diff options
| author | Emery Hemingway <ehmry@posteo.net> | 2020-06-09 22:05:23 +0530 |
|---|---|---|
| committer | ehmry <ehmry@posteo.net> | 2020-07-25 16:34:20 +0200 |
| commit | 39deb82e4bb0106ba76a44a956a3a493c6436ae9 (patch) | |
| tree | 4976173d355a592faeed5fba38a141e1da0f3fa0 /nixos/tests/yggdrasil.nix | |
| parent | a8780387ba8b331a69501f5793157d6d3545602a (diff) | |
| download | nixpkgs-39deb82e4bb0106ba76a44a956a3a493c6436ae9.tar nixpkgs-39deb82e4bb0106ba76a44a956a3a493c6436ae9.tar.gz nixpkgs-39deb82e4bb0106ba76a44a956a3a493c6436ae9.tar.bz2 nixpkgs-39deb82e4bb0106ba76a44a956a3a493c6436ae9.tar.lz nixpkgs-39deb82e4bb0106ba76a44a956a3a493c6436ae9.tar.xz nixpkgs-39deb82e4bb0106ba76a44a956a3a493c6436ae9.tar.zst nixpkgs-39deb82e4bb0106ba76a44a956a3a493c6436ae9.zip | |
nixos/yggdrasil.nix: test 300::/7 addresses
Diffstat (limited to 'nixos/tests/yggdrasil.nix')
| -rw-r--r-- | nixos/tests/yggdrasil.nix | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/nixos/tests/yggdrasil.nix b/nixos/tests/yggdrasil.nix index 9ceb7974733..1d7541308b4 100644 --- a/nixos/tests/yggdrasil.nix +++ b/nixos/tests/yggdrasil.nix @@ -7,6 +7,7 @@ let SigningPrivateKey = "fe3add8da35316c05f6d90d3ca79bd2801e6ccab6d37e5339fef4152589398abe2c43349083bc1e998e4ec4535b4c6a8f44ca9a5a8e07336561267253b2be5f4"; }; bobIp6 = "201:ebbd:bde9:f138:c302:4afa:1fb6:a19a"; + bobPrefix = "301:ebbd:bde9:f138"; bobConfig = { InterfacePeers = { eth1 = [ "tcp://192.168.1.200:12345" ]; @@ -18,6 +19,7 @@ let SigningPublicKey = "de111da0ec781e45bf6c63ecb45a78c24d7d4655abfaeea83b26c36eb5c0fd5b"; SigningPrivateKey = "2a6c21550f3fca0331df50668ffab66b6dce8237bcd5728e571e8033b363e247de111da0ec781e45bf6c63ecb45a78c24d7d4655abfaeea83b26c36eb5c0fd5b"; }; + danIp6 = bobPrefix + "::2"; in import ./make-test-python.nix ({ pkgs, ...} : { name = "yggdrasil"; @@ -69,6 +71,41 @@ in import ./make-test-python.nix ({ pkgs, ...} : { text = builtins.toJSON bobConfig; }); }; + + boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1; + + networking = { + bridges.br0.interfaces = [ ]; + interfaces.br0 = { + ipv6.addresses = [{ + address = bobPrefix + "::1"; + prefixLength = 64; + }]; + }; + }; + + # dan is a node inside a container running on bob's host. + containers.dan = { + autoStart = true; + privateNetwork = true; + hostBridge = "br0"; + config = { config, pkgs, ... }: { + networking.interfaces.eth0.ipv6 = { + addresses = [{ + address = bobPrefix + "::2"; + prefixLength = 64; + }]; + routes = [{ + address = "200::"; + prefixLength = 7; + via = bobPrefix + "::1"; + }]; + }; + services.httpd.enable = true; + services.httpd.adminAddr = "foo@example.org"; + networking.firewall.allowedTCPPorts = [ 80 ]; + }; + }; }; # Carol only does local peering. Carol's yggdrasil config is all Nix. @@ -100,7 +137,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : { bob.start() carol.start() - bob.wait_for_unit("yggdrasil.service") + bob.wait_for_unit("default.target") carol.wait_for_unit("yggdrasil.service") ip_addr_show = "ip -o -6 addr show dev ygg0 scope global" @@ -117,10 +154,13 @@ in import ./make-test-python.nix ({ pkgs, ...} : { carol.succeed("ping -c 1 ${aliceIp6}") carol.succeed("ping -c 1 ${bobIp6}") + carol.succeed("ping -c 1 ${bobPrefix}::1") + carol.succeed("ping -c 8 ${danIp6}") carol.fail("journalctl -u dhcpcd | grep ygg0") alice.wait_for_unit("httpd.service") carol.succeed("curl --fail -g http://[${aliceIp6}]") + carol.succeed("curl --fail -g http://[${danIp6}]") ''; }) |