1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
{
name = "dnyarri-luks2-bcache";
nodes.machine = { pkgs, ... }: {
environment.systemPackages = [
pkgs.cryptsetup pkgs.bcache-tools pkgs.btrfs-progs
];
virtualisation.memorySize = 2048;
virtualisation.emptyDiskImages = [ 5 2048 2048 512 ];
};
nodes.newmachine = { pkgs, lib, ... }: {
virtualisation.memorySize = 2048;
virtualisation.emptyDiskImages = [ 5 2048 2048 512 ];
boot.initrd.luks.devices = lib.mkOverride 0 {
test1.device = "/dev/disk/by-uuid/07b821b9-0912-4f03-9ebc-89f41704caff";
test1.keyFile = "/dev/vdb";
test2.device = "/dev/disk/by-uuid/d140fd40-bb3c-48b5-98e0-b75878dbce66";
test2.keyFile = "/dev/vdb";
};
boot.initrd.availableKernelModules = [ "bcache" ];
boot.initrd.postMountCommands = ''
test 'hello test' = "$(cat /mnt-root/test/hi.txt)" || exit 1
'';
fileSystems = lib.mkVMOverride {
"/test" = {
fsType = "btrfs";
label = "testfs";
neededForBoot = true;
};
};
};
testScript = let
luksOpts = "--type LUKS2 --pbkdf argon2id -s 512 -h sha512";
luksFormat = "cryptsetup luksFormat -q ${luksOpts}";
uuid1 = "07b821b9-0912-4f03-9ebc-89f41704caff";
uuid2 = "d140fd40-bb3c-48b5-98e0-b75878dbce66";
in ''
$machine->waitForUnit('multi-user.target');
$machine->nest('setting up LUKS2 and bcache backing devices', sub {
$machine->succeed('dd if=/dev/urandom of=/dev/vdb bs=1 count=200');
$machine->succeed('make-bcache -B /dev/vdc');
$machine->succeed('make-bcache -B /dev/vdd');
$machine->waitUntilSucceeds(
'[ $(echo /dev/bcache[0-9]* | wc -w) -eq 2 ]'
);
my $bcache1 = $machine->succeed('ls -1 /dev/bcache[0-9]* | head -n1');
chomp $bcache1;
my $bcache2 = $machine->succeed('ls -1 /dev/bcache[0-9]* | tail -n1');
chomp $bcache2;
$machine->succeed(
"${luksFormat} $bcache1 --uuid ${uuid1} /dev/vdb",
"cryptsetup open $bcache1 l1 --key-file=/dev/vdb",
);
$machine->succeed(
"${luksFormat} $bcache2 --uuid ${uuid2} /dev/vdb",
"cryptsetup open $bcache2 l2 --key-file=/dev/vdb",
);
$machine->succeed(
'mkfs.btrfs -L testfs -m raid1 -d raid1 /dev/mapper/l1 /dev/mapper/l2',
'btrfs dev scan',
'mkdir /mnt-test',
'mount /dev/disk/by-label/testfs /mnt-test',
'echo hello test > /mnt-test/hi.txt',
'umount /mnt-test',
'cryptsetup close l1',
'cryptsetup close l2',
);
});
$machine->nest('rebooting into new configuration', sub {
$machine->shutdown;
$newmachine->{stateDir} = $machine->{stateDir};
$newmachine->waitForUnit('multi-user.target');
});
my $bcache1 =
$newmachine->succeed('cd /dev; ls -1 bcache[0-9]* | head -n1');
chomp $bcache1;
my $bcache2 =
$newmachine->succeed('cd /dev; ls -1 bcache[0-9]* | tail -n1');
chomp $bcache2;
$machine->nest('attaching bcache cache device', sub {
my $csetuuid = $newmachine->succeed(
'make-bcache -C /dev/vde | sed -n -e "s/^Set UUID:[^a-f0-9]*//p"'
);
$newmachine->succeed(
"echo $csetuuid > /sys/block/$bcache1/bcache/attach",
"echo writeback > /sys/block/$bcache1/bcache/cache_mode",
"echo $csetuuid > /sys/block/$bcache2/bcache/attach",
"echo writeback > /sys/block/$bcache2/bcache/cache_mode"
);
});
$machine->nest('write random files to test file system', sub {
$newmachine->succeed(
'for i in $(seq 100); do'.
' dd if=/dev/urandom of="/test/randfile.$i" bs=1 count=100;'.
' sha256sum "/test/randfile.$i" > "/test/randfile.$i.sha256"; '.
'done'
);
});
$machine->nest('reboot to clear disk buffers', sub {
$newmachine->shutdown;
$newmachine->waitForUnit('multi-user.target');
});
$machine->nest('verifying contents of random files created earlier', sub {
$newmachine->succeed(
'for i in $(seq 100); do'.
' sha256sum "/test/randfile.$i" | cmp - "/test/randfile.$i.sha256"'.
' || exit 1; '.
'done'
);
});
'';
}
|