diff options
| author | Tom Fitzhenry <tom@tom-fitzhenry.me.uk> | 2024-04-23 22:31:51 +1000 |
|---|---|---|
| committer | Tom Fitzhenry <tom@tom-fitzhenry.me.uk> | 2024-04-23 22:39:02 +1000 |
| commit | 41911ed9d2ce9bc43fa32d796a62697bc62641b9 (patch) | |
| tree | 194f86e5420f7cfb23894e765cf620d4bab3c3e3 /nixos/tests | |
| parent | 818cad4ae1ca65568e1979a2cab97bcec71641d4 (diff) | |
tests/openssh: tidy up tests
This test renames server_allowedusers to server-allowed-users. As a side-effect, since IPs are allocated to machines in alphabetical order, the IP assigned to server-lazy-socket changed, so the corresponding test had its IP updated.
Diffstat (limited to 'nixos/tests')
| -rw-r--r-- | nixos/tests/openssh.nix | 36 |
1 files changed, 19 insertions, 17 deletions
diff --git a/nixos/tests/openssh.nix b/nixos/tests/openssh.nix index 8074fd2ed4838..f71b0a22fe63d 100644 --- a/nixos/tests/openssh.nix +++ b/nixos/tests/openssh.nix @@ -22,6 +22,19 @@ in { ]; }; + server-allowed-users = + { ... }: + + { + services.openssh = { enable = true; settings.AllowUsers = [ "alice" "bob" ]; }; + users.groups = { alice = { }; bob = { }; carol = { }; }; + users.users = { + alice = { isNormalUser = true; group = "alice"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; + bob = { isNormalUser = true; group = "bob"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; + carol = { isNormalUser = true; group = "carol"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; + }; + }; + server-lazy = { ... }: @@ -95,19 +108,6 @@ in { }; }; - server_allowedusers = - { ... }: - - { - services.openssh = { enable = true; settings.AllowUsers = [ "alice" "bob" ]; }; - users.groups = { alice = { }; bob = { }; carol = { }; }; - users.users = { - alice = { isNormalUser = true; group = "alice"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; - bob = { isNormalUser = true; group = "bob"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; - carol = { isNormalUser = true; group = "carol"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; - }; - }; - client = { ... }: { virtualisation.vlans = [ 1 2 ]; @@ -119,6 +119,7 @@ in { start_all() server.wait_for_unit("sshd", timeout=30) + server_allowed_users.wait_for_unit("sshd", timeout=30) server_localhost_only.wait_for_unit("sshd", timeout=30) server_match_rule.wait_for_unit("sshd", timeout=30) @@ -166,8 +167,9 @@ in { "cat ${snakeOilPrivateKey} > privkey.snakeoil" ) client.succeed("chmod 600 privkey.snakeoil") + # The final segment in this IP is allocated according to the alphabetical order of machines in this test. client.succeed( - "ssh -p 2222 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil root@192.168.2.4 true", + "ssh -p 2222 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil root@192.168.2.5 true", timeout=30 ) @@ -198,15 +200,15 @@ in { ) client.succeed("chmod 600 privkey.snakeoil") client.succeed( - "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil alice@server_allowedusers true", + "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil alice@server-allowed-users true", timeout=30 ) client.succeed( - "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil bob@server_allowedusers true", + "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil bob@server-allowed-users true", timeout=30 ) client.fail( - "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil carol@server_allowedusers true", + "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil carol@server-allowed-users true", timeout=30 ) ''; |