yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'Introduce flake parts module for clan nixos tests' (#4000) from speed-up-ci into main

Browse Source 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/4000
This commit is contained in:
Mic92
2025-06-17 19:20:08 +00:00
parent 9518fb660b a260083919
commit 63e741ed20
44 changed files with 749 additions and 941 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
clanServices/admin/flake-module.nix
View File

@@ -1,17 +1,18 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
admin = lib.modules.importApply ./default.nix { };
admin = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
admin = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.admin = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/admin" = module;
};
};
}

21
clanServices/admin/tests/vm/default.nix
View File

@@ -1,27 +1,11 @@
{
pkgs,
nixosLib,
clan-core,
...
}:
let
public-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII6zj7ubTg6z/aDwRNwvM/WlQdUocMprQ8E92NWxl6t+ test@test";
in
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "admin";
clan = {
directory = ./.;
modules."@clan/admin" = ../../default.nix;
inventory = {
machines.client = { };
@@ -58,5 +42,4 @@ nixosLib.runTest (
client.succeed(f"ssh -F /dev/null -i /etc/private-test-key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o BatchMode=yes root@server true &>/dev/null")
'';
}
)
}

19
clanServices/borgbackup/flake-module.nix
View File

@@ -1,17 +1,18 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
borgbackup = lib.modules.importApply ./default.nix { };
borgbackup = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
borgbackup = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.borgbackup = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/borgbackup" = module;
};
};
}

24
clanServices/borgbackup/tests/vm/default.nix
View File

@@ -1,24 +1,14 @@
{
module,
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "borgbackup";
clan = {
directory = ./.;
test.useContainers = true;
modules."@clan/borgbackup" = ../../default.nix;
inventory = {
machines.clientone = { };
@@ -45,7 +35,12 @@ nixosLib.runTest (
};
clientone =
{ config, pkgs, ... }:
{
config,
pkgs,
clan-core,
...
}:
let
dependencies = [
clan-core
@@ -114,5 +109,4 @@ nixosLib.runTest (
clientone.succeed(f"NAME='serverone::borg@serverone:.::{backup_id}' borgbackup-restore >&2")
assert clientone.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed"
'';
}
)
}

19
clanServices/deltachat/flake-module.nix
View File

@@ -1,17 +1,18 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
deltachat = lib.modules.importApply ./default.nix { };
deltachat = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
deltachat = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.deltachat = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/deltachat" = module;
};
};
}

19
clanServices/deltachat/tests/vm/default.nix
View File

@@ -1,23 +1,13 @@
{
module,
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "deltachat";
clan = {
directory = ./.;
modules."@clan/deltachat" = ../../default.nix;
inventory = {
machines.server = { };
@@ -40,11 +30,10 @@ nixosLib.runTest (
server.wait_for_unit("maddy")
# imap
server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 143")
server.wait_until_succeeds("${pkgs.netcat}/bin/nc -z -v ::1 143")
# smtp submission
server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 587")
# smtp
server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 25")
'';
}
)
}

19
clanServices/ergochat/flake-module.nix
View File

@@ -1,17 +1,18 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
ergochat = lib.modules.importApply ./default.nix { };
ergochat = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
ergochat = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.ergochat = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/ergochat" = module;
};
};
}

16
clanServices/ergochat/tests/vm/default.nix
View File

@@ -1,22 +1,13 @@
{
module,
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "ergochat";
clan = {
directory = ./.;
modules."@clan/ergochat" = ../../default.nix;
inventory = {
machines.server = { };
@@ -47,5 +38,4 @@ nixosLib.runTest (
# Check that the server is listening on the correct ports
server.succeed("${pkgs.netcat}/bin/nc -z -v ::1 6667")
'';
}
)
}

19
clanServices/garage/flake-module.nix
View File

@@ -1,18 +1,19 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
garage = lib.modules.importApply ./default.nix { };
garage = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
garage = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.garage = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/garage" = module;
};
};
}

17
clanServices/garage/tests/vm/default.nix
View File

@@ -1,23 +1,13 @@
{
module,
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "garage";
clan = {
directory = ./.;
modules."@clan/garage" = ../../default.nix;
inventory = {
machines.server = { };
@@ -83,5 +73,4 @@ nixosLib.runTest (
server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3902")
server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 3903")
'';
}
)
}

19
clanServices/heisenbridge/flake-module.nix
View File

@@ -1,17 +1,18 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
heisenbridge = lib.modules.importApply ./default.nix { };
heisenbridge = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
heisenbridge = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.heisenbridge = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/heisenbridge" = module;
};
};
}

18
clanServices/heisenbridge/tests/vm/default.nix
View File

@@ -1,24 +1,13 @@
{
module,
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "heisenbridge";
clan = {
directory = ./.;
modules."@clan/heisenbridge" = ../../default.nix;
inventory = {
machines.server = { };
@@ -61,5 +50,4 @@ nixosLib.runTest (
# Check that heisenbridge is listening on the default port
server.succeed("${pkgs.netcat}/bin/nc -z -v 127.0.0.1 9898")
'';
}
)
}

15
clanServices/hello-world/flake-module.nix
View File

@@ -14,7 +14,7 @@ in
hello-world = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
let
# Module that contains the tests
# This module adds:
@@ -41,15 +41,10 @@ in
2. To run the test
nix build .#checks.x86_64-linux.hello-service
*/
checks =
# Currently we don't support nixos-integration tests on darwin
lib.optionalAttrs (pkgs.stdenv.isLinux) {
hello-service = import ./tests/vm/default.nix {
inherit module;
inherit self inputs pkgs;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
clan-core = self;
};
clan.nixosTests.hello-service = {
imports = [ ./tests/vm/default.nix ];
clan.modules.hello-service = module;
};
};
}

19
clanServices/hello-world/tests/vm/default.nix
View File

@@ -1,26 +1,12 @@
{
pkgs,
nixosLib,
clan-core,
module,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "hello-service";
clan = {
directory = ./.;
modules = {
hello-service = module;
};
inventory = {
machines.peer1 = { };
@@ -40,5 +26,4 @@ nixosLib.runTest (
value = peer1.succeed("cat ${nodes.peer1.clan.core.vars.generators.hello.files.hello.path}")
assert value.strip() == "Hello world from peer1", value
'';
}
)
}

19
clanServices/localsend/flake-module.nix
View File

@@ -1,18 +1,19 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
localsend = lib.modules.importApply ./default.nix { };
localsend = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
localsend = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.localsend = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/localsend" = module;
};
};
}

19
clanServices/localsend/tests/vm/default.nix
View File

@@ -1,24 +1,12 @@
{
pkgs,
nixosLib,
clan-core,
module,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "localsend";
clan = {
directory = ./.;
modules."@clan/localsend" = ../../default.nix;
inventory = {
machines.server = { };
@@ -47,5 +35,4 @@ nixosLib.runTest (
# Verify the 09-zerotier network is configured with the specified IP address
server.succeed("grep -q 'Address=192.168.56.2/24' /etc/systemd/network/09-zerotier.network")
'';
}
)
}

19
clanServices/mycelium/flake-module.nix
View File

@@ -1,17 +1,18 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
mycelium = lib.modules.importApply ./default.nix { };
mycelium = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
mycelium = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.mycelium = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/mycelium" = module;
};
};
}

17
clanServices/mycelium/tests/vm/default.nix
View File

@@ -1,25 +1,15 @@
{
module,
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "mycelium";
clan = {
test.useContainers = false;
directory = ./.;
modules."@clan/mycelium" = ../../default.nix;
inventory = {
machines.server = { };
@@ -49,5 +39,4 @@ nixosLib.runTest (
# Check that mycelium is listening on its default port
server.wait_until_succeeds("${pkgs.iproute2}/bin/ss -tulpn | grep -q 'mycelium'", 10)
'';
}
)
}

19
clanServices/packages/flake-module.nix
View File

@@ -1,18 +1,19 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
packages = lib.modules.importApply ./default.nix { };
packages = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
packages = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.packages = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/packages" = module;
};
};

19
clanServices/packages/tests/vm/default.nix
View File

@@ -1,24 +1,12 @@
{
pkgs,
nixosLib,
clan-core,
module,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "packages";
clan = {
directory = ./.;
modules."@clan/packages" = ../../default.nix;
inventory = {
machines.server = { };
@@ -37,5 +25,4 @@ nixosLib.runTest (
start_all()
server.succeed("cbonsai")
'';
}
)
}

19
clanServices/sshd/flake-module.nix
View File

@@ -1,18 +1,19 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
sshd = lib.modules.importApply ./default.nix { };
sshd = module;
};
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
sshd = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.sshd = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/sshd" = module;
};
};

18
clanServices/sshd/tests/vm/default.nix
View File

@@ -1,24 +1,13 @@
{
module,
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
{
name = "sshd";
clan = {
directory = ./.;
modules."@clan/sshd" = ../../default.nix;
inventory = {
machines.server = { };
machines.client = { };
@@ -58,5 +47,4 @@ nixosLib.runTest (
# Check that /etc/ssh/ssh_known_hosts contains the required CA string on the client
client.succeed("grep '^.cert-authority ssh-ca.*example.com ssh-ed25519 ' /etc/ssh/ssh_known_hosts")
'';
}
)
}

25
clanServices/state-version/flake-module.nix
View File

@@ -1,19 +1,16 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
state-version = lib.modules.importApply ./default.nix { };
};
clan.modules.state-version = module;
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
state-version = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
};
};
clan.nixosTests.state-version = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/state-version" = module;
};
};
}

19
clanServices/state-version/tests/vm/default.nix
View File

@@ -1,24 +1,8 @@
{
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
name = "state-version";
clan = {
directory = ./.;
modules."@clan/state-version" = ../../default.nix;
inventory = {
machines.server = { };
instances.default = {
@@ -33,5 +17,4 @@ nixosLib.runTest (
testScript = ''
start_all()
'';
}
)
}

21
clanServices/trusted-nix-caches/flake-module.nix
View File

@@ -1,17 +1,16 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
trusted-nix-caches = lib.modules.importApply ./default.nix { };
};
clan.modules.trusted-nix-caches = module;
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
trusted-nix-caches = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.nixosTests.trusted-nix-caches = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/trusted-nix-caches" = module;
};
};
}

18
clanServices/trusted-nix-caches/tests/vm/default.nix
View File

@@ -1,23 +1,8 @@
{
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
name = "trusted-nix-caches";
clan = {
directory = ./.;
modules."@clan/trusted-nix-caches" = ../../default.nix;
inventory = {
machines.server = { };
@@ -36,5 +21,4 @@ nixosLib.runTest (
start_all()
server.succeed("grep -q 'cache.clan.lol' /etc/nix/nix.conf")
'';
}
)
}

24
clanServices/users/flake-module.nix
View File

@@ -1,18 +1,16 @@
{ lib, self, ... }:
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
users = lib.modules.importApply ./default.nix { };
};
clan.modules.users = module;
perSystem =
{ pkgs, ... }:
{ ... }:
{
checks = lib.optionalAttrs (pkgs.stdenv.isLinux) {
users = import ./tests/vm/default.nix {
inherit pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
};
};
clan.nixosTests.users = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/users" = module;
};
};
}

19
clanServices/users/tests/vm/default.nix
View File

@@ -1,24 +1,8 @@
{
pkgs,
nixosLib,
clan-core,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
name = "users";
clan = {
directory = ./.;
modules."@clan/users" = ../../default.nix;
inventory = {
machines.server = { };
@@ -63,5 +47,4 @@ nixosLib.runTest (
# server.succeed(f"echo '{password}' | su - testuser -c 'echo Login successful'")
'';
}
)
}

25
clanServices/wifi/flake-module.nix
View File

@@ -1,6 +1,5 @@
{
self,
inputs,
lib,
...
}:
@@ -10,28 +9,14 @@ let
};
in
{
clan.modules = {
wifi = module;
};
clan.modules.wifi = module;
perSystem =
{ pkgs, ... }:
{ ... }:
{
/**
1. Prepare the test vars
nix run .#generate-test-vars -- clanServices/hello-world/tests/vm hello-service
clan.nixosTests.wifi = {
imports = [ ./tests/vm/default.nix ];
2. To run the test
nix build .#checks.x86_64-linux.hello-service
*/
checks =
# Currently we don't support nixos-integration tests on darwin
lib.optionalAttrs (pkgs.stdenv.isLinux) {
wifi-service = import ./tests/vm/default.nix {
inherit module;
inherit inputs pkgs;
clan-core = self;
nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
};
clan.modules."@clan/wifi" = module;
};
};
}

21
clanServices/wifi/tests/vm/default.nix
View File

@@ -1,25 +1,9 @@
{
pkgs,
nixosLib,
clan-core,
module,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
name = "wifi-service";
name = "wifi";
clan = {
directory = ./.;
test.useContainers = false;
modules."@clan/wifi" = module;
inventory = {
machines.test = { };
@@ -42,5 +26,4 @@ nixosLib.runTest (
psk = test.succeed("cat /run/NetworkManager/system-connections/one.nmconnection")
assert "password-eins" in psk, "Password is incorrect"
'';
}
)
}

16
clanServices/zerotier/flake-module.nix
View File

@@ -8,9 +8,7 @@ let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
zerotier = module;
};
clan.modules.zerotier = module;
perSystem =
{ ... }:
let
@@ -28,11 +26,11 @@ in
imports = [
unit-test-module
];
# zerotier = import ./tests/vm/default.nix {
# inherit module;
# inherit inputs pkgs;
# clan-core = self;
# nixosLib = import (self.inputs.nixpkgs + "/nixos/lib") { };
# };
clan.nixosTests.zerotier = {
imports = [ ./tests/vm/default.nix ];
clan.modules.zerotier = module;
};
};
}

22
clanServices/zerotier/tests/vm/default.nix
View File

@@ -1,24 +1,8 @@
{
pkgs,
nixosLib,
clan-core,
module,
...
}:
nixosLib.runTest (
{ ... }:
{
imports = [
clan-core.modules.nixosVmTest.clanTest
];
hostPkgs = pkgs;
name = "zerotier";
clan = {
directory = ./.;
modules."zerotier" = module;
inventory = {
machines.jon = { };
@@ -31,6 +15,7 @@ nixosLib.runTest (
roles.peer.tags.all = { };
roles.controller.machines.bam = { };
roles.moon.machines = { };
};
};
};
@@ -38,6 +23,5 @@ nixosLib.runTest (
# This is not an actual vm test, this is a workaround to
# generate the needed vars for the eval test.
testScript = '''';
}
)
testScript = "";
}

6
clanServices/zerotier/tests/vm/sops/machines/test/key.json
View File

@@ -1,6 +0,0 @@
[
{
"publickey": "age13ahclyps97532zt2sfta5zrfx976d3r2jmctj8d36vj9x5v5ffqq304fqf",
"type": "age"
}
]

15
clanServices/zerotier/tests/vm/sops/secrets/test-age.key/secret
View File

@@ -1,15 +0,0 @@
{
"data": "ENC[AES256_GCM,data:AGYme1x1pE7SVk6HowmIYMN3EHNaZglW97geihpDCkKqArq/zD2IHxbgo8OtXmaNws16i0R6LehWJTL21fVmnAEA9GNZQOE/Y4Q=,iv:Kc3bDcOwJmxHnnlBweUbqDE77VVFZFelEGpmpfBSct8=,tag:m4kzx3nOtexD91kisQafFw==,type:str]",
"sops": {
"age": [
{
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTc2Q5NTY1ejl5ODhSOXhv\nVUFrb0xvblErWEY1R0k3UXNBQk5Ja1MwaERVCmdISk1RSGFUL2FRMWlPSFdERjB6\nalltcHZLd21XOVFuaExSRUNQc1VmdjAKLS0tIGg0ZGdvbm9wbC9Jd255cHNmVWxP\nWStOQS9EQW9WQUtLZVp5SDBmM1ByaEEKzviyWc0yLbDMwk/CHhTwntrjA5LX44Wu\nNdlsQG/yfRaqRL1TKZztT9RnX0293gOEZFvoYZasEJJAIeBoZvN6VQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-29T13:14:51Z",
"mac": "ENC[AES256_GCM,data:uCk2e5aFHZhttLkIdvDU3KARN7PiHKLtXsqxmuLkZP903XhDTCuj1GH6S0C9UN5LftlaVjCEaqlgx68cCNwTc9bTUnhSdVVjMWy0gjxKZ1Y25YzOMlEmOAk/TZqUvnMn/cUL8KOeBnymPbAeqLm8yATjwsyx5+GrFrIVxwGQzUA=,iv:UMX2Ik0xlcljMZyBhjOpvYcsJCC5Wb6d/rgbTFb+6oM=,tag:HH05tFDzOcRrQ8TTXxrDyw==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

1
clanServices/zerotier/tests/vm/sops/secrets/test-age.key/users/admin
View File

@@ -1 +0,0 @@
../../../users/admin

1
clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/machines/test
View File

@@ -1 +0,0 @@
../../../../../sops/machines/test

19
clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/secret
View File

@@ -1,19 +0,0 @@
{
"data": "ENC[AES256_GCM,data:iNOb,iv:24+bKY5u61JYsvLHV8TIUBVmJPV1aX/BJr//c7le68o=,tag:ANCOrzvnukvqyKGf+L8gFQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age13ahclyps97532zt2sfta5zrfx976d3r2jmctj8d36vj9x5v5ffqq304fqf",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxN2EwVHN3SENVTjdjZGRi\nQmJOWlNGYmpmM1BnZnpYWGhaSlRaUVJIODFRCkhhMUhyZzVWWk53SDBwSVBVZGVY\nVUpMTm9qWTIzc3VwdGJHcUVWVzFlV0UKLS0tIDBBVXdlS1FFbzNPSnlZWWtEaDJi\nK215OWQvMVRCRUZyQjFZckJFbHBZeDQK2cqgDnGM5uIm834dbQ3bi3nQA5nPq6Bf\n0+sezXuY55GdFS6OxIgI5/KcitHzDE0WHOvklIGDCSysoXIQ3QXanA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0NDB5SVcrU0V6akYwbDlv\na1BuSm5XbjYwN2ZkZWtIcnhBVHBTWGFxd24wCnZTVGlPRm5uZEd3QXYwdFRMS09K\nWWw5N2RJZ3d4N0VDMWZmM2lkYVM4VncKLS0tIGplTDVka1VoUVdXMU9VS3hYSlZ1\nRjZGL25hQWxHWEx3OXdQamJiNG9KaDgKk94uXPuCE/M4Hz/7hVKJPHuzQfbOQi/9\nVfR2i17Hjcq08l68Xzn+DllQEAFdts2fS96Pu4FFKfiLK7INl/fUOg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-29T13:15:02Z",
"mac": "ENC[AES256_GCM,data:4beXC5ONY5RLChluoVkklpDnaf/KCjlUzpQkFVSp7vauQmMKeTK40xqfvY5d+64u/OKRTIdc38KQTwhZ0pYzOv1LcJOWbHrGu7XadlALKgyUqKOZy03G2O8y0IF6t/LUK8TaNFnNvNteFsfD36/+wkRaxPJe7MKXGqPhWf6RC78=,iv:FR/PQUZqL3HnyVbW+H1QlZMmgFxA5juSb88wuatIlHM=,tag:parvZw3y9ZHieZ8pmUjCZQ==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

1
clanServices/zerotier/tests/vm/vars/shared/wifi.one/network-name/users/admin
View File

@@ -1 +0,0 @@
../../../../../sops/users/admin

1
clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/machines/test
View File

@@ -1 +0,0 @@
../../../../../sops/machines/test

19
clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/secret
View File

@@ -1,19 +0,0 @@
{
"data": "ENC[AES256_GCM,data:HHWyM9d6StpKc6uTxg==,iv:blDyfL/xSThCt+dhxeR5eOLa11OsIkbe+w4ReLBv754=,tag:qGHcDXS4DWdUIXUvtLc5XQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age13ahclyps97532zt2sfta5zrfx976d3r2jmctj8d36vj9x5v5ffqq304fqf",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdkQyYnQ1UzlCWEFtdnJh\nMWlBK0RGcENTMmRITWM5SSs2Mkt2N0ZKdm5VClNTS0NuR05OVHY3QkFLZWt6bTUx\nMzJLc2Vib1ZUbW1VM0lhYXFFeEhOaEEKLS0tIHVoODVOK3BUU2JDZkJkN2I2Wm1L\nMWM0TUNQazljZS9uWXRKRFlxWmd0clUKg1YhJoRea05c24hCuZKYvqyvjuu965KD\nr4GLtyqQ6wt9sn50Rzx5cAY/Ac684DNFJVZ1RwG1NTB2kmXcVP8SJA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoZTA5QXpsOXR3L2FKcnJD\neUxzNVp3M2VQMFFaUUxwNXQ4UTlXa01rR0IwCjkyU2hmdlVYbWY4WUpVK0J1ZC9Q\nRjVkYWlGTlh1MFY3R3FxMEZHODZXMmcKLS0tIFV3bGdvUEtnT21wRWJveEQwdTBV\nbGFUUExBZWR1enQ0c0l0dUY3TnErM3cKutl5cv8dSlpQA7SXUYWJq1M0yLmko/Bx\nUvxxGGLQaK0Mp81Z5mOsjNhcVQrY160AyVnWJ0z39cqOJq9PpXRP+A==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-29T13:15:02Z",
"mac": "ENC[AES256_GCM,data:Y2FFQevNHSJrEtCmGHQXcpfyof0v2IF8ey79g7EfGj13An4ylhvogsVjRtfMkQvKD5GZykswZgmh+PmKUIzRoc+cvnMLu0iBzleYv+KzpYqtvUpdK0+NQn/4cKOoafajwNV7EuCQh+SkJgSGjNSbMs8xtIb4q9DmJyTcTbG0JQ4=,iv:xmA/cEhl/J0Z+8QR2GFiGWRw4aH/C4HmO+Qd4e25utw=,tag:/hG5S/EmRt8CjAy8DfBoqg==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

1
clanServices/zerotier/tests/vm/vars/shared/wifi.one/password/users/admin
View File

@@ -1 +0,0 @@
../../../../../sops/users/admin

1
flake.nix
View File

@@ -71,6 +71,7 @@
./flakeModules/demo_iso.nix
./lib/filter-clan-core/flake-module.nix
./lib/flake-module.nix
./lib/flake-parts/clan-nixos-test.nix
./nixosModules/clanCore/vars/flake-module.nix
./nixosModules/flake-module.nix
./pkgs/flake-module.nix

15
lib/clanTest/flake-module.nix
View File

@@ -99,10 +99,18 @@ in
machine:
flip mapAttrsToList machine.clan.core.vars.generators (_name: generator: generator.runtimeInputs);
generatorScripts =
machine:
flip mapAttrsToList machine.clan.core.vars.generators (_name: generator: generator.finalScript);
generatorRuntimeInputs = unique (
flatten (flip mapAttrsToList config.nodes (_machineName: machine: inputsForMachine machine))
);
allGeneratorScripts = unique (
flatten (flip mapAttrsToList config.nodes (_machineName: machine: generatorScripts machine))
);
vars-check =
hostPkgs.runCommand "update-vars-check-${testName}"
{
@@ -114,7 +122,10 @@ in
hostPkgs.bubblewrap
];
closureInfo = hostPkgs.closureInfo {
rootPaths = generatorRuntimeInputs ++ [
rootPaths =
generatorRuntimeInputs
++ allGeneratorScripts
++ [
hostPkgs.bash
hostPkgs.coreutils
hostPkgs.jq.dev
@@ -277,8 +288,6 @@ in
# Harder to handle advanced setups (like TPM, LUKS, or LVM-on-LUKS) but not needed since we are in a test
# No systemd journal logs from initrd.
boot.initrd.systemd.enable = false;
# make the test depend on its vars-check derivation
environment.variables.CLAN_VARS_CHECK = "${vars-check}";
}
);

94
lib/flake-parts/clan-nixos-test.nix Normal file
View File

@@ -0,0 +1,94 @@
{
lib,
flake-parts-lib,
self,
inputs,
...
}:
let
inherit (lib)
mkOption
types
;
inherit (flake-parts-lib)
mkPerSystemOption
;
nixosLib = import (inputs.nixpkgs + "/nixos/lib") { };
in
{
options = {
perSystem = mkPerSystemOption (
{ config, pkgs, ... }:
let
cfg = config.clan.nixosTests;
in
{
options.clan.nixosTests = mkOption {
description = "Clan NixOS tests configuration";
type = types.attrsOf types.unspecified;
default = { };
};
config.checks = lib.optionalAttrs (pkgs.stdenv.isLinux) (
let
# Build all individual vars-check derivations
varsChecks = lib.mapAttrs' (
name: testModule:
lib.nameValuePair "vars-check-${name}" (
let
test = nixosLib.runTest (
{ ... }:
{
imports = [
self.modules.nixosVmTest.clanTest
testModule
];
hostPkgs = pkgs;
defaults = {
imports = [
{
_module.args.clan-core = self;
}
];
};
}
);
in
test.config.result.vars-check
)
) cfg;
in
lib.mkMerge [
# Add the VM tests as checks
(lib.mapAttrs (
_name: testModule:
nixosLib.runTest (
{ ... }:
{
imports = [
self.modules.nixosVmTest.clanTest
testModule
];
hostPkgs = pkgs;
defaults = {
imports = [
{
_module.args.clan-core = self;
}
];
};
}
)
) cfg)
varsChecks
]
);
}
);
};
}