diff options
Diffstat (limited to 'nixos/tests/wstunnel.nix')
-rw-r--r-- | nixos/tests/wstunnel.nix | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/nixos/tests/wstunnel.nix b/nixos/tests/wstunnel.nix new file mode 100644 index 0000000000000..3bbc295568fb7 --- /dev/null +++ b/nixos/tests/wstunnel.nix @@ -0,0 +1,96 @@ +let + certs = import ./common/acme/server/snakeoil-certs.nix; + domain = certs.domain; +in + +{ + name = "wstunnel"; + + nodes = { + server = { + virtualisation.vlans = [ 1 ]; + + security.pki.certificateFiles = [ certs.ca.cert ]; + + networking = { + useNetworkd = true; + useDHCP = false; + firewall.enable = false; + }; + + systemd.network.networks."01-eth1" = { + name = "eth1"; + networkConfig.Address = "10.0.0.1/24"; + }; + + services.wstunnel = { + enable = true; + servers.my-server = { + listen = { + host = "10.0.0.1"; + port = 443; + }; + tlsCertificate = certs.${domain}.cert; + tlsKey = certs.${domain}.key; + }; + }; + }; + + client = { + virtualisation.vlans = [ 1 ]; + + security.pki.certificateFiles = [ certs.ca.cert ]; + + networking = { + useNetworkd = true; + useDHCP = false; + firewall.enable = false; + extraHosts = '' + 10.0.0.1 ${domain} + ''; + }; + + systemd.network.networks."01-eth1" = { + name = "eth1"; + networkConfig.Address = "10.0.0.2/24"; + }; + + services.wstunnel = { + enable = true; + clients.my-client = { + autoStart = false; + connectTo = "wss://${domain}:443"; + localToRemote = [ + "tcp://8080:localhost:2080" + ]; + remoteToLocal = [ + "tcp://2081:localhost:8081" + ]; + }; + }; + }; + }; + + testScript = /* python */ '' + start_all() + server.wait_for_unit("wstunnel-server-my-server.service") + client.wait_for_open_port(443, "10.0.0.1") + + client.systemctl("start wstunnel-client-my-client.service") + client.wait_for_unit("wstunnel-client-my-client.service") + + with subtest("connection from client to server"): + server.succeed("nc -l 2080 >/tmp/msg &") + client.sleep(1) + client.succeed('nc -w1 localhost 8080 <<<"Hello from client"') + server.succeed('grep "Hello from client" /tmp/msg') + + with subtest("connection from server to client"): + client.succeed("nc -l 8081 >/tmp/msg &") + server.sleep(1) + server.succeed('nc -w1 localhost 2081 <<<"Hello from server"') + client.succeed('grep "Hello from server" /tmp/msg') + + client.systemctl("stop wstunnel-client-my-client.service") + ''; +} |