diff options
| author | aszlig <aszlig@redmoonstudios.org> | 2017-07-06 02:05:00 +0200 |
|---|---|---|
| committer | aszlig <aszlig@redmoonstudios.org> | 2017-07-06 02:05:00 +0200 |
| commit | f3726ed98fa9cbd8971786ce8ee1523352471727 (patch) | |
| tree | 659d8f2ec842e6ea5e7fff1dae1667b4d598daa5 | |
| parent | a6c365df63db28eb73adb7b89250dbacb791e920 (diff) | |
Remove service and tests for multipath-vpn
The service and test has been broken for a long time now and nobody really has any interest in using it or even fixing it, so I'm removing it to decrease the amount of crap we have in there. If somebody still wants to use this someday we can still bring it back. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
| -rw-r--r-- | modules/module-list.nix | 2 | ||||
| -rw-r--r-- | modules/services/multipath-vpn.nix | 246 | ||||
| -rw-r--r-- | tests/default.nix | 4 | ||||
| -rw-r--r-- | tests/richi235/multipath-vpn.nix | 189 |
4 files changed, 0 insertions, 441 deletions
diff --git a/modules/module-list.nix b/modules/module-list.nix index ca3172fb..aa05c117 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -9,8 +9,6 @@ ./hardware/thinkpad.nix ./programs/gnupg ./programs/fish/fasd.nix - # broken - # ./services/multipath-vpn.nix ./services/postfix ./services/starbound.nix ./system/iso.nix diff --git a/modules/services/multipath-vpn.nix b/modules/services/multipath-vpn.nix deleted file mode 100644 index c6c318aa..00000000 --- a/modules/services/multipath-vpn.nix +++ /dev/null @@ -1,246 +0,0 @@ -{ config, pkgs, lib, ... }: - -with lib; - -let - deps = with pkgs.perlPackages; rec { - IOInterface = buildPerlPackage { - name = "IO-Interface-1.09"; - src = fetchurl { - url = mirror://cpan/authors/id/L/LD/LDS/IO-Interface-1.09.tar.gz; - sha256 = "0fkizbclng7jaxkwj9cr2wby34r45mazb0yrq87fdq5i5v2q2gp6"; - }; - buildInputs = [ ModuleBuild ]; - preConfigure = "touch Makefile.PL"; - buildPhase = "perl Build.PL --prefix=$out; ./Build build"; - installPhase = "./Build install"; - checkPhase = "./Build test"; - }; - - IOPipely = buildPerlPackage { - name = "IO-Pipely-0.005"; - src = fetchurl { - url = mirror://cpan/authors/id/R/RC/RCAPUTO/IO-Pipely-0.005.tar.gz; - sha256 = "0x1fkwbkbkhxf0cvz08yj24hm9c775i1xx8khlqfwiibrgsnqfz3"; - }; - }; - - ModuleBuild = buildPerlPackage { - name = "Module-Build-0.4211"; - src = fetchurl { - url = mirror://cpan/authors/id/L/LE/LEONT/Module-Build-0.4211.tar.gz; - sha256 = "1c5hfhajr963w4mdjivsc7yz4vf4pz1rrfch5a93fbac1x2mr58h"; - }; - doCheck = false; - }; - - POE = buildPerlPackage { - name = "POE-1.366"; - src = fetchurl { - url = mirror://cpan/authors/id/R/RC/RCAPUTO/POE-1.366.tar.gz; - sha256 = "08qmb45clkjw2ni9dl5y1fa4ifrinvbvvcgh7r20ls32frw034xl"; - }; - buildInputs = [ POETestLoops ]; - propagatedBuildInputs = [ IOPipely IOTty POETestLoops ]; - }; - - POETestLoops = buildPerlPackage { - name = "POE-Test-Loops-1.360"; - src = fetchurl { - url = mirror://cpan/authors/id/R/RC/RCAPUTO/POE-Test-Loops-1.360.tar.gz; - sha256 = "0yx4wsljfmdzsiv0ni98x6lw975cm82ahngbwqvzv60wx5pwkl5y"; - }; - }; - - POEWheelUDP = pkgs.buildPerlPackage { - name = "POE-Wheel-UDP-0.02"; - src = fetchurl { - url = mirror://cpan/authors/id/H/HA/HACHI/POE-Wheel-UDP-0.02.tar.gz; - sha256 = "0d611cqpmq7svmxq6pbjb59b97x5zh2z4lc11f8zjmci98nag2g6"; - }; - propagatedBuildInputs = [ POE ]; - }; - }; - - linkOptions = { name, ... }: { - options = { - interface = mkOption { - type = types.str; - description = '' - IP address or interface name to connect to the relay. - ''; - }; - - sourcePort = mkOption { - type = types.int; - default = 11218; - description = '' - Local UDP port to use for connecting to the other endpoint. - ''; - }; - - destAddress = mkOption { - type = types.str; - description = '' - Remote UDP host or IP of the other endpoint. - ''; - }; - - destPort = mkOption { - type = types.int; - default = 11218; - description = '' - Remote UDP port the other endpoint is listening. - ''; - }; - - ratio = mkOption { - type = types.int; - default = 1; - description = '' - Defines how many packets the remote endpoint is getting in relation to - the other defined links. - ''; - }; - }; - }; - - commonOptions = { - links = mkOption { - default = {}; - type = types.attrsOf (types.submodule linkOptions); - description = '' - Links used to connect to the remote endpoint (server). - ''; - }; - - tun.ip = mkOption { - type = types.str; - description = '' - IP address of the TUN interface used for communicating to/from the - outside of the tunnel. - ''; - }; - - tun.mask = mkOption { - type = types.int; - description = '' - Network prefix length to use for the TUN interface. - ''; - }; - - tun.mtu = mkOption { - type = types.int; - default = 1500; - description = '' - Maximum transfer unit for the TUN interface. - ''; - }; - - route.network = mkOption { - type = types.str; - description = '' - Network address of the auto-enabled route. - ''; - }; - - route.mask = mkOption { - type = types.int; - description = '' - Network prefix length of the auto-enabled route. - ''; - }; - - route.gateway = mkOption { - type = types.str; - description = '' - Gateway address of the auto-enabled route. - ''; - }; - }; - - clientOptions = commonOptions // { - enable = mkEnableOption "Multipath VPN Client"; - }; - - serverOptions = commonOptions // { - enable = mkEnableOption "Multipath VPN Server"; - }; - - genConfig = name: cfg: mkIf cfg.enable (let - attrs = if name == "client" then { - descName = "Client"; - } else if name == "server" then { - descName = "Server"; - } else throw "Invalid multipath VPN config mode"; - - mpvpn = pkgs.stdenv.mkDerivation rec { - name = "multipath-vpn"; - - src = pkgs.fetchFromGitHub { - owner = "richi235"; - repo = name; - rev = "51729f7bb24b5361c90469c60f67df0c8b4e2371"; - sha256 = "1p2i1m649nhrylqz2grc5nxwgzqq1rnwkzk7iipdxabx2164ahaq"; - }; - - configFile = pkgs.writeText "mpvpn.conf" '' - ${concatStringsSep "\n" (mapAttrsToList ( - name: attrs: concatStringsSep "\t" [ - "link" name attrs.interface - (toString attrs.sourcePort) - attrs.destAddress - (toString attrs.destPort) - (toString attrs.ratio) - ] - ) cfg.links)} - - ${concatStringsSep "\t" [ - "local" cfg.tun.ip (toString cfg.tun.mask) (toString cfg.tun.mtu) - ]} - - ${concatStringsSep "\t" [ - "route" cfg.route.network (toString cfg.route.mask) cfg.route.gateway - ]} - ''; - - buildPhase = "true"; - buildInputs = [ - pkgs.makeWrapper pkgs.perl - deps.POEWheelUDP deps.IOInterface - ]; - installPhase = '' - mkdir -p "$out/bin" - - sed -e "s,/etc/multivpn.cfg,$configFile," \ - -e 's/detect+handle_local_ip_change/handle_local_ip_change/g' \ - vpn_client_and_server.pl > "$out/bin/multipath-vpn" - - chmod +x "$out/bin/multipath-vpn" - wrapProgram $out/bin/multipath-vpn --set PERL5LIB $PERL5LIB - ''; - }; - in { - systemd.services."multipath-vpn-${name}" = { - description = "Multipath VPN ${attrs.descName}"; - after = [ "network-interfaces.target" ]; - wantedBy = [ "multi-user.target" ]; - path = [ pkgs.iptables pkgs.nettools pkgs.iproute pkgs.bridge-utils ]; - serviceConfig.ExecStart = "@${mpvpn}/bin/multipath-vpn multipath-vpn"; - }; - }); - -in { - options.vuizvui.services.multipath-vpn.client = commonOptions // { - enable = mkEnableOption "Multipath VPN Client"; - }; - - options.vuizvui.services.multipath-vpn.server = commonOptions // { - enable = mkEnableOption "Multipath VPN Server"; - }; - - config = mkMerge [ - (genConfig "client" config.vuizvui.services.multipath-vpn.client) - (genConfig "server" config.vuizvui.services.multipath-vpn.server) - ]; -} diff --git a/tests/default.nix b/tests/default.nix index d9c00a24..31fa8154 100644 --- a/tests/default.nix +++ b/tests/default.nix @@ -15,8 +15,4 @@ in { system = { kernel.bfq = callTest ./system/kernel/bfq.nix; }; - richi235 = { - # Currently broken - #multipath-vpn = callTest ./richi235/multipath-vpn.nix; - }; } diff --git a/tests/richi235/multipath-vpn.nix b/tests/richi235/multipath-vpn.nix deleted file mode 100644 index 3595b074..00000000 --- a/tests/richi235/multipath-vpn.nix +++ /dev/null @@ -1,189 +0,0 @@ -{ - name = "multipath-test"; - - nodes = let - common = { lib, ... }: { - networking.firewall.enable = false; - networking.useNetworkd = true; - systemd.network.netdevs."40-eth0".netdevConfig = { - Name = "eth0"; - Kind = "dummy"; - }; - }; - - in { - client = { lib, ... }: { - imports = [ common ]; - virtualisation.vlans = [ 10 ]; - networking.defaultGateway = "42.0.0.1"; - networking.interfaces.eth1.ip4 = lib.singleton { - address = "42.0.0.2"; - prefixLength = 8; - }; - }; - mtc = { lib, nodes, ... }: { - imports = [ common ]; - virtualisation.vlans = [ 1 2 10 ]; - networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { - address = "1.0.0.2"; - prefixLength = 8; - }); - networking.interfaces.eth2.ip4 = lib.mkForce (lib.singleton { - address = "2.0.0.2"; - prefixLength = 8; - }); - networking.interfaces.eth3.ip4 = lib.mkForce (lib.singleton { - address = "42.0.0.1"; - prefixLength = 8; - }); - systemd.network.networks."40-eth1".routes = lib.singleton { - routeConfig.Gateway = "1.0.0.1"; - routeConfig.Destination = "10.0.0.0/8"; - }; - systemd.network.networks."40-eth2".routes = lib.singleton { - routeConfig.Gateway = "2.0.0.1"; - routeConfig.Destination = "11.0.0.0/8"; - }; - vuizvui.services.multipath-vpn.client.enable = true; - vuizvui.services.multipath-vpn.client.links.vlan1 = { - interface = "eth1"; - destAddress = "10.0.0.1"; - }; - vuizvui.services.multipath-vpn.client.links.vlan2 = { - interface = "eth2"; - destAddress = "11.0.0.1"; - }; - vuizvui.services.multipath-vpn.client.tun = { - ip = "192.168.66.2"; - mask = 24; - }; - vuizvui.services.multipath-vpn.client.route = { - network = "0.0.0.0"; - mask = 0; - gateway = "192.168.66.1"; - }; - }; - relay1 = { lib, ... }: { - imports = [ common ]; - virtualisation.vlans = [ 1 3 ]; - networking.useDHCP = false; - networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { - address = "1.0.0.1"; - prefixLength = 8; - }); - networking.interfaces.eth2.ip4 = lib.mkForce (lib.singleton { - address = "10.0.0.2"; - prefixLength = 8; - }); - systemd.network.networks."40-eth2".routes = lib.singleton { - routeConfig.Gateway = "10.0.0.1"; - routeConfig.Destination = "10.0.0.0/8"; - }; - networking.nat.enable = true; - networking.nat.internalInterfaces = [ "eth1" ]; - networking.nat.externalInterface = "eth2"; - }; - relay2 = { lib, ... }: { - imports = [ common ]; - virtualisation.vlans = [ 2 4 ]; - networking.useDHCP = false; - networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { - address = "2.0.0.1"; - prefixLength = 8; - }); - networking.interfaces.eth2.ip4 = lib.mkForce (lib.singleton { - address = "11.0.0.2"; - prefixLength = 8; - }); - systemd.network.networks."40-eth2".routes = lib.singleton { - routeConfig.Gateway = "11.0.0.1"; - routeConfig.Destination = "11.0.0.0/8"; - }; - networking.nat.enable = true; - networking.nat.internalInterfaces = [ "eth1" ]; - networking.nat.externalInterface = "eth2"; - }; - mts = { lib, ... }: { - imports = [ common ]; - virtualisation.vlans = [ 3 4 5 ]; - networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { - address = "10.0.0.1"; - prefixLength = 8; - }); - networking.interfaces.eth2.ip4 = lib.mkForce (lib.singleton { - address = "11.0.0.1"; - prefixLength = 8; - }); - networking.interfaces.eth3.ip4 = lib.mkForce (lib.singleton { - address = "6.6.6.42"; - prefixLength = 8; - }); - networking.nat.enable = true; - #networking.nat.internalInterfaces = [ "tun0" ]; - networking.nat.externalInterface = "eth3"; - vuizvui.services.multipath-vpn.server.enable = true; - vuizvui.services.multipath-vpn.server.links.vlan3 = { - interface = "eth1"; - destAddress = "0"; # XXX - destPort = 0; # XXX - }; - vuizvui.services.multipath-vpn.server.links.vlan4 = { - interface = "eth2"; - destAddress = "0"; # XXX - destPort = 0; # XXX - }; - vuizvui.services.multipath-vpn.server.tun = { - ip = "192.168.66.1"; - mask = 24; - }; - vuizvui.services.multipath-vpn.server.route = { - #network = "192.168.0.0"; - #network = "6.0.0.0"; - #mask = 8; - network = "0.0.0.0"; - mask = 0; - gateway = "192.168.66.2"; - }; - }; - zs = { lib, ... }: { - imports = [ common ]; - virtualisation.vlans = [ 5 ]; - networking.interfaces.eth1.ip4 = lib.mkForce (lib.singleton { - address = "6.6.6.23"; - prefixLength = 8; - }); - }; - }; - - testScript = { nodes, ... }: '' - startAll; - $mtc->waitForUnit("multipath-vpn-client.service"); - $mts->waitForUnit("multipath-vpn-server.service"); - - $mtc->sleep(30); - - subtest "test network topology", sub { - $mtc->succeed("ping -c1 10.0.0.1 >&2"); - $mtc->succeed("ping -c1 11.0.0.1 >&2"); - $mts->succeed("ping -c1 6.6.6.23 >&2"); - }; - - subtest "test tunnel connectivity", sub { - $client->execute("ifconfig >&2"); - $client->execute("ip route >&2"); - $zs->execute("ifconfig >&2"); - $zs->execute("ip route >&2"); - - $mtc->execute("ifconfig >&2"); - $mtc->execute("ip route >&2"); - $mts->execute("ifconfig >&2"); - $mts->execute("ip route >&2"); - - $mtc->succeed("ping -c1 192.168.66.1 >&2"); - $mtc->succeed("ping -c1 6.6.6.23 >&2"); - - #$client->succeed("ping -c1 192.168.66.1 >&2"); - $client->succeed("ping -c1 6.6.6.23 >&2"); - }; - ''; -} |