1 import ./make-test-python.nix ({ pkgs, ... }: let
2 inherit (import ./ssh-keys.nix pkgs)
3 snakeOilPrivateKey snakeOilPublicKey;
5 commonConfig = { pkgs, ... }: {
6 virtualisation.emptyDiskImages = [ 2048 ];
7 boot.supportedFilesystems = [ "zfs" ];
8 environment.systemPackages = [ pkgs.parted ];
12 meta = with pkgs.lib.maintainers; {
13 maintainers = [ lopsided98 ];
18 imports = [ commonConfig ];
19 networking.hostId = "daa82e91";
21 programs.ssh.extraConfig = ''
22 UserKnownHostsFile=/dev/null
23 StrictHostKeyChecking=no
36 datasets."pool/sanoid".use_template = [ "test" ];
37 datasets."pool/compat".useTemplate = [ "test" ];
38 extraArgs = [ "--verbose" ];
43 sshKey = "/var/lib/syncoid/id_ecdsa";
45 # Sync snapshot taken by sanoid
47 target = "root@target:pool/sanoid";
48 extraArgs = [ "--no-sync-snap" "--create-bookmark" ];
50 # Take snapshot and sync
51 "pool/syncoid".target = "root@target:pool/syncoid";
53 # Test pool without parent (regression test for https://github.com/NixOS/nixpkgs/pull/180111)
54 "pool".target = "root@target:pool/full-pool";
56 # Test backward compatible options (regression test for https://github.com/NixOS/nixpkgs/issues/181561)
58 target = "root@target:pool/compat";
59 extraArgs = [ "--no-sync-snap" ];
65 imports = [ commonConfig ];
66 networking.hostId = "dcf39d36";
68 services.openssh.enable = true;
69 users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ];
76 "parted --script /dev/vdb -- mklabel msdos mkpart primary 1024M -1s",
78 "zpool create pool -R /mnt /dev/vdb1",
79 "zfs create pool/sanoid",
80 "zfs create pool/compat",
81 "zfs create pool/syncoid",
86 "parted --script /dev/vdb -- mklabel msdos mkpart primary 1024M -1s",
88 "zpool create pool -R /mnt /dev/vdb1",
93 "mkdir -m 700 -p /var/lib/syncoid",
94 "cat '${snakeOilPrivateKey}' > /var/lib/syncoid/id_ecdsa",
95 "chmod 600 /var/lib/syncoid/id_ecdsa",
96 "chown -R syncoid:syncoid /var/lib/syncoid/",
99 assert len(source.succeed("zfs allow pool")) == 0, "Pool shouldn't have delegated permissions set before snapshotting"
100 assert len(source.succeed("zfs allow pool/sanoid")) == 0, "Sanoid dataset shouldn't have delegated permissions set before snapshotting"
101 assert len(source.succeed("zfs allow pool/syncoid")) == 0, "Syncoid dataset shouldn't have delegated permissions set before snapshotting"
103 # Take snapshot with sanoid
104 source.succeed("touch /mnt/pool/sanoid/test.txt")
105 source.succeed("touch /mnt/pool/compat/test.txt")
106 source.systemctl("start --wait sanoid.service")
108 assert len(source.succeed("zfs allow pool")) == 0, "Pool shouldn't have delegated permissions set after snapshotting"
109 assert len(source.succeed("zfs allow pool/sanoid")) == 0, "Sanoid dataset shouldn't have delegated permissions set after snapshotting"
110 assert len(source.succeed("zfs allow pool/syncoid")) == 0, "Syncoid dataset shouldn't have delegated permissions set after snapshotting"
113 target.wait_for_open_port(22)
114 source.succeed("touch /mnt/pool/syncoid/test.txt")
115 source.systemctl("start --wait syncoid-pool-sanoid.service")
116 target.succeed("cat /mnt/pool/sanoid/test.txt")
117 source.systemctl("start --wait syncoid-pool-syncoid.service")
118 source.systemctl("start --wait syncoid-pool-syncoid.service")
119 target.succeed("cat /mnt/pool/syncoid/test.txt")
121 assert(len(source.succeed("zfs list -H -t snapshot pool/syncoid").splitlines()) == 1), "Syncoid should only retain one sync snapshot"
123 source.systemctl("start --wait syncoid-pool.service")
124 target.succeed("[[ -d /mnt/pool/full-pool/syncoid ]]")
126 source.systemctl("start --wait syncoid-pool-compat.service")
127 target.succeed("cat /mnt/pool/compat/test.txt")
129 assert len(source.succeed("zfs allow pool")) == 0, "Pool shouldn't have delegated permissions set after syncing snapshots"
130 assert len(source.succeed("zfs allow pool/sanoid")) == 0, "Sanoid dataset shouldn't have delegated permissions set after syncing snapshots"
131 assert len(source.succeed("zfs allow pool/syncoid")) == 0, "Syncoid dataset shouldn't have delegated permissions set after syncing snapshots"