diff options
author | CRTified <carl.schneider+github@ruhr-uni-bochum.de> | 2020-07-01 00:02:56 +0200 |
---|---|---|
committer | CRTified <carl.schneider+github@ruhr-uni-bochum.de> | 2020-07-01 00:08:55 +0200 |
commit | c684398c6afaf90d9dc86466ca36e4ea3263d77f (patch) | |
tree | 6f23155192f60b955ab85c436c40e0806039e438 /nixos/tests/initrd-network-openvpn/initrd.ovpn | |
parent | db5bbef31fa05b9634fa6ea9a5afbea463da88ea (diff) | |
download | nixpkgs-c684398c6afaf90d9dc86466ca36e4ea3263d77f.tar nixpkgs-c684398c6afaf90d9dc86466ca36e4ea3263d77f.tar.gz nixpkgs-c684398c6afaf90d9dc86466ca36e4ea3263d77f.tar.bz2 nixpkgs-c684398c6afaf90d9dc86466ca36e4ea3263d77f.tar.lz nixpkgs-c684398c6afaf90d9dc86466ca36e4ea3263d77f.tar.xz nixpkgs-c684398c6afaf90d9dc86466ca36e4ea3263d77f.tar.zst nixpkgs-c684398c6afaf90d9dc86466ca36e4ea3263d77f.zip |
nixos/system/boot/initrd-openvpn: Add openvpn options for initrd
nixos/tests/initrd-openvpn: Add test for openvpn in the initramfs The module in this commit adds new options that allows the integration of an OpenVPN client into the initrd. This can be used e.g. to remotely unlock LUKS devices. This commit also adds two tests for `boot.initrd.network.openvpn`. The first one is a basic test to validate that a failing connection does not prevent the machine from booting. The second test validates that this module actually creates a valid openvpn connection. For this, it spawns three nodes: - The client that uses boot.initrd.network.openvpn - An OpenVPN server that acts as gateway and forwards a port to the client - A node that is external to the OpenVPN network The client connects to the OpenVPN server and spawns a netcat instance that echos a value to every client. Afterwards, the external node checks if it receives this value over the forwarded port on the OpenVPN gateway.
Diffstat (limited to 'nixos/tests/initrd-network-openvpn/initrd.ovpn')
-rw-r--r-- | nixos/tests/initrd-network-openvpn/initrd.ovpn | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/nixos/tests/initrd-network-openvpn/initrd.ovpn b/nixos/tests/initrd-network-openvpn/initrd.ovpn new file mode 100644 index 00000000000..5926a48af00 --- /dev/null +++ b/nixos/tests/initrd-network-openvpn/initrd.ovpn @@ -0,0 +1,29 @@ +remote 192.168.1.3 +dev tun +ifconfig 10.8.0.2 10.8.0.1 +# Only force VLAN 2 through the VPN +route 192.168.2.0 255.255.255.0 10.8.0.1 +secret [inline] +<secret> +# +# 2048 bit OpenVPN static key +# +-----BEGIN OpenVPN Static key V1----- +553aabe853acdfe51cd6fcfea93dcbb0 +c8797deadd1187606b1ea8f2315eb5e6 +67c0d7e830f50df45686063b189d6c6b +aab8bb3430cc78f7bb1f78628d5c3742 +0cef4f53a5acab2894905f4499f95d8e +e69b7b6748b17016f89e19e91481a9fd +bf8c10651f41a1d4fdf5f438925a6733 +13cec8f04701eb47b8f7ffc48bc3d7af +65f07bce766015b87c3db4d668c655ff +be5a69522a8e60ccb217f8521681b45d +27c0b70bdfbfbb426c7646d80adf7482 +3ddac58b25cb1c1bb100de974478b4c6 +8b45a94261a2405e99810cb2b3abd49f +21b3198ada87ff3c4e656a008e540a8d +e7811584363597599cce2040a68ac00e +f2125540e0f7f4adc37cb3f0d922eeb7 +-----END OpenVPN Static key V1----- +</secret> \ No newline at end of file |