Skip to content

Commit

Permalink
wip
Browse files Browse the repository at this point in the history
  • Loading branch information
allow authored and allow committed Aug 1, 2024
1 parent 12c4445 commit 6f0ae57
Show file tree
Hide file tree
Showing 10 changed files with 375 additions and 369 deletions.
14 changes: 7 additions & 7 deletions dev/flake.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

73 changes: 41 additions & 32 deletions dev/flake.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
inputs = {
lynx.url = "../";
parts.url = "github:hercules-ci/flake-parts";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
home-manager.url = "github:nix-community/home-manager";
profile-parts.url = "github:adamcstephens/profile-parts";
disko.url = "github:nix-community/disko";
Expand Down Expand Up @@ -49,73 +49,82 @@
listenPort = 51820;
peers.by-name = {
node1 = {
ipv4 = ["172.22.169.1/32"];
publicKeyFile = "de0spLlB+yBuV5dZaEkgxaAREhcU9MExnze3HRCdh2c=" ;
privateKeyFile = ../flake-modules/flake-guard/testing/snakeoil-host1;
hostname = "node1.vpn";
selfEndpoint = "node1";
ipv4 = ["172.16.169.1/32"];
publicKey = "3rVr8zvOVcOxmlA41tpPoYAiZJcFDPX21D7MsVoUqFY=";
privateKey = "MLYIn9QSMgzgoVAna3pGmy6UajzcrStN2d/546HmgEE=";
selfEndpoint = "node1:51820";
};

node2 = {
hostname = "node2.vpn";
ipv4 = ["172.22.169.2/32"];
publicKeyFile = "yKzBbJ1F693FNXMdZ9BpIkQ9oVv3cTSMpdbUKpOZg0o=";
privateKeyFile = ../flake-modules/flake-guard/testing/snakeoil-host2;
selfEndpoint = "node2";
ipv4 = ["172.16.169.2/32"];
publicKey = "hvoRk9k84yYcThG2qwilWuBQUJpBrgMs6dMBg7PD2Qc=";
privateKey = "CHyebeznokFGkyo2WYWZWzdgWTug8wHnZjjsgsxFFlY=";
selfEndpoint = "node2:51820";
};
};
};


flake.nixosModules.test-flake-guard-host = { config, ... }:
{
flake-guard.enable = true;
flake-guard.networks = {
testnet.autoConfig = {
peers.enable = true;
interface.enable = true;
# hostnames.enable = true;
hosts.enable = true;
};
};

networking.firewall.interfaces =
let
net = config.flake-guard.networks;
in
{
eno1.allowedUDPPorts = [
net.testnet.self.listenPort
];
};
networking.firewall.allowedUDPPorts = [
config.flake-guard.networks.testnet.self.listenPort
];
};

flake.nixosConfigurations.flake-guard-test = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
self.nixosModules.flake-guard-host
self.nixosModules.test-flake-guard-host
{ flake-guard.hostname = "node1"; }
];
};

perSystem = args@{ config, self', inputs', pkgs, lib, system, ... }:
{
packages.flake-guard-test =
pkgs.nixosTest {
(pkgs.nixosTest {
name = "flake-guard-host-test";

nodes.node1.imports = [
self.nixosModules.flake-guard-host
self.nixosModules.test-flake-guard-host
];
nodes = {
node1.imports = [
self.nixosModules.flake-guard-host
self.nixosModules.test-flake-guard-host
];

nodes.node2.import = [
self.nixosModules.flake-guard-host
self.nixosModules.test-flake-guard-host
];
node2.imports = [
self.nixosModules.flake-guard-host
self.nixosModules.test-flake-guard-host
];
};

testScript = ''
start_all()
node1.wait_for_target("networking.target")
node2.wait_for_target("networking.target")
node1.wait_for_unit("default.target")
node2.wait_for_unit("default.target")
node1.succeed("ping -c 3 node2")
node2.succeed("ping -c 3 node1")
node1.succeed("ping -c 3 172.16.169.2")
node2.succeed("ping -c 3 172.16.169.1")
node1.succeed("ping -c 3 node2.vpn")
node2.succeed("ping -c 3 node1.vpn")
'';
};
});

packages.default = pkgs.mkShell {
shellHook = ''
Expand Down
15 changes: 15 additions & 0 deletions flake-modules/builtins/toplevel.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{ config, options, lib, ... }:
with lib;
{
options.flake._config = mkOption {
type = types.raw;
default = config;
internal = true;
};

options.flake._options = mkOption {
type = types.raw;
default = options;
internal = true;
};
}
Loading

0 comments on commit 6f0ae57

Please sign in to comment.