migrate clanmodules/{user,root}-password to clanServices/users

Move the functionality of both modules into a new clanService. root-password was previously just a special case of user-password. This migrates it into a deduplicated clan service and adds checks
2025-06-10 09:27:59 +02:00
parent 27998d777a
commit db5e23e701
22 changed files with 277 additions and 12 deletions
--- a/clanServices/users/tests/vm/default.nix
+++ b/clanServices/users/tests/vm/default.nix
@@ -0,0 +1,67 @@
+{
+  pkgs,
+  nixosLib,
+  clan-core,
+  ...
+}:
+
+nixosLib.runTest (
+  { ... }:
+  {
+    imports = [
+      clan-core.modules.nixosVmTest.clanTest
+    ];
+
+    hostPkgs = pkgs;
+
+    name = "users";
+
+    clan = {
+      directory = ./.;
+      modules."@clan/users" = ../../default.nix;
+      inventory = {
+        machines.server = { };
+
+        instances = {
+          root-password-test = {
+            module.name = "@clan/users";
+            roles.default.machines."server".settings = {
+              user = "root";
+              prompt = false;
+            };
+          };
+          user-password-test = {
+            module.name = "@clan/users";
+            roles.default.machines."server".settings = {
+              user = "testuser";
+              prompt = false;
+            };
+          };
+        };
+      };
+    };
+
+    nodes = {
+      server = {
+        users.users.testuser.group = "testuser";
+        users.groups.testuser = { };
+        users.users.testuser.isNormalUser = true;
+      };
+    };
+
+    testScript = ''
+      start_all()
+
+      server.wait_for_unit("multi-user.target")
+
+      # Check that the testuser account exists
+      server.succeed("id testuser")
+
+      # Try to log in as the user using the generated password
+      # TODO: fix
+      # password = server.succeed("cat /run/clan/vars/user-password/user-password").strip()
+      # server.succeed(f"echo '{password}' | su - testuser -c 'echo Login successful'")
+
+    '';
+  }
+)