ryan
/
wirenix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added manual IP assignment tests

Browse Source
release
Matthew Salerno 1 year ago
parent bd52d85d2d
commit 3d49ebff29
6 changed files with 354 additions and 0 deletions
Show Stats Download Patch File Download Diff File

65
tests/acls/manual-ipv4.nix
Unescape Escape View File

@ -0,0 +1,65 @@
{
version = "v1";
subnets = [
{
name = "manual-ipv4";
endpoints = [
{
# No match mean match any
port = 51820;
}
];
}
];
groups = [
# groups field is expected, but can be empty
];
peers = [
{
name = "node1";
subnets = {
manual-ipv4 = {
ipAddresses = [
"10.0.0.1"
];
listenPort = 51820;
};
};
publicKey = "kdyzqV8cBQtDYeW6R1vUug0Oe+KaytHHDS7JoCp/kTE=";
privateKeyFile = "/etc/wg-key";
#privateKey = "MIELhEc0I7BseAanhk/+LlY/+Yf7GK232vKWITExnEI="; # path is relative to the machine
endpoints = [
{
# no match can be any
ip = "node1";
}
];
}
{
name = "node2";
subnets = {
manual-ipv4 = {
ipAddresses = [
"10.0.0.2"
];
listenPort = 51820;
};
};
publicKey = "ztdAXTspQEZUNpxUbUdAhhRWbiL3YYWKSK0ZGdcsMHE=";
privateKeyFile = "/etc/wg-key";
#privateKey = "yG4mJiduoAvzhUJMslRbZwOp1gowSfC+wgY8B/Mul1M=";
endpoints = [
{
# no match can be any
ip = "node2";
}
];
}
];
connections = [
{
a = [{type= "subnet"; rule = "is"; value = "manual-ipv4";}];
b = [{type= "subnet"; rule = "is"; value = "manual-ipv4";}];
}
];
}

65
tests/acls/manual-ipv6-auto.nix
Unescape Escape View File

@ -0,0 +1,65 @@
{
version = "v1";
subnets = [
{
name = "manual-ipv6-auto";
endpoints = [
{
# No match mean match any
port = 51820;
}
];
}
];
groups = [
# groups field is expected, but can be empty
];
peers = [
{
name = "node1";
subnets = {
manual-ipv6-auto = {
ipAddresses = [
"auto"
];
listenPort = 51820;
};
};
publicKey = "kdyzqV8cBQtDYeW6R1vUug0Oe+KaytHHDS7JoCp/kTE=";
privateKeyFile = "/etc/wg-key";
#privateKey = "MIELhEc0I7BseAanhk/+LlY/+Yf7GK232vKWITExnEI="; # path is relative to the machine
endpoints = [
{
# no match can be any
ip = "node1";
}
];
}
{
name = "node2";
subnets = {
manual-ipv6-auto = {
ipAddresses = [
"auto"
];
listenPort = 51820;
};
};
publicKey = "ztdAXTspQEZUNpxUbUdAhhRWbiL3YYWKSK0ZGdcsMHE=";
privateKeyFile = "/etc/wg-key";
#privateKey = "yG4mJiduoAvzhUJMslRbZwOp1gowSfC+wgY8B/Mul1M=";
endpoints = [
{
# no match can be any
ip = "node2";
}
];
}
];
connections = [
{
a = [{type= "subnet"; rule = "is"; value = "manual-ipv6-auto";}];
b = [{type= "subnet"; rule = "is"; value = "manual-ipv6-auto";}];
}
];
}

65
tests/acls/manual-ipv6.nix
Unescape Escape View File

@ -0,0 +1,65 @@
{
version = "v1";
subnets = [
{
name = "manual-ipv6";
endpoints = [
{
# No match mean match any
port = 51820;
}
];
}
];
groups = [
# groups field is expected, but can be empty
];
peers = [
{
name = "node1";
subnets = {
manual-ipv6 = {
ipAddresses = [
"fc00::1"
];
listenPort = 51820;
};
};
publicKey = "kdyzqV8cBQtDYeW6R1vUug0Oe+KaytHHDS7JoCp/kTE=";
privateKeyFile = "/etc/wg-key";
#privateKey = "MIELhEc0I7BseAanhk/+LlY/+Yf7GK232vKWITExnEI="; # path is relative to the machine
endpoints = [
{
# no match can be any
ip = "node1";
}
];
}
{
name = "node2";
subnets = {
manual-ipv6 = {
ipAddresses = [
"fc00::2"
];
listenPort = 51820;
};
};
publicKey = "ztdAXTspQEZUNpxUbUdAhhRWbiL3YYWKSK0ZGdcsMHE=";
privateKeyFile = "/etc/wg-key";
#privateKey = "yG4mJiduoAvzhUJMslRbZwOp1gowSfC+wgY8B/Mul1M=";
endpoints = [
{
# no match can be any
ip = "node2";
}
];
}
];
connections = [
{
a = [{type= "subnet"; rule = "is"; value = "manual-ipv6";}];
b = [{type= "subnet"; rule = "is"; value = "manual-ipv6";}];
}
];
}

53
tests/manual-ipv4.nix
Unescape Escape View File

@ -0,0 +1,53 @@
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/
(import ./lib.nix)
{
name = "manual ipv6 connection";
nodes = {
# `self` here is set by using specialArgs in `lib.nix`
node1 = { self, pkgs, ... }: {
virtualisation.vlans = [ 1 ];
imports = [ self.nixosModules.default ];
wirenix = {
enable = true;
keyProviders = ["acl"];
peerName = "node1";
aclConfig = import ./acls/manual-ipv4.nix;
};
environment.etc."wg-key" = {
text = "MIELhEc0I7BseAanhk/+LlY/+Yf7GK232vKWITExnEI=";
};
networking.firewall.enable = false;
};
node2 = { self, pkgs, ... }: {
virtualisation.vlans = [ 1 ];
imports = [ self.nixosModules.default ];
wirenix = {
enable = true;
keyProviders = ["acl"];
peerName = "node2";
aclConfig = import ./acls/manual-ipv4.nix;
};
environment.etc."wg-key" = {
text = "yG4mJiduoAvzhUJMslRbZwOp1gowSfC+wgY8B/Mul1M=";
};
networking.firewall.enable = false;
};
};
# This is the test code that will check if our service is running correctly:
testScript = ''
start_all()
node1.wait_for_unit("wireguard-simple-peer-node2")
node2.wait_for_unit("wireguard-simple-peer-node1")
node1.succeed("ping -c 1 node2 >&2")
node1.succeed("wg show >&2")
node2.succeed("ping -c 1 node1 >&2")
node2.succeed("wg show >&2")
node1.succeed("ping -c 1 node2.simple")
node2.succeed("ping -c 1 node1.simple")
'';
}

53
tests/manual-ipv6-auto.nix
Unescape Escape View File

@ -0,0 +1,53 @@
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/
(import ./lib.nix)
{
name = "manual ipv6 connection";
nodes = {
# `self` here is set by using specialArgs in `lib.nix`
node1 = { self, pkgs, ... }: {
virtualisation.vlans = [ 1 ];
imports = [ self.nixosModules.default ];
wirenix = {
enable = true;
keyProviders = ["acl"];
peerName = "node1";
aclConfig = import ./acls/manual-ipv6-auto.nix;
};
environment.etc."wg-key" = {
text = "MIELhEc0I7BseAanhk/+LlY/+Yf7GK232vKWITExnEI=";
};
networking.firewall.enable = false;
};
node2 = { self, pkgs, ... }: {
virtualisation.vlans = [ 1 ];
imports = [ self.nixosModules.default ];
wirenix = {
enable = true;
keyProviders = ["acl"];
peerName = "node2";
aclConfig = import ./acls/manual-ipv6-auto.nix;
};
environment.etc."wg-key" = {
text = "yG4mJiduoAvzhUJMslRbZwOp1gowSfC+wgY8B/Mul1M=";
};
networking.firewall.enable = false;
};
};
# This is the test code that will check if our service is running correctly:
testScript = ''
start_all()
node1.wait_for_unit("wireguard-simple-peer-node2")
node2.wait_for_unit("wireguard-simple-peer-node1")
node1.succeed("ping -c 1 node2 >&2")
node1.succeed("wg show >&2")
node2.succeed("ping -c 1 node1 >&2")
node2.succeed("wg show >&2")
node1.succeed("ping -c 1 node2.simple")
node2.succeed("ping -c 1 node1.simple")
'';
}

53
tests/manual-ipv6.nix
Unescape Escape View File

@ -0,0 +1,53 @@
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/.
*/
(import ./lib.nix)
{
name = "manual ipv6 connection";
nodes = {
# `self` here is set by using specialArgs in `lib.nix`
node1 = { self, pkgs, ... }: {
virtualisation.vlans = [ 1 ];
imports = [ self.nixosModules.default ];
wirenix = {
enable = true;
keyProviders = ["acl"];
peerName = "node1";
aclConfig = import ./acls/manual-ipv6.nix;
};
environment.etc."wg-key" = {
text = "MIELhEc0I7BseAanhk/+LlY/+Yf7GK232vKWITExnEI=";
};
networking.firewall.enable = false;
};
node2 = { self, pkgs, ... }: {
virtualisation.vlans = [ 1 ];
imports = [ self.nixosModules.default ];
wirenix = {
enable = true;
keyProviders = ["acl"];
peerName = "node2";
aclConfig = import ./acls/manual-ipv6.nix;
};
environment.etc."wg-key" = {
text = "yG4mJiduoAvzhUJMslRbZwOp1gowSfC+wgY8B/Mul1M=";
};
networking.firewall.enable = false;
};
};
# This is the test code that will check if our service is running correctly:
testScript = ''
start_all()
node1.wait_for_unit("wireguard-simple-peer-node2")
node2.wait_for_unit("wireguard-simple-peer-node1")
node1.succeed("ping -c 1 node2 >&2")
node1.succeed("wg show >&2")
node2.succeed("ping -c 1 node1 >&2")
node2.succeed("wg show >&2")
node1.succeed("ping -c 1 node2.simple")
node2.succeed("ping -c 1 node1.simple")
'';
}
Write Preview
Loading…
Cancel
Save