixosLib, - clan-core, module, ... }: -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; +{ + name = "hello-service"; - hostPkgs = pkgs; + clan = { + directory = ./.; + inventory = { + machines.peer1 = { }; - name = "hello-service"; - - clan = { - directory = ./.; - modules = { - hello-service = module; - }; - inventory = { - machines.peer1 = { }; - - instances."test" = { - module.name = "hello-service"; - roles.peer.machines.peer1 = { }; - }; + instances."test" = { + module.name = "hello-service"; + roles.peer.machines.peer1 = { }; }; }; + }; - testScript = - { nodes, ... }: - '' - start_all() + testScript = + { nodes, ... }: + '' + start_all() - # peer1 should have the 'hello' file - value = peer1.succeed("cat ${nodes.peer1.clan.core.vars.generators.hello.files.hello.path}") - assert value.strip() == "Hello world from peer1", value - ''; - } -) + # peer1 should have the 'hello' file + value = peer1.succeed("cat ${nodes.peer1.clan.core.vars.generators.hello.files.hello.path}") + assert value.strip() == "Hello world from peer1", value + ''; +} diff --git a/clanServices/localsend/flake-module.nix b/clanServices/localsend/flake-module.nix index 71cd5752d..330a9e9ed 100644 --- a/clanServices/localsend/flake-module.nix +++ b/clanServices/localsend/flake-module.nix @@ -1,18 +1,19 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - localsend = lib.modules.importApply ./default.nix { }; + localsend = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - localsend = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.localsend = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/localsend" = module; }; }; } diff --git a/clanServices/localsend/tests/vm/default.nix b/clanServices/localsend/tests/vm/default.nix index f9de82499..466e436ec 100644 --- a/clanServices/localsend/tests/vm/default.nix +++ b/clanServices/localsend/tests/vm/default.nix @@ -1,51 +1,38 @@ { - pkgs, - nixosLib, - clan-core, + module, ... }: +{ + name = "localsend"; -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; + clan = { + directory = ./.; + inventory = { + machines.server = { }; - hostPkgs = pkgs; - - name = "localsend"; - - clan = { - directory = ./.; - modules."@clan/localsend" = ../../default.nix; - inventory = { - machines.server = { }; - - instances = { - localsend-test = { - module.name = "@clan/localsend"; - roles.default.machines."server".settings = { - displayName = "Test Instance"; - ipv4Addr = "192.168.56.2/24"; - }; + instances = { + localsend-test = { + module.name = "@clan/localsend"; + roles.default.machines."server".settings = { + displayName = "Test Instance"; + ipv4Addr = "192.168.56.2/24"; }; }; }; }; + }; - nodes = { - server = { }; - }; + nodes = { + server = { }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - # Check that the localsend wrapper script is available - server.succeed("command -v localsend") + # Check that the localsend wrapper script is available + server.succeed("command -v localsend") - # Verify the 09-zerotier network is configured with the specified IP address - server.succeed("grep -q 'Address=192.168.56.2/24' /etc/systemd/network/09-zerotier.network") - ''; - } -) + # Verify the 09-zerotier network is configured with the specified IP address + server.succeed("grep -q 'Address=192.168.56.2/24' /etc/systemd/network/09-zerotier.network") + ''; +} diff --git a/clanServices/mycelium/flake-module.nix b/clanServices/mycelium/flake-module.nix index a95c8a106..0c475d590 100644 --- a/clanServices/mycelium/flake-module.nix +++ b/clanServices/mycelium/flake-module.nix @@ -1,17 +1,18 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - mycelium = lib.modules.importApply ./default.nix { }; + mycelium = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - mycelium = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.mycelium = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/mycelium" = module; }; }; } diff --git a/clanServices/mycelium/tests/vm/default.nix b/clanServices/mycelium/tests/vm/default.nix index 223e428eb..a69da9c05 100644 --- a/clanServices/mycelium/tests/vm/default.nix +++ b/clanServices/mycelium/tests/vm/default.nix @@ -1,53 +1,42 @@ { + module, pkgs, - nixosLib, - clan-core, ... }: -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; +{ + name = "mycelium"; - hostPkgs = pkgs; + clan = { - name = "mycelium"; + test.useContainers = false; + directory = ./.; + inventory = { + machines.server = { }; - clan = { - - test.useContainers = false; - directory = ./.; - modules."@clan/mycelium" = ../../default.nix; - inventory = { - machines.server = { }; - - instances = { - mycelium-test = { - module.name = "@clan/mycelium"; - roles.peer.machines."server".settings = { - openFirewall = true; - addHostedPublicNodes = true; - }; + instances = { + mycelium-test = { + module.name = "@clan/mycelium"; + roles.peer.machines."server".settings = { + openFirewall = true; + addHostedPublicNodes = true; }; }; }; }; + }; - nodes = { - server = { }; - }; + nodes = { + server = { }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - # Check that mycelium service is running - server.wait_for_unit("mycelium") - server.succeed("systemctl status mycelium") + # Check that mycelium service is running + server.wait_for_unit("mycelium") + server.succeed("systemctl status mycelium") - # Check that mycelium is listening on its default port - server.wait_until_succeeds("${pkgs.iproute2}/bin/ss -tulpn | grep -q 'mycelium'", 10) - ''; - } -) + # Check that mycelium is listening on its default port + server.wait_until_succeeds("${pkgs.iproute2}/bin/ss -tulpn | grep -q 'mycelium'", 10) + ''; +} diff --git a/clanServices/packages/flake-module.nix b/clanServices/packages/flake-module.nix index b27fc1621..f03bc2b6f 100644 --- a/clanServices/packages/flake-module.nix +++ b/clanServices/packages/flake-module.nix @@ -1,18 +1,19 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - packages = lib.modules.importApply ./default.nix { }; + packages = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - packages = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.packages = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/packages" = module; }; }; diff --git a/clanServices/packages/tests/vm/default.nix b/clanServices/packages/tests/vm/default.nix index 3448b2376..b33b3466b 100644 --- a/clanServices/packages/tests/vm/default.nix +++ b/clanServices/packages/tests/vm/default.nix @@ -1,41 +1,28 @@ { - pkgs, - nixosLib, - clan-core, + module, ... }: +{ + name = "packages"; -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; + clan = { + directory = ./.; + inventory = { + machines.server = { }; - hostPkgs = pkgs; - - name = "packages"; - - clan = { - directory = ./.; - modules."@clan/packages" = ../../default.nix; - inventory = { - machines.server = { }; - - instances.default = { - module.name = "@clan/packages"; - roles.default.machines."server".settings = { - packages = [ "cbonsai" ]; - }; + instances.default = { + module.name = "@clan/packages"; + roles.default.machines."server".settings = { + packages = [ "cbonsai" ]; }; }; }; + }; - nodes.server = { }; + nodes.server = { }; - testScript = '' - start_all() - server.succeed("cbonsai") - ''; - } -) + testScript = '' + start_all() + server.succeed("cbonsai") + ''; +} diff --git a/clanServices/sshd/flake-module.nix b/clanServices/sshd/flake-module.nix index 0c44a0fbc..f1a981541 100644 --- a/clanServices/sshd/flake-module.nix +++ b/clanServices/sshd/flake-module.nix @@ -1,18 +1,19 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { clan.modules = { - sshd = lib.modules.importApply ./default.nix { }; + sshd = module; }; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - sshd = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.sshd = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/sshd" = module; }; }; diff --git a/clanServices/sshd/tests/vm/default.nix b/clanServices/sshd/tests/vm/default.nix index ec097780e..498eaa59c 100644 --- a/clanServices/sshd/tests/vm/default.nix +++ b/clanServices/sshd/tests/vm/default.nix @@ -1,62 +1,50 @@ { + module, pkgs, - nixosLib, - clan-core, ... }: +{ + name = "sshd"; -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; + clan = { + directory = ./.; + inventory = { + machines.server = { }; + machines.client = { }; - hostPkgs = pkgs; - - name = "sshd"; - - clan = { - directory = ./.; - modules."@clan/sshd" = ../../default.nix; - inventory = { - machines.server = { }; - machines.client = { }; - - instances = { - sshd-test = { - module.name = "@clan/sshd"; - roles.server.machines."server".settings = { - certificate.searchDomains = [ "example.com" ]; - hostKeys.rsa.enable = true; - }; - roles.client.machines."client".settings = { - certificate.searchDomains = [ "example.com" ]; - }; + instances = { + sshd-test = { + module.name = "@clan/sshd"; + roles.server.machines."server".settings = { + certificate.searchDomains = [ "example.com" ]; + hostKeys.rsa.enable = true; + }; + roles.client.machines."client".settings = { + certificate.searchDomains = [ "example.com" ]; }; }; }; }; + }; - nodes = { - server = { }; - client = { }; - }; + nodes = { + server = { }; + client = { }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - # Check that sshd port is open on the server - server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 22") + # Check that sshd port is open on the server + server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 22") - # Check that /etc/ssh/ssh_known_hosts contains the required CA string on the server - server.succeed("grep '^@cert-authority ssh-ca,\*.example.com ssh-ed25519 ' /etc/ssh/ssh_known_hosts") + # Check that /etc/ssh/ssh_known_hosts contains the required CA string on the server + server.succeed("grep '^@cert-authority ssh-ca,\*.example.com ssh-ed25519 ' /etc/ssh/ssh_known_hosts") - # Check that server contains a line starting with 'localhost,server ssh-ed25519' - server.succeed("grep '^localhost,server ssh-ed25519 ' /etc/ssh/ssh_known_hosts") + # Check that server contains a line starting with 'localhost,server ssh-ed25519' + server.succeed("grep '^localhost,server ssh-ed25519 ' /etc/ssh/ssh_known_hosts") - # Check that /etc/ssh/ssh_known_hosts contains the required CA string on the client - client.succeed("grep '^.cert-authority ssh-ca.*example.com ssh-ed25519 ' /etc/ssh/ssh_known_hosts") - ''; - } -) + # Check that /etc/ssh/ssh_known_hosts contains the required CA string on the client + client.succeed("grep '^.cert-authority ssh-ca.*example.com ssh-ed25519 ' /etc/ssh/ssh_known_hosts") + ''; +} diff --git a/clanServices/state-version/flake-module.nix b/clanServices/state-version/flake-module.nix index 4f848476b..c4ff9d633 100644 --- a/clanServices/state-version/flake-module.nix +++ b/clanServices/state-version/flake-module.nix @@ -1,19 +1,16 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { - clan.modules = { - state-version = lib.modules.importApply ./default.nix { }; - }; - + clan.modules.state-version = module; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - state-version = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.state-version = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/state-version" = module; }; }; - } diff --git a/clanServices/state-version/tests/vm/default.nix b/clanServices/state-version/tests/vm/default.nix index 15497fee2..9ad1774a4 100644 --- a/clanServices/state-version/tests/vm/default.nix +++ b/clanServices/state-version/tests/vm/default.nix @@ -1,37 +1,20 @@ { - pkgs, - nixosLib, - clan-core, - ... -}: + name = "state-version"; -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; - - hostPkgs = pkgs; - - name = "state-version"; - - clan = { - directory = ./.; - modules."@clan/state-version" = ../../default.nix; - inventory = { - machines.server = { }; - instances.default = { - module.name = "@clan/state-version"; - roles.default.machines."server" = { }; - }; + clan = { + directory = ./.; + inventory = { + machines.server = { }; + instances.default = { + module.name = "@clan/state-version"; + roles.default.machines."server" = { }; }; }; + }; - nodes.server = { }; + nodes.server = { }; - testScript = '' - start_all() - ''; - } -) + testScript = '' + start_all() + ''; +} diff --git a/clanServices/trusted-nix-caches/flake-module.nix b/clanServices/trusted-nix-caches/flake-module.nix index 81c2dc33c..a1cb3ca60 100644 --- a/clanServices/trusted-nix-caches/flake-module.nix +++ b/clanServices/trusted-nix-caches/flake-module.nix @@ -1,17 +1,16 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { - clan.modules = { - trusted-nix-caches = lib.modules.importApply ./default.nix { }; - }; + clan.modules.trusted-nix-caches = module; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - trusted-nix-caches = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.trusted-nix-caches = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/trusted-nix-caches" = module; }; }; } diff --git a/clanServices/trusted-nix-caches/tests/vm/default.nix b/clanServices/trusted-nix-caches/tests/vm/default.nix index df7245aed..97adbfd60 100644 --- a/clanServices/trusted-nix-caches/tests/vm/default.nix +++ b/clanServices/trusted-nix-caches/tests/vm/default.nix @@ -1,40 +1,24 @@ { - pkgs, - nixosLib, - clan-core, - ... -}: -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; + name = "trusted-nix-caches"; - hostPkgs = pkgs; + clan = { + directory = ./.; + inventory = { + machines.server = { }; - name = "trusted-nix-caches"; - - clan = { - directory = ./.; - modules."@clan/trusted-nix-caches" = ../../default.nix; - inventory = { - machines.server = { }; - - instances = { - trusted-nix-caches = { - module.name = "@clan/trusted-nix-caches"; - roles.default.machines."server" = { }; - }; + instances = { + trusted-nix-caches = { + module.name = "@clan/trusted-nix-caches"; + roles.default.machines."server" = { }; }; }; }; + }; - nodes.server = { }; + nodes.server = { }; - testScript = '' - start_all() - server.succeed("grep -q 'cache.clan.lol' /etc/nix/nix.conf") - ''; - } -) + testScript = '' + start_all() + server.succeed("grep -q 'cache.clan.lol' /etc/nix/nix.conf") + ''; +} diff --git a/clanServices/users/flake-module.nix b/clanServices/users/flake-module.nix index 04f431028..adf40791d 100644 --- a/clanServices/users/flake-module.nix +++ b/clanServices/users/flake-module.nix @@ -1,18 +1,16 @@ -{ lib, self, ... }: +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in { - clan.modules = { - users = lib.modules.importApply ./default.nix { }; - }; + clan.modules.users = module; perSystem = - { pkgs, ... }: + { ... }: { - checks = lib.optionalAttrs (pkgs.stdenv.isLinux) { - users = import ./tests/vm/default.nix { - inherit pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; + clan.nixosTests.users = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/users" = module; }; }; - } diff --git a/clanServices/users/tests/vm/default.nix b/clanServices/users/tests/vm/default.nix index 4be9f8c73..002fe6946 100644 --- a/clanServices/users/tests/vm/default.nix +++ b/clanServices/users/tests/vm/default.nix @@ -1,67 +1,50 @@ { - pkgs, - nixosLib, - clan-core, - ... -}: + name = "users"; -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; + clan = { + directory = ./.; + inventory = { + machines.server = { }; - hostPkgs = pkgs; - - name = "users"; - - clan = { - directory = ./.; - modules."@clan/users" = ../../default.nix; - inventory = { - machines.server = { }; - - instances = { - root-password-test = { - module.name = "@clan/users"; - roles.default.machines."server".settings = { - user = "root"; - prompt = false; - }; + instances = { + root-password-test = { + module.name = "@clan/users"; + roles.default.machines."server".settings = { + user = "root"; + prompt = false; }; - user-password-test = { - module.name = "@clan/users"; - roles.default.machines."server".settings = { - user = "testuser"; - prompt = false; - }; + }; + user-password-test = { + module.name = "@clan/users"; + roles.default.machines."server".settings = { + user = "testuser"; + prompt = false; }; }; }; }; + }; - nodes = { - server = { - users.users.testuser.group = "testuser"; - users.groups.testuser = { }; - users.users.testuser.isNormalUser = true; - }; + nodes = { + server = { + users.users.testuser.group = "testuser"; + users.groups.testuser = { }; + users.users.testuser.isNormalUser = true; }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - server.wait_for_unit("multi-user.target") + server.wait_for_unit("multi-user.target") - # Check that the testuser account exists - server.succeed("id testuser") + # Check that the testuser account exists + server.succeed("id testuser") - # Try to log in as the user using the generated password - # TODO: fix - # password = server.succeed("cat /run/clan/vars/user-password/user-password").strip() - # server.succeed(f"echo '{password}' | su - testuser -c 'echo Login successful'") + # Try to log in as the user using the generated password + # TODO: fix + # password = server.succeed("cat /run/clan/vars/user-password/user-password").strip() + # server.succeed(f"echo '{password}' | su - testuser -c 'echo Login successful'") - ''; - } -) + ''; +} diff --git a/clanServices/wifi/flake-module.nix b/clanServices/wifi/flake-module.nix index 525b9a2e7..a2b885bcd 100644 --- a/clanServices/wifi/flake-module.nix +++ b/clanServices/wifi/flake-module.nix @@ -1,6 +1,5 @@ { self, - inputs, lib, ... }: @@ -10,28 +9,14 @@ let }; in { - clan.modules = { - wifi = module; - }; + clan.modules.wifi = module; perSystem = - { pkgs, ... }: + { ... }: { - /** - 1. Prepare the test vars - nix run .#generate-test-vars -- clanServices/hello-world/tests/vm hello-service + clan.nixosTests.wifi = { + imports = [ ./tests/vm/default.nix ]; - 2. To run the test - nix build .#checks.x86_64-linux.hello-service - */ - checks = - # Currently we don't support nixos-integration tests on darwin - lib.optionalAttrs (pkgs.stdenv.isLinux) { - wifi-service = import ./tests/vm/default.nix { - inherit module; - inherit inputs pkgs; - clan-core = self; - nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - }; - }; + clan.modules."@clan/wifi" = module; + }; }; } diff --git a/clanServices/wifi/tests/vm/default.nix b/clanServices/wifi/tests/vm/default.nix index dec7743e0..8d257c9a6 100644 --- a/clanServices/wifi/tests/vm/default.nix +++ b/clanServices/wifi/tests/vm/default.nix @@ -1,46 +1,29 @@ { - pkgs, - nixosLib, - clan-core, - module, - ... -}: -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; + name = "wifi"; - hostPkgs = pkgs; + clan = { + directory = ./.; + test.useContainers = false; + inventory = { - name = "wifi-service"; + machines.test = { }; - clan = { - directory = ./.; - test.useContainers = false; - modules."@clan/wifi" = module; - inventory = { + instances = { + wg-test-one = { + module.name = "@clan/wifi"; - machines.test = { }; - - instances = { - wg-test-one = { - module.name = "@clan/wifi"; - - roles.default.machines = { - test.settings.networks.one = { }; - }; + roles.default.machines = { + test.settings.networks.one = { }; }; }; }; }; + }; - testScript = '' - start_all() - test.wait_for_unit("NetworkManager.service") - psk = test.succeed("cat /run/NetworkManager/system-connections/one.nmconnection") - assert "password-eins" in psk, "Password is incorrect" - ''; - } -) + testScript = '' + start_all() + test.wait_for_unit("NetworkManager.service") + psk = test.succeed("cat /run/NetworkManager/system-connections/one.nmconnection") + assert "password-eins" in psk, "Password is incorrect" + ''; +} diff --git a/clanServices/zerotier/flake-module.nix b/clanServices/zerotier/flake-module.nix index 4aaa0ab3d..e1f691fcd 100644 --- a/clanServices/zerotier/flake-module.nix +++ b/clanServices/zerotier/flake-module.nix @@ -8,9 +8,7 @@ let module = lib.modules.importApply ./default.nix { }; in { - clan.modules = { - zerotier = module; - }; + clan.modules.zerotier = module; perSystem = { ... }: let @@ -28,11 +26,11 @@ in imports = [ unit-test-module ]; - # zerotier = import ./tests/vm/default.nix { - # inherit module; - # inherit inputs pkgs; - # clan-core = self; - # nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { }; - # }; + + clan.nixosTests.zerotier = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules.zerotier = module; + }; }; } diff --git a/clanServices/zerotier/tests/vm/default.nix b/clanServices/zerotier/tests/vm/default.nix index 52961d336..531539c7f 100644 --- a/clanServices/zerotier/tests/vm/default.nix +++ b/clanServices/zerotier/tests/vm/default.nix @@ -1,43 +1,27 @@ { - pkgs, - nixosLib, - clan-core, - module, - ... -}: -nixosLib.runTest ( - { ... }: - { - imports = [ - clan-core.modules.nixosVmTest.clanTest - ]; + name = "zerotier"; - hostPkgs = pkgs; + clan = { + directory = ./.; + inventory = { - name = "zerotier"; + machines.jon = { }; + machines.sara = { }; + machines.bam = { }; - clan = { - directory = ./.; - modules."zerotier" = module; - inventory = { + instances = { + "zerotier" = { + module.name = "zerotier"; - machines.jon = { }; - machines.sara = { }; - machines.bam = { }; - - instances = { - "zerotier" = { - module.name = "zerotier"; - - roles.peer.tags.all = { }; - roles.controller.machines.bam = { }; - }; + roles.peer.tags.all = { }; + roles.controller.machines.bam = { }; + roles.moon.machines = { }; }; }; }; + }; - # This is not an actual vm test, this is a workaround to - # generate the needed vars for the eval test. - testScript = ''''; - } -) + # This is not an actual vm test, this is a workaround to + # generate the needed vars for the eval test. + testScript = ""; +} diff --git a/clanServices/zerotier/tests/vm/sops/machines/test/key.json b/clanServices/zerotier/tests/vm/sops/machines/test/key.json deleted file mode 100755 index e8dcc2dc3..000000000 --- a/clanServices/zerotier/tests/vm/sops/machines/test/key.json +++ /dev/null @@ -1,6 +0,0 @@ -[ - { - "publickey": "age13ahclyps97532zt2sfta5zrfx976d3r2jmctj8d36vj9x5v5ffqq304fqf", - "type": "age" - } -] diff --git a/clanServices/zerotier/tests/vm/sops/secrets/test-age.key/secret b/clanServices/zerotier/tests/vm/sops/secrets/test-age.key/secret deleted file mode 100644 index 89db73364..000000000 --- a/clanServices/zerotier/tests/vm/sops/secrets/test-age.key/secret +++ /dev/null @@ -1,15 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:AGYme1x1pE7SVk6HowmIYMN3EHNaZglW97geihpDCkKqArq/zD2IHxbgo8OtXmaNws16i0R6LehWJTL21fVmnAEA9GNZQOE/Y4Q=,iv:Kc3bDcOwJmxHnnlBweUbqDE77VVFZFelEGpmpfBSct8=,tag:m4kzx3nOtexD91kisQafFw==,type:str]", - "sops": { - "age": [ - { - "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTc2Q5NTY1ejl5ODhSOXhv\nVUFrb0xvblErWEY1R0k3UXNBQk5Ja1MwaERVCmdISk1RSGFUL2FRMWlPSFdERjB6\nalltcHZLd21XOVFuaExSRUNQc1VmdjAKLS0tIGg0ZGdvbm9wbC9Jd255cHNmVWxP\nWStOQS9EQW9WQUtLZVp5SDBmM1ByaEEKzviyWc0yLbDMwk/CHhTwntrjA5LX44Wu\nNdlsQG/yfRaqRL1TKZztT9RnX0293gOEZFvoYZasEJJAIeBoZvN6VQ==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2025-05-29T13:14:51Z", - "mac": "ENC[AES256_GCM,data:uCk2e5aFHZhttLkIdvDU3KARN7PiHKLtXsqxmuLkZP903XhDTCuj1GH6S0C9UN5LftlaVjCEaqlgx68cCNwTc9bTUnhSdVVjMWy0gjxKZ1Y25YzOMlEmOAk/TZqUvnMn/cUL8KOeBnymPbAeqLm8yATjwsyx5+GrFrIVxwGQzUA=,iv:UMX2Ik0xlcljMZyBhjOpvYcsJCC5Wb6d/rgbTFb+6oM=,tag:HH05tFDzOcRrQ8TTXxrDyw==,type:str]", - "unencrypted_suffix": "_unencrypted", - "version": "3.10.2" - } -} diff --git a/clanServices/zerotier/tests/vm/sops/secrets/test-age.key/users/admin b/clanServices/zerotier/tests/vm/sops/secrets/test-age.key/users/admin deleted file mode 120000 index 9e21a9938..000000000 --- a/clanServices/zerotier/tests/vm/sops/secrets/test-age.key/users/admin +++ /dev/null @@ -1 +0,0 @@ -../../../users/admin \ No newline at end of file diff --git a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/machines/test b/clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/machines/test deleted file mode 120000 index 8adbdc900..000000000 --- a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/machines/test +++ /dev/null @@ -1 +0,0 @@ -../../../../../sops/machines/test \ No newline at end of file diff --git a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/secret b/clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/secret deleted file mode 100644 index fa59b60ac..000000000 --- a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/secret +++ /dev/null @@ -1,19 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:iNOb,iv:24+bKY5u61JYsvLHV8TIUBVmJPV1aX/BJr//c7le68o=,tag:ANCOrzvnukvqyKGf+L8gFQ==,type:str]", - "sops": { - "age": [ - { - "recipient": "age13ahclyps97532zt2sfta5zrfx976d3r2jmctj8d36vj9x5v5ffqq304fqf", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxN2EwVHN3SENVTjdjZGRi\nQmJOWlNGYmpmM1BnZnpYWGhaSlRaUVJIODFRCkhhMUhyZzVWWk53SDBwSVBVZGVY\nVUpMTm9qWTIzc3VwdGJHcUVWVzFlV0UKLS0tIDBBVXdlS1FFbzNPSnlZWWtEaDJi\nK215OWQvMVRCRUZyQjFZckJFbHBZeDQK2cqgDnGM5uIm834dbQ3bi3nQA5nPq6Bf\n0+sezXuY55GdFS6OxIgI5/KcitHzDE0WHOvklIGDCSysoXIQ3QXanA==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0NDB5SVcrU0V6akYwbDlv\na1BuSm5XbjYwN2ZkZWtIcnhBVHBTWGFxd24wCnZTVGlPRm5uZEd3QXYwdFRMS09K\nWWw5N2RJZ3d4N0VDMWZmM2lkYVM4VncKLS0tIGplTDVka1VoUVdXMU9VS3hYSlZ1\nRjZGL25hQWxHWEx3OXdQamJiNG9KaDgKk94uXPuCE/M4Hz/7hVKJPHuzQfbOQi/9\nVfR2i17Hjcq08l68Xzn+DllQEAFdts2fS96Pu4FFKfiLK7INl/fUOg==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2025-05-29T13:15:02Z", - "mac": "ENC[AES256_GCM,data:4beXC5ONY5RLChluoVkklpDnaf/KCjlUzpQkFVSp7vauQmMKeTK40xqfvY5d+64u/OKRTIdc38KQTwhZ0pYzOv1LcJOWbHrGu7XadlALKgyUqKOZy03G2O8y0IF6t/LUK8TaNFnNvNteFsfD36/+wkRaxPJe7MKXGqPhWf6RC78=,iv:FR/PQUZqL3HnyVbW+H1QlZMmgFxA5juSb88wuatIlHM=,tag:parvZw3y9ZHieZ8pmUjCZQ==,type:str]", - "unencrypted_suffix": "_unencrypted", - "version": "3.10.2" - } -} diff --git a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/users/admin b/clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/users/admin deleted file mode 120000 index f14859ae0..000000000 --- a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/users/admin +++ /dev/null @@ -1 +0,0 @@ -../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/machines/test b/clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/machines/test deleted file mode 120000 index 8adbdc900..000000000 --- a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/machines/test +++ /dev/null @@ -1 +0,0 @@ -../../../../../sops/machines/test \ No newline at end of file diff --git a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/secret b/clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/secret deleted file mode 100644 index 2353f2d36..000000000 --- a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/secret +++ /dev/null @@ -1,19 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:HHWyM9d6StpKc6uTxg==,iv:blDyfL/xSThCt+dhxeR5eOLa11OsIkbe+w4ReLBv754=,tag:qGHcDXS4DWdUIXUvtLc5XQ==,type:str]", - "sops": { - "age": [ - { - "recipient": "age13ahclyps97532zt2sfta5zrfx976d3r2jmctj8d36vj9x5v5ffqq304fqf", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdkQyYnQ1UzlCWEFtdnJh\nMWlBK0RGcENTMmRITWM5SSs2Mkt2N0ZKdm5VClNTS0NuR05OVHY3QkFLZWt6bTUx\nMzJLc2Vib1ZUbW1VM0lhYXFFeEhOaEEKLS0tIHVoODVOK3BUU2JDZkJkN2I2Wm1L\nMWM0TUNQazljZS9uWXRKRFlxWmd0clUKg1YhJoRea05c24hCuZKYvqyvjuu965KD\nr4GLtyqQ6wt9sn50Rzx5cAY/Ac684DNFJVZ1RwG1NTB2kmXcVP8SJA==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoZTA5QXpsOXR3L2FKcnJD\neUxzNVp3M2VQMFFaUUxwNXQ4UTlXa01rR0IwCjkyU2hmdlVYbWY4WUpVK0J1ZC9Q\nRjVkYWlGTlh1MFY3R3FxMEZHODZXMmcKLS0tIFV3bGdvUEtnT21wRWJveEQwdTBV\nbGFUUExBZWR1enQ0c0l0dUY3TnErM3cKutl5cv8dSlpQA7SXUYWJq1M0yLmko/Bx\nUvxxGGLQaK0Mp81Z5mOsjNhcVQrY160AyVnWJ0z39cqOJq9PpXRP+A==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2025-05-29T13:15:02Z", - "mac": "ENC[AES256_GCM,data:Y2FFQevNHSJrEtCmGHQXcpfyof0v2IF8ey79g7EfGj13An4ylhvogsVjRtfMkQvKD5GZykswZgmh+PmKUIzRoc+cvnMLu0iBzleYv+KzpYqtvUpdK0+NQn/4cKOoafajwNV7EuCQh+SkJgSGjNSbMs8xtIb4q9DmJyTcTbG0JQ4=,iv:xmA/cEhl/J0Z+8QR2GFiGWRw4aH/C4HmO+Qd4e25utw=,tag:/hG5S/EmRt8CjAy8DfBoqg==,type:str]", - "unencrypted_suffix": "_unencrypted", - "version": "3.10.2" - } -} diff --git a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/users/admin b/clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/users/admin deleted file mode 120000 index f14859ae0..000000000 --- a/clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/users/admin +++ /dev/null @@ -1 +0,0 @@ -../../../../../sops/users/admin \ No newline at end of file diff --git a/flake.nix b/flake.nix index e490d5b85..7907da570 100644 --- a/flake.nix +++ b/flake.nix @@ -71,6 +71,7 @@ ./flakeModules/demo_iso.nix ./lib/filter-clan-core/flake-module.nix ./lib/flake-module.nix + ./lib/flake-parts/clan-nixos-test.nix ./nixosModules/clanCore/vars/flake-module.nix ./nixosModules/flake-module.nix ./pkgs/flake-module.nix diff --git a/lib/clanTest/flake-module.nix b/lib/clanTest/flake-module.nix index 220ac7df8..39449b047 100644 --- a/lib/clanTest/flake-module.nix +++ b/lib/clanTest/flake-module.nix @@ -99,10 +99,18 @@ in machine: flip mapAttrsToList machine.clan.core.vars.generators (_name: generator: generator.runtimeInputs); + generatorScripts = + machine: + flip mapAttrsToList machine.clan.core.vars.generators (_name: generator: generator.finalScript); + generatorRuntimeInputs = unique ( flatten (flip mapAttrsToList config.nodes (_machineName: machine: inputsForMachine machine)) ); + allGeneratorScripts = unique ( + flatten (flip mapAttrsToList config.nodes (_machineName: machine: generatorScripts machine)) + ); + vars-check = hostPkgs.runCommand "update-vars-check-${testName}" { @@ -114,16 +122,19 @@ in hostPkgs.bubblewrap ]; closureInfo = hostPkgs.closureInfo { - rootPaths = generatorRuntimeInputs ++ [ - hostPkgs.bash - hostPkgs.coreutils - hostPkgs.jq.dev - hostPkgs.stdenv - hostPkgs.stdenvNoCC - hostPkgs.shellcheck-minimal - hostPkgs.age - hostPkgs.sops - ]; + rootPaths = + generatorRuntimeInputs + ++ allGeneratorScripts + ++ [ + hostPkgs.bash + hostPkgs.coreutils + hostPkgs.jq.dev + hostPkgs.stdenv + hostPkgs.stdenvNoCC + hostPkgs.shellcheck-minimal + hostPkgs.age + hostPkgs.sops + ]; }; } '' @@ -277,8 +288,6 @@ in # Harder to handle advanced setups (like TPM, LUKS, or LVM-on-LUKS) but not needed since we are in a test # No systemd journal logs from initrd. boot.initrd.systemd.enable = false; - # make the test depend on its vars-check derivation - environment.variables.CLAN_VARS_CHECK = "${vars-check}"; } ); diff --git a/lib/flake-parts/clan-nixos-test.nix b/lib/flake-parts/clan-nixos-test.nix new file mode 100644 index 000000000..3c5267b47 --- /dev/null +++ b/lib/flake-parts/clan-nixos-test.nix @@ -0,0 +1,94 @@ +{ + lib, + flake-parts-lib, + self, + inputs, + ... +}: +let + inherit (lib) + mkOption + types + ; + inherit (flake-parts-lib) + mkPerSystemOption + ; + nixosLib = import (inputs.nixpkgs + "/nixos/lib") { }; +in +{ + options = { + perSystem = mkPerSystemOption ( + { config, pkgs, ... }: + let + cfg = config.clan.nixosTests; + in + { + options.clan.nixosTests = mkOption { + description = "Clan NixOS tests configuration"; + type = types.attrsOf types.unspecified; + default = { }; + }; + + config.checks = lib.optionalAttrs (pkgs.stdenv.isLinux) ( + let + # Build all individual vars-check derivations + varsChecks = lib.mapAttrs' ( + name: testModule: + lib.nameValuePair "vars-check-${name}" ( + let + test = nixosLib.runTest ( + { ... }: + { + imports = [ + self.modules.nixosVmTest.clanTest + testModule + ]; + + hostPkgs = pkgs; + + defaults = { + imports = [ + { + _module.args.clan-core = self; + } + ]; + }; + } + ); + in + test.config.result.vars-check + ) + ) cfg; + in + lib.mkMerge [ + # Add the VM tests as checks + (lib.mapAttrs ( + _name: testModule: + nixosLib.runTest ( + { ... }: + { + imports = [ + self.modules.nixosVmTest.clanTest + testModule + ]; + + hostPkgs = pkgs; + + defaults = { + imports = [ + { + _module.args.clan-core = self; + } + ]; + }; + } + ) + ) cfg) + + varsChecks + ] + ); + } + ); + }; +}