diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2023-04-21 18:01:26 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-21 18:01:26 +0000 |
commit | ca0f3efdbe9bf501f8abde195fab279b0577d129 (patch) | |
tree | 8bdfc3ee0ffefd01a10d6fe43895a31acb327c1d /nixos/tests | |
parent | aac843d611a77b85a69e4b803805e2dfef8a9c0e (diff) | |
parent | 89d59988a72a14e190280ef7f33c2c749bad37b0 (diff) |
Merge master into staging-next
Diffstat (limited to 'nixos/tests')
-rw-r--r-- | nixos/tests/all-tests.nix | 3 | ||||
-rw-r--r-- | nixos/tests/ft2-clone.nix | 4 | ||||
-rw-r--r-- | nixos/tests/initrd-network-openvpn/default.nix | 20 | ||||
-rw-r--r-- | nixos/tests/initrd-network-ssh/default.nix | 4 | ||||
-rw-r--r-- | nixos/tests/predictable-interface-names.nix | 39 | ||||
-rw-r--r-- | nixos/tests/systemd-initrd-networkd-ssh.nix | 82 | ||||
-rw-r--r-- | nixos/tests/systemd-initrd-networkd.nix | 74 | ||||
-rw-r--r-- | nixos/tests/systemd-initrd-simple.nix | 2 |
8 files changed, 212 insertions, 16 deletions
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 5b802fb263042..715fe7e51e0f2 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -680,6 +680,9 @@ in { systemd-initrd-simple = handleTest ./systemd-initrd-simple.nix {}; systemd-initrd-swraid = handleTest ./systemd-initrd-swraid.nix {}; systemd-initrd-vconsole = handleTest ./systemd-initrd-vconsole.nix {}; + systemd-initrd-networkd = handleTest ./systemd-initrd-networkd.nix {}; + systemd-initrd-networkd-ssh = handleTest ./systemd-initrd-networkd-ssh.nix {}; + systemd-initrd-networkd-openvpn = handleTest ./initrd-network-openvpn { systemdStage1 = true; }; systemd-journal = handleTest ./systemd-journal.nix {}; systemd-machinectl = handleTest ./systemd-machinectl.nix {}; systemd-networkd = handleTest ./systemd-networkd.nix {}; diff --git a/nixos/tests/ft2-clone.nix b/nixos/tests/ft2-clone.nix index 3c90b3d3fa201..a8395d4ebaa62 100644 --- a/nixos/tests/ft2-clone.nix +++ b/nixos/tests/ft2-clone.nix @@ -26,9 +26,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { machine.wait_for_window(r"Fasttracker") machine.sleep(5) - # One of the few words that actually get recognized - if "Songlen" not in machine.get_screen_text(): - raise Exception("Program did not start successfully") + machine.wait_for_text(r"(Songlen|Repstart|Time|About|Nibbles|Help)") machine.screenshot("screen") ''; }) diff --git a/nixos/tests/initrd-network-openvpn/default.nix b/nixos/tests/initrd-network-openvpn/default.nix index dbb34c28eea74..769049905eb8c 100644 --- a/nixos/tests/initrd-network-openvpn/default.nix +++ b/nixos/tests/initrd-network-openvpn/default.nix @@ -1,3 +1,9 @@ +{ system ? builtins.currentSystem +, config ? {} +, pkgs ? import ../.. { inherit system config; } +, systemdStage1 ? false +}: + import ../make-test-python.nix ({ lib, ...}: { @@ -22,11 +28,12 @@ import ../make-test-python.nix ({ lib, ...}: minimalboot = { ... }: { + boot.initrd.systemd.enable = systemdStage1; boot.initrd.network = { enable = true; openvpn = { enable = true; - configuration = "/dev/null"; + configuration = builtins.toFile "initrd.ovpn" ""; }; }; }; @@ -39,6 +46,17 @@ import ../make-test-python.nix ({ lib, ...}: virtualisation.vlans = [ 1 ]; boot.initrd = { + systemd.enable = systemdStage1; + systemd.extraBin.nc = "${pkgs.busybox}/bin/nc"; + systemd.services.nc = { + requiredBy = ["initrd.target"]; + after = ["network.target"]; + serviceConfig = { + ExecStart = "/bin/nc -p 1234 -lke /bin/echo TESTVALUE"; + Type = "oneshot"; + }; + }; + # This command does not fork to keep the VM in the state where # only the initramfs is loaded preLVMCommands = diff --git a/nixos/tests/initrd-network-ssh/default.nix b/nixos/tests/initrd-network-ssh/default.nix index 0ad0563b0ce15..017de6882081d 100644 --- a/nixos/tests/initrd-network-ssh/default.nix +++ b/nixos/tests/initrd-network-ssh/default.nix @@ -22,10 +22,6 @@ import ../make-test-python.nix ({ lib, ... }: hostKeys = [ ./ssh_host_ed25519_key ]; }; }; - boot.initrd.extraUtilsCommands = '' - mkdir -p $out/secrets/etc/ssh - cat "${./ssh_host_ed25519_key}" > $out/secrets/etc/ssh/sh_host_ed25519_key - ''; boot.initrd.preLVMCommands = '' while true; do if [ -f fnord ]; then diff --git a/nixos/tests/predictable-interface-names.nix b/nixos/tests/predictable-interface-names.nix index 684df9c39246c..42183625c7c93 100644 --- a/nixos/tests/predictable-interface-names.nix +++ b/nixos/tests/predictable-interface-names.nix @@ -8,25 +8,48 @@ let testCombinations = pkgs.lib.cartesianProductOfSets { predictable = [true false]; withNetworkd = [true false]; + systemdStage1 = [true false]; }; -in pkgs.lib.listToAttrs (builtins.map ({ predictable, withNetworkd }: { +in pkgs.lib.listToAttrs (builtins.map ({ predictable, withNetworkd, systemdStage1 }: { name = pkgs.lib.optionalString (!predictable) "un" + "predictable" - + pkgs.lib.optionalString withNetworkd "Networkd"; + + pkgs.lib.optionalString withNetworkd "Networkd" + + pkgs.lib.optionalString systemdStage1 "SystemdStage1"; value = makeTest { - name = "${pkgs.lib.optionalString (!predictable) "un"}predictableInterfaceNames${pkgs.lib.optionalString withNetworkd "-with-networkd"}"; + name = pkgs.lib.optionalString (!predictable) "un" + "predictableInterfaceNames" + + pkgs.lib.optionalString withNetworkd "-with-networkd" + + pkgs.lib.optionalString systemdStage1 "-systemd-stage-1"; meta = {}; - nodes.machine = { lib, ... }: { + nodes.machine = { lib, ... }: let + script = '' + ip link + if ${lib.optionalString predictable "!"} ip link show eth0; then + echo Success + else + exit 1 + fi + ''; + in { networking.usePredictableInterfaceNames = lib.mkForce predictable; networking.useNetworkd = withNetworkd; networking.dhcpcd.enable = !withNetworkd; networking.useDHCP = !withNetworkd; # Check if predictable interface names are working in stage-1 - boot.initrd.postDeviceCommands = '' - ip link - ip link show eth0 ${if predictable then "&&" else "||"} exit 1 - ''; + boot.initrd.postDeviceCommands = script; + + boot.initrd.systemd = lib.mkIf systemdStage1 { + enable = true; + initrdBin = [ pkgs.iproute2 ]; + services.systemd-udev-settle.wantedBy = ["initrd.target"]; + services.check-interfaces = { + requiredBy = ["initrd.target"]; + after = ["systemd-udev-settle.service"]; + serviceConfig.Type = "oneshot"; + path = [ pkgs.iproute2 ]; + inherit script; + }; + }; }; testScript = '' diff --git a/nixos/tests/systemd-initrd-networkd-ssh.nix b/nixos/tests/systemd-initrd-networkd-ssh.nix new file mode 100644 index 0000000000000..943552613be99 --- /dev/null +++ b/nixos/tests/systemd-initrd-networkd-ssh.nix @@ -0,0 +1,82 @@ +import ./make-test-python.nix ({ lib, ... }: { + name = "systemd-initrd-network-ssh"; + meta.maintainers = [ lib.maintainers.elvishjerricco ]; + + nodes = with lib; { + server = { config, pkgs, ... }: { + environment.systemPackages = [pkgs.cryptsetup]; + boot.loader.systemd-boot.enable = true; + boot.loader.timeout = 0; + virtualisation = { + emptyDiskImages = [ 4096 ]; + useBootLoader = true; + useEFIBoot = true; + }; + + specialisation.encrypted-root.configuration = { + virtualisation.bootDevice = "/dev/mapper/root"; + boot.initrd.luks.devices = lib.mkVMOverride { + root.device = "/dev/vdc"; + }; + boot.initrd.systemd.enable = true; + boot.initrd.network = { + enable = true; + ssh = { + enable = true; + authorizedKeys = [ (readFile ./initrd-network-ssh/id_ed25519.pub) ]; + port = 22; + # Terrible hack so it works with useBootLoader + hostKeys = [ { outPath = "${./initrd-network-ssh/ssh_host_ed25519_key}"; } ]; + }; + }; + }; + }; + + client = { config, ... }: { + environment.etc = { + knownHosts = { + text = concatStrings [ + "server," + "${ + toString (head (splitString " " (toString + (elemAt (splitString "\n" config.networking.extraHosts) 2)))) + } " + "${readFile ./initrd-network-ssh/ssh_host_ed25519_key.pub}" + ]; + }; + sshKey = { + source = ./initrd-network-ssh/id_ed25519; + mode = "0600"; + }; + }; + }; + }; + + testScript = '' + start_all() + + def ssh_is_up(_) -> bool: + status, _ = client.execute("nc -z server 22") + return status == 0 + + server.wait_for_unit("multi-user.target") + server.succeed( + "echo somepass | cryptsetup luksFormat --type=luks2 /dev/vdc", + "bootctl set-default nixos-generation-1-specialisation-encrypted-root.conf", + "sync", + ) + server.shutdown() + server.start() + + client.wait_for_unit("network.target") + with client.nested("waiting for SSH server to come up"): + retry(ssh_is_up) + + client.succeed( + "echo somepass | ssh -i /etc/sshKey -o UserKnownHostsFile=/etc/knownHosts server 'systemd-tty-ask-password-agent' & exit" + ) + + server.wait_for_unit("multi-user.target") + server.succeed("mount | grep '/dev/mapper/root on /'") + ''; +}) diff --git a/nixos/tests/systemd-initrd-networkd.nix b/nixos/tests/systemd-initrd-networkd.nix new file mode 100644 index 0000000000000..00ecbec5613c4 --- /dev/null +++ b/nixos/tests/systemd-initrd-networkd.nix @@ -0,0 +1,74 @@ +import ./make-test-python.nix ({ pkgs, lib, ... }: { + name = "systemd-initrd-network"; + meta.maintainers = [ lib.maintainers.elvishjerricco ]; + + nodes = let + mkFlushTest = flush: script: { ... }: { + boot.initrd.systemd.enable = true; + boot.initrd.network = { + enable = true; + flushBeforeStage2 = flush; + }; + systemd.services.check-flush = { + requiredBy = ["multi-user.target"]; + before = ["network-pre.target" "multi-user.target"]; + unitConfig.DefaultDependencies = false; + serviceConfig.Type = "oneshot"; + path = [ pkgs.iproute2 pkgs.iputils pkgs.gnugrep ]; + inherit script; + }; + }; + in { + basic = { ... }: { + boot.initrd.network.enable = true; + + boot.initrd.systemd = { + enable = true; + # Enable network-online to fail the test in case of timeout + network.wait-online.timeout = 10; + network.wait-online.anyInterface = true; + targets.network-online.requiredBy = [ "initrd.target" ]; + services.systemd-networkd-wait-online.requiredBy = + [ "network-online.target" ]; + + initrdBin = [ pkgs.iproute2 pkgs.iputils pkgs.gnugrep ]; + services.check = { + requiredBy = [ "initrd.target" ]; + before = [ "initrd.target" ]; + after = [ "network-online.target" ]; + serviceConfig.Type = "oneshot"; + path = [ pkgs.iproute2 pkgs.iputils pkgs.gnugrep ]; + script = '' + ip addr | grep 10.0.2.15 || exit 1 + ping -c1 10.0.2.2 || exit 1 + ''; + }; + }; + }; + + doFlush = mkFlushTest true '' + if ip addr | grep 10.0.2.15; then + echo "Network configuration survived switch-root; flushBeforeStage2 failed" + exit 1 + fi + ''; + + dontFlush = mkFlushTest false '' + if ! (ip addr | grep 10.0.2.15); then + echo "Network configuration didn't survive switch-root" + exit 1 + fi + ''; + }; + + testScript = '' + start_all() + basic.wait_for_unit("multi-user.target") + doFlush.wait_for_unit("multi-user.target") + dontFlush.wait_for_unit("multi-user.target") + # Make sure the systemd-network user was set correctly in initrd + basic.succeed("[ $(stat -c '%U,%G' /run/systemd/netif/links) = systemd-network,systemd-network ]") + basic.succeed("ip addr show >&2") + basic.succeed("ip route show >&2") + ''; +}) diff --git a/nixos/tests/systemd-initrd-simple.nix b/nixos/tests/systemd-initrd-simple.nix index f7f4863d17e35..a6a22e9d48e06 100644 --- a/nixos/tests/systemd-initrd-simple.nix +++ b/nixos/tests/systemd-initrd-simple.nix @@ -27,6 +27,8 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { machine.succeed("[ -e /dev/pts/ptmx ]") # /dev/pts machine.succeed("[ -e /run/keys ]") # /run/keys + with subtest("groups work"): + machine.fail("journalctl -b 0 | grep 'systemd-udevd.*Unknown group.*ignoring'") with subtest("growfs works"): oldAvail = machine.succeed("df --output=avail / | sed 1d") |