diff options
author | Félix Baylac-Jacqué <felix@alternativebit.fr> | 2020-02-29 19:34:48 +0100 |
---|---|---|
committer | Félix Baylac-Jacqué <felix@alternativebit.fr> | 2020-03-02 15:37:40 +0100 |
commit | 9897d83f5863cbf19ac9eab621b3997ae463d756 (patch) | |
tree | d9850669a515e2c49d1cf54219034a047387d57c /nixos/tests/systemd-networkd-wireguard.nix | |
parent | 611d765b76d7e97f2618cb04a5d1c1604496cac9 (diff) | |
download | nixpkgs-9897d83f5863cbf19ac9eab621b3997ae463d756.tar nixpkgs-9897d83f5863cbf19ac9eab621b3997ae463d756.tar.gz nixpkgs-9897d83f5863cbf19ac9eab621b3997ae463d756.tar.bz2 nixpkgs-9897d83f5863cbf19ac9eab621b3997ae463d756.tar.lz nixpkgs-9897d83f5863cbf19ac9eab621b3997ae463d756.tar.xz nixpkgs-9897d83f5863cbf19ac9eab621b3997ae463d756.tar.zst nixpkgs-9897d83f5863cbf19ac9eab621b3997ae463d756.zip |
nixos/networkd: test routingPolicyRules with a nixos vm test
Diffstat (limited to 'nixos/tests/systemd-networkd-wireguard.nix')
-rw-r--r-- | nixos/tests/systemd-networkd-wireguard.nix | 84 |
1 files changed, 0 insertions, 84 deletions
diff --git a/nixos/tests/systemd-networkd-wireguard.nix b/nixos/tests/systemd-networkd-wireguard.nix deleted file mode 100644 index be5c0da981d..00000000000 --- a/nixos/tests/systemd-networkd-wireguard.nix +++ /dev/null @@ -1,84 +0,0 @@ -let generateNodeConf = { lib, pkgs, config, privk, pubk, peerId, nodeId, ...}: { - imports = [ common/user-account.nix ]; - systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug"; - networking.useNetworkd = true; - networking.useDHCP = false; - networking.firewall.enable = false; - virtualisation.vlans = [ 1 ]; - environment.systemPackages = with pkgs; [ wireguard-tools ]; - boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ]; - systemd.tmpfiles.rules = [ - "f /run/wg_priv 0640 root systemd-network - ${privk}" - ]; - systemd.network = { - enable = true; - netdevs = { - "90-wg0" = { - netdevConfig = { Kind = "wireguard"; Name = "wg0"; }; - wireguardConfig = { - PrivateKeyFile = "/run/wg_priv"; - ListenPort = 51820; - FwMark = 42; - }; - wireguardPeers = [ {wireguardPeerConfig={ - Endpoint = "192.168.1.${peerId}:51820"; - PublicKey = pubk; - PresharedKeyFile = pkgs.writeText "psk.key" "yTL3sCOL33Wzi6yCnf9uZQl/Z8laSE+zwpqOHC4HhFU="; - AllowedIPs = [ "10.0.0.${peerId}/32" ]; - PersistentKeepalive = 15; - };}]; - }; - }; - networks = { - "99-nope" = { - matchConfig.Name = "eth*"; - linkConfig.Unmanaged = true; - }; - "90-wg0" = { - matchConfig = { Name = "wg0"; }; - address = [ "10.0.0.${nodeId}/32" ]; - routes = [ - { routeConfig = { Gateway = "10.0.0.${nodeId}"; Destination = "10.0.0.0/24"; }; } - ]; - }; - "90-eth1" = { - matchConfig = { Name = "eth1"; }; - address = [ "192.168.1.${nodeId}/24" ]; - }; - }; - }; - }; -in import ./make-test-python.nix ({pkgs, ... }: { - name = "networkd-wireguard"; - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ ninjatrappeur ]; - }; - nodes = { - node1 = { pkgs, ... }@attrs: - let localConf = { - privk = "GDiXWlMQKb379XthwX0haAbK6hTdjblllpjGX0heP00="; - pubk = "iRxpqj42nnY0Qz8MAQbSm7bXxXP5hkPqWYIULmvW+EE="; - nodeId = "1"; - peerId = "2"; - }; - in generateNodeConf (attrs // localConf); - - node2 = { pkgs, ... }@attrs: - let localConf = { - privk = "eHxSI2jwX/P4AOI0r8YppPw0+4NZnjOxfbS5mt06K2k="; - pubk = "27s0OvaBBdHoJYkH9osZpjpgSOVNw+RaKfboT/Sfq0g="; - nodeId = "2"; - peerId = "1"; - }; - in generateNodeConf (attrs // localConf); - }; -testScript = '' - start_all() - node1.wait_for_unit("systemd-networkd-wait-online.service") - node2.wait_for_unit("systemd-networkd-wait-online.service") - node1.succeed("ping -c 5 10.0.0.2") - node2.succeed("ping -c 5 10.0.0.1") - # Is the fwmark set? - node2.succeed("wg | grep -q 42") -''; -}) |