| blob | 70ec7d816612dce08564e91db0259893790899de |
1 import ./make-test-python.nix ({ lib, pkgs, ... }:
2 {
3 name = "endlessh-go";
4 meta.maintainers = with lib.maintainers; [ azahi ];
6 nodes = {
7 server = { ... }: {
8 services.endlessh-go = {
9 enable = true;
10 prometheus.enable = true;
11 openFirewall = true;
12 };
14 specialisation = {
15 unprivileged.configuration = {
16 services.endlessh-go = {
17 port = 2222;
18 prometheus.port = 9229;
19 };
20 };
22 privileged.configuration = {
23 services.endlessh-go = {
24 port = 22;
25 prometheus.port = 92;
26 };
27 };
28 };
29 };
31 client = { pkgs, ... }: {
32 environment.systemPackages = with pkgs; [ curl netcat ];
33 };
34 };
36 testScript = ''
37 def activate_specialisation(name: str):
38 server.succeed(f"/run/booted-system/specialisation/{name}/bin/switch-to-configuration test >&2")
40 start_all()
42 with subtest("Unprivileged"):
43 activate_specialisation("unprivileged")
44 server.wait_for_unit("endlessh-go.service")
45 server.wait_for_open_port(2222)
46 server.wait_for_open_port(9229)
47 server.fail("curl -sSf server:9229/metrics | grep -q endlessh_client_closed_count_total")
48 client.succeed("nc -dvW5 server 2222")
49 server.succeed("curl -sSf server:9229/metrics | grep -q endlessh_client_closed_count_total")
50 client.fail("curl -sSfm 5 server:9229/metrics")
52 with subtest("Privileged"):
53 activate_specialisation("privileged")
54 server.wait_for_unit("endlessh-go.service")
55 server.wait_for_open_port(22)
56 server.wait_for_open_port(92)
57 server.fail("curl -sSf server:92/metrics | grep -q endlessh_client_closed_count_total")
58 client.succeed("nc -dvW5 server 22")
59 server.succeed("curl -sSf server:92/metrics | grep -q endlessh_client_closed_count_total")
60 client.fail("curl -sSfm 5 server:92/metrics")
61 '';
62 })