From 805887590cee4054c2f6eeedb12a39c147ad622c Mon Sep 17 00:00:00 2001 From: Max Date: Tue, 16 Jul 2024 23:09:18 +0200 Subject: [PATCH] checks/cluster: init WIP --- packages/checks/cluster.nix | 71 +++++++++++++++++++++++++++++++++++++ packages/checks/default.nix | 7 +++- 2 files changed, 77 insertions(+), 1 deletion(-) create mode 100644 packages/checks/cluster.nix diff --git a/packages/checks/cluster.nix b/packages/checks/cluster.nix new file mode 100644 index 0000000..e874e0c --- /dev/null +++ b/packages/checks/cluster.nix @@ -0,0 +1,71 @@ +{ testers, config, extendModules, lib, system }: + +let + lift = config; + + snakeoil = { + ssh = { + public = lib.fileContents ./snakeoil/ssh/snakeoil-key.pub; + private = ./snakeoil/ssh/snakeoil-key; + }; + wireguard = { + public = lib.genAttrs nodes (node: lib.fileContents ./snakeoil/wireguard/public-key-${toString digits.${node}}); + private = lib.genAttrs nodes (node: ./snakeoil/wireguard/private-key-${toString digits.${node}}); + }; + }; + + nodes = lib.attrNames config.gods.fromLight; + digits = lib.attrsets.listToAttrs (lib.zipListsWith lib.nameValuePair nodes (lib.range 1 255)); + depot' = extendModules { + modules = [ + ({ config, ... }: { + gods.fromLight = lib.mapAttrs (name: cfg: { + interfaces.primary = { + link = lib.mkForce "eth1"; + addr = lib.mkForce "192.168.1.${toString digits.${name}}"; + addrPublic = lib.mkForce "192.168.1.${toString digits.${name}}"; + }; + ssh.id.publicKey = lib.mkForce snakeoil.ssh.public; + }) lift.gods.fromLight; + + cluster = lib.mkForce (lift.cluster.extendModules { + specialArgs.depot = config; + modules = [ + { + hostLinks = lib.genAttrs nodes (node: { + mesh.extra = lib.mkForce (lift.cluster.config.hostLinks.${node}.mesh.extra // { + pubKey = snakeoil.wireguard.public.${node}; + }); + }); + } + ]; + }); + }) + ]; + }; + specialArgs = depot'.config.lib.summon system lib.id; +in + +testers.runNixOSTest { + name = "cluster"; + + node = { inherit specialArgs; }; + nodes = lib.genAttrs nodes (node: { + imports = [ + specialArgs.depot.hours.${node}.nixos + ./modules/nixos/age-dummy-secrets + ] ++ depot'.config.cluster.config.out.injectNixosConfig node; + + environment.etc."ssh/ssh_host_ed25519_key" = { + source = snakeoil.ssh.private; + mode = "0400"; + }; + environment.etc."dummy-secrets/cluster-wireguard-meshPrivateKey".source = lib.mkForce snakeoil.wireguard.private.${node}; + passthru.depot = depot'; + virtualisation.memorySize = 4096; + }); + + testScript = '' + grail.succeed("false") + ''; +} diff --git a/packages/checks/default.nix b/packages/checks/default.nix index c09b60d..e060327 100644 --- a/packages/checks/default.nix +++ b/packages/checks/default.nix @@ -1,4 +1,4 @@ -{ config, lib, self, ... }: +{ config, lib, self, extendModules, ... }: let timeMachine = { @@ -7,6 +7,7 @@ let in { + debug = lib.warn "debug mode is enabled" true; perSystem = { filters, pkgs, self', system, ... }: { checks = lib.mkIf (system == "x86_64-linux") { ascensions = pkgs.callPackage ./ascensions.nix { @@ -15,6 +16,10 @@ in inherit (config) cluster; }; + cluster = pkgs.callPackage ./cluster.nix { + inherit config extendModules; + }; + garage = pkgs.callPackage ./garage.nix { inherit (self'.packages) garage consul; inherit (self) nixosModules;