From 00347e9537d6e6ddef599094429a1ac5392d6f28 Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Sat, 18 Jan 2020 01:09:49 +0100
Subject: nixos/cloud-init: actually test ssh'ing, also, with
 cloud-init-created user

---
 nixos/tests/cloud-init.nix | 47 ++++++++++++++++++++++++++++++++++------------
 1 file changed, 35 insertions(+), 12 deletions(-)

diff --git a/nixos/tests/cloud-init.nix b/nixos/tests/cloud-init.nix
index 8debb9e8ed9b4..d23e9c64b373d 100644
--- a/nixos/tests/cloud-init.nix
+++ b/nixos/tests/cloud-init.nix
@@ -7,6 +7,9 @@ with import ../lib/testing-python.nix { inherit system pkgs; };
 with pkgs.lib;
 
 let
+  inherit (import ./ssh-keys.nix pkgs)
+    snakeOilPrivateKey snakeOilPublicKey;
+
   metadataDrive = pkgs.stdenv.mkDerivation {
     name = "metadata";
     buildCommand = ''
@@ -18,14 +21,19 @@ let
       -   content: |
                 cloudinit
           path: /tmp/cloudinit-write-file
+
+      users:
+        - default
+        - name: nixos
+          ssh_authorized_keys:
+            - "${snakeOilPublicKey}"
       EOF
 
       cat << EOF > $out/iso/meta-data
       instance-id: iid-local01
       local-hostname: "test"
       public-keys:
-        ec2-keypair.us-east-1:
-          - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5L7Xuh49VS5VQheFE7VDmXKH0BOnB1R0avAE91QgOB root@test
+        - "${snakeOilPublicKey}"
       EOF
       ${pkgs.cdrkit}/bin/genisoimage -volid cidata -joliet -rock -o $out/metadata.iso $out/iso
       '';
@@ -35,17 +43,32 @@ in makeTest {
   meta = with pkgs.stdenv.lib.maintainers; {
     maintainers = [ lewo ];
   };
-  machine =
-    { ... }:
-    {
-      virtualisation.qemu.options = [ "-cdrom" "${metadataDrive}/metadata.iso" ];
-      services.cloud-init.enable = true;
-    };
+  machine = { ... }:
+  {
+    virtualisation.qemu.options = [ "-cdrom" "${metadataDrive}/metadata.iso" ];
+    services.cloud-init.enable = true;
+    services.openssh.enable = true;
+
+  };
   testScript = ''
-      machine.start()
-      machine.wait_for_unit("cloud-init.service")
-      machine.succeed("cat /tmp/cloudinit-write-file | grep -q 'cloudinit'")
+    machine.wait_for_unit("cloud-init.service")
+    machine.succeed("cat /tmp/cloudinit-write-file | grep -q 'cloudinit'")
+
+    # install snakeoil ssh key and provision .ssh/config file
+    machine.succeed("mkdir -p ~/.ssh")
+    machine.succeed(
+        "cat ${snakeOilPrivateKey} > ~/.ssh/id_snakeoil"
+    )
+    machine.succeed("chmod 600 ~/.ssh/id_snakeoil")
+
+    machine.wait_for_unit("sshd.service")
 
-      machine.wait_until_succeeds("cat /root/.ssh/authorized_keys | grep -q root@test")
+    # we should be able to log in as the root user, as well as the created nixos user
+    machine.succeed(
+        "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentityFile=~/.ssh/id_snakeoil root@localhost 'true'"
+    )
+    machine.succeed(
+        "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentityFile=~/.ssh/id_snakeoil nixos@localhost 'true'"
+    )
   '';
 }
-- 
cgit 1.4.1