nixos/tests/cjdns.nix at devShellTools-shell

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / nixos / tests / cjdns.nix
at devShellTools-shell 132 lines 3.3 kB view raw
wrap content
  1let
  2  carolKey = "2d2a338b46f8e4a8c462f0c385b481292a05f678e19a2b82755258cf0f0af7e2";
  3  carolPubKey = "n932l3pjvmhtxxcdrqq2qpw5zc58f01vvjx01h4dtd1bb0nnu2h0.k";
  4  carolPassword = "678287829ce4c67bc8b227e56d94422ee1b85fa11618157b2f591de6c6322b52";
  5
  6  basicConfig =
  7    { ... }:
  8    {
  9      services.cjdns.enable = true;
 10
 11      # Turning off DHCP isn't very realistic but makes
 12      # the sequence of address assignment less stochastic.
 13      networking.useDHCP = false;
 14
 15      # CJDNS output is incompatible with the XML log.
 16      systemd.services.cjdns.serviceConfig.StandardOutput = "null";
 17    };
 18
 19in
 20
 21{ pkgs, ... }:
 22{
 23  name = "cjdns";
 24  meta = with pkgs.lib.maintainers; {
 25    maintainers = [ ehmry ];
 26  };
 27
 28  nodes = {
 29    # Alice finds peers over over ETHInterface.
 30    alice =
 31      { ... }:
 32      {
 33        imports = [ basicConfig ];
 34
 35        services.cjdns.ETHInterface.bind = "eth1";
 36
 37        services.httpd.enable = true;
 38        services.httpd.adminAddr = "foo@example.org";
 39        networking.firewall.allowedTCPPorts = [ 80 ];
 40      };
 41
 42    # Bob explicitly connects to Carol over UDPInterface.
 43    bob =
 44      { ... }:
 45
 46      {
 47        imports = [ basicConfig ];
 48
 49        networking.interfaces.eth1.ipv4.addresses = [
 50          {
 51            address = "192.168.0.2";
 52            prefixLength = 24;
 53          }
 54        ];
 55
 56        services.cjdns = {
 57          UDPInterface = {
 58            bind = "0.0.0.0:1024";
 59            connectTo."192.168.0.1:1024" = {
 60              password = carolPassword;
 61              publicKey = carolPubKey;
 62            };
 63          };
 64        };
 65      };
 66
 67    # Carol listens on ETHInterface and UDPInterface,
 68    # but knows neither Alice or Bob.
 69    carol =
 70      { ... }:
 71      {
 72        imports = [ basicConfig ];
 73
 74        environment.etc."cjdns.keys".text = ''
 75          CJDNS_PRIVATE_KEY=${carolKey}
 76          CJDNS_ADMIN_PASSWORD=FOOBAR
 77        '';
 78
 79        networking.interfaces.eth1.ipv4.addresses = [
 80          {
 81            address = "192.168.0.1";
 82            prefixLength = 24;
 83          }
 84        ];
 85
 86        services.cjdns = {
 87          authorizedPasswords = [ carolPassword ];
 88          ETHInterface.bind = "eth1";
 89          UDPInterface.bind = "192.168.0.1:1024";
 90        };
 91        networking.firewall.allowedUDPPorts = [ 1024 ];
 92      };
 93
 94  };
 95
 96  testScript = ''
 97    import re
 98
 99    start_all()
100
101    alice.wait_for_unit("cjdns.service")
102    bob.wait_for_unit("cjdns.service")
103    carol.wait_for_unit("cjdns.service")
104
105
106    def cjdns_ip(machine):
107        res = machine.succeed("ip -o -6 addr show dev tun0")
108        ip = re.split("\s+|/", res)[3]
109        machine.log("has ip {}".format(ip))
110        return ip
111
112
113    alice_ip6 = cjdns_ip(alice)
114    bob_ip6 = cjdns_ip(bob)
115    carol_ip6 = cjdns_ip(carol)
116
117    # ping a few times each to let the routing table establish itself
118
119    alice.succeed("ping -c 4 {}".format(carol_ip6))
120    bob.succeed("ping -c 4 {}".format(carol_ip6))
121
122    carol.succeed("ping -c 4 {}".format(alice_ip6))
123    carol.succeed("ping -c 4 {}".format(bob_ip6))
124
125    alice.succeed("ping -c 4 {}".format(bob_ip6))
126    bob.succeed("ping -c 4 {}".format(alice_ip6))
127
128    alice.wait_for_unit("httpd.service")
129
130    bob.succeed("curl --fail -g http://[{}]".format(alice_ip6))
131  '';
132}