nixos/tests/jool: update for module changes · pyrox.dev/nixpkgs@640c86c

pyrox.dev / nixpkgs

fork atom

lol

fork atom

nixos/tests/jool: update for module changes

rnhmjoj 2 years ago 640c86c2 355a9fa0

+39 -69

2 changed files

expand all

nixos

tests

all-tests.nix

jool.nix

+1 -1

nixos/tests/all-tests.nix

··· 395 395 jibri = handleTest ./jibri.nix {}; 396 396 jirafeau = handleTest ./jirafeau.nix {}; 397 397 jitsi-meet = handleTest ./jitsi-meet.nix {}; 398 - jool = handleTest ./jool.nix {}; 398 + jool = import ./jool.nix { inherit pkgs runTest; }; 399 399 k3s = handleTest ./k3s {}; 400 400 kafka = handleTest ./kafka.nix {}; 401 401 kanidm = handleTest ./kanidm.nix {};

+38 -68

nixos/tests/jool.nix

··· 1 - { system ? builtins.currentSystem, 2 - config ? {}, 3 - pkgs ? import ../.. { inherit system config; } 4 - }: 5 - 6 - with import ../lib/testing-python.nix { inherit system pkgs; }; 1 + { pkgs, runTest }: 7 2 8 3 let 9 4 inherit (pkgs) lib; ··· 23 18 description = "Mock webserver"; 24 19 wants = [ "network-online.target" ]; 25 20 wantedBy = [ "multi-user.target" ]; 26 - serviceConfig.Restart = "always"; 27 21 script = '' 28 22 while true; do 29 23 { ··· 40 34 in 41 35 42 36 { 43 - siit = makeTest { 37 + siit = runTest { 44 38 # This test simulates the setup described in [1] with two IPv6 and 45 39 # IPv4-only devices on different subnets communicating through a border 46 40 # relay running Jool in SIIT mode. ··· 49 43 meta.maintainers = with lib.maintainers; [ rnhmjoj ]; 50 44 51 45 # Border relay 52 - nodes.relay = { ... }: { 53 - imports = [ ../modules/profiles/minimal.nix ]; 46 + nodes.relay = { 54 47 virtualisation.vlans = [ 1 2 ]; 55 48 56 49 # Enable packet routing ··· 65 58 eth2.ipv4.addresses = [ { address = "192.0.2.1"; prefixLength = 24; } ]; 66 59 }; 67 60 68 - networking.jool = { 69 - enable = true; 70 - siit.enable = true; 71 - siit.config.global.pool6 = "fd::/96"; 72 - }; 61 + networking.jool.enable = true; 62 + networking.jool.siit.default.global.pool6 = "fd::/96"; 73 63 }; 74 64 75 65 # IPv6 only node 76 - nodes.alice = { ... }: { 77 - imports = [ 78 - ../modules/profiles/minimal.nix 79 - ipv6Only 80 - (webserver 6 "Hello, Bob!") 81 - ]; 66 + nodes.alice = { 67 + imports = [ ipv6Only (webserver 6 "Hello, Bob!") ]; 82 68 83 69 virtualisation.vlans = [ 1 ]; 84 70 networking.interfaces.eth1.ipv6 = { ··· 89 75 }; 90 76 91 77 # IPv4 only node 92 - nodes.bob = { ... }: { 93 - imports = [ 94 - ../modules/profiles/minimal.nix 95 - ipv4Only 96 - (webserver 4 "Hello, Alice!") 97 - ]; 78 + nodes.bob = { 79 + imports = [ ipv4Only (webserver 4 "Hello, Alice!") ]; 98 80 99 81 virtualisation.vlans = [ 2 ]; 100 82 networking.interfaces.eth1.ipv4 = { ··· 107 89 testScript = '' 108 90 start_all() 109 91 110 - relay.wait_for_unit("jool-siit.service") 92 + relay.wait_for_unit("jool-siit-default.service") 111 93 alice.wait_for_unit("network-addresses-eth1.service") 112 94 bob.wait_for_unit("network-addresses-eth1.service") 113 95 114 96 with subtest("Alice and Bob can't ping each other"): 115 - relay.systemctl("stop jool-siit.service") 97 + relay.systemctl("stop jool-siit-default.service") 116 98 alice.fail("ping -c1 fd::192.0.2.16") 117 99 bob.fail("ping -c1 198.51.100.8") 118 100 119 101 with subtest("Alice and Bob can ping using the relay"): 120 - relay.systemctl("start jool-siit.service") 102 + relay.systemctl("start jool-siit-default.service") 121 103 alice.wait_until_succeeds("ping -c1 fd::192.0.2.16") 122 104 bob.wait_until_succeeds("ping -c1 198.51.100.8") 123 105 ··· 132 114 ''; 133 115 }; 134 116 135 - nat64 = makeTest { 117 + nat64 = runTest { 136 118 # This test simulates the setup described in [1] with two IPv6-only nodes 137 119 # (a client and a homeserver) on the LAN subnet and an IPv4 node on the WAN. 138 120 # The router runs Jool in stateful NAT64 mode, masquarading the LAN and ··· 142 124 meta.maintainers = with lib.maintainers; [ rnhmjoj ]; 143 125 144 126 # Router 145 - nodes.router = { ... }: { 146 - imports = [ ../modules/profiles/minimal.nix ]; 127 + nodes.router = { 147 128 virtualisation.vlans = [ 1 2 ]; 148 129 149 130 # Enable packet routing ··· 158 139 eth2.ipv4.addresses = [ { address = "203.0.113.1"; prefixLength = 24; } ]; 159 140 }; 160 141 161 - networking.jool = { 162 - enable = true; 163 - nat64.enable = true; 164 - nat64.config = { 165 - bib = [ 166 - { # forward HTTP 203.0.113.1 (router) → 2001:db8::9 (homeserver) 167 - "protocol" = "TCP"; 168 - "ipv4 address" = "203.0.113.1#80"; 169 - "ipv6 address" = "2001:db8::9#80"; 170 - } 171 - ]; 172 - pool4 = [ 173 - # Ports for dynamic translation 174 - { protocol = "TCP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; } 175 - { protocol = "UDP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; } 176 - { protocol = "ICMP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; } 177 - # Ports for static BIB entries 178 - { protocol = "TCP"; prefix = "203.0.113.1/32"; "port range" = "80"; } 179 - ]; 180 - }; 142 + networking.jool.enable = true; 143 + networking.jool.nat64.default = { 144 + bib = [ 145 + { # forward HTTP 203.0.113.1 (router) → 2001:db8::9 (homeserver) 146 + "protocol" = "TCP"; 147 + "ipv4 address" = "203.0.113.1#80"; 148 + "ipv6 address" = "2001:db8::9#80"; 149 + } 150 + ]; 151 + pool4 = [ 152 + # Ports for dynamic translation 153 + { protocol = "TCP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; } 154 + { protocol = "UDP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; } 155 + { protocol = "ICMP"; prefix = "203.0.113.1/32"; "port range" = "40001-65535"; } 156 + # Ports for static BIB entries 157 + { protocol = "TCP"; prefix = "203.0.113.1/32"; "port range" = "80"; } 158 + ]; 181 159 }; 182 160 }; 183 161 184 162 # LAN client (IPv6 only) 185 - nodes.client = { ... }: { 186 - imports = [ ../modules/profiles/minimal.nix ipv6Only ]; 163 + nodes.client = { 164 + imports = [ ipv6Only ]; 187 165 virtualisation.vlans = [ 1 ]; 188 166 189 167 networking.interfaces.eth1.ipv6 = { ··· 194 172 }; 195 173 196 174 # LAN server (IPv6 only) 197 - nodes.homeserver = { ... }: { 198 - imports = [ 199 - ../modules/profiles/minimal.nix 200 - ipv6Only 201 - (webserver 6 "Hello from IPv6!") 202 - ]; 175 + nodes.homeserver = { 176 + imports = [ ipv6Only (webserver 6 "Hello from IPv6!") ]; 203 177 204 178 virtualisation.vlans = [ 1 ]; 205 179 networking.interfaces.eth1.ipv6 = { ··· 210 184 }; 211 185 212 186 # WAN server (IPv4 only) 213 - nodes.server = { ... }: { 214 - imports = [ 215 - ../modules/profiles/minimal.nix 216 - ipv4Only 217 - (webserver 4 "Hello from IPv4!") 218 - ]; 187 + nodes.server = { 188 + imports = [ ipv4Only (webserver 4 "Hello from IPv4!") ]; 219 189 220 190 virtualisation.vlans = [ 2 ]; 221 191 networking.interfaces.eth1.ipv4.addresses = ··· 229 199 node.wait_for_unit("network-addresses-eth1.service") 230 200 231 201 with subtest("Client can ping the WAN server"): 232 - router.wait_for_unit("jool-nat64.service") 202 + router.wait_for_unit("jool-nat64-default.service") 233 203 client.succeed("ping -c1 64:ff9b::203.0.113.16") 234 204 235 205 with subtest("Client can connect to the WAN webserver"):