tests/test.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115

{ makeTest ? import <nixpkgs/nixos/tests/make-test-python.nix>
, pkgs ? (import <nixpkgs> {})
}:
let
  makeTest' = args:
    makeTest args {
      inherit pkgs;
      inherit (pkgs) system;
    };
  disko-config = {
    type = "devices";
    content = {
      vdb = {
        type = "table";
        format = "gpt";
        partitions = [
          {
            type = "partition";
            part-type = "ESP";
            start = "1MiB";
            end = "100MiB";
            fs-type = "FAT32";
            bootable = true;
            content = {
              type = "filesystem";
              format = "vfat";
              mountpoint = "/boot";
              options = [
                "defaults"
              ];
            };
          }
          {
            type = "partition";
            part-type = "primary";
            start = "100MiB";
            end = "100%";
            content = {
              type = "luks";
              algo = "aes-xts...";
              name = "crypted";
              keyfile = "/tmp/secret.key";
              extraArgs = [
                "--hash sha512"
                "--iter-time 5000"
              ];
              content = {
                type = "lvm";
                name = "pool";
                lvs = {
                  root = {
                    type = "lv";
                    size = "100M";
                    mountpoint = "/";
                    content = {
                      type = "filesystem";
                      format = "ext4";
                      mountpoint = "/";
                      options = [
                        "defaults"
                      ];
                    };
                  };
                  home = {
                    type = "lv";
                    size = "10M";
                    content = {
                      type = "filesystem";
                      format = "ext4";
                      mountpoint = "/home";
                    };
                  };
                  raw = {
                    type = "lv";
                    size = "10M";
                    content = {
                      type = "noop";
                    };
                  };
                };
              };
            };
          }
        ];
      };
    };
  };
  tsp-create = pkgs.writeScript "create" ((pkgs.callPackage ../. {}).create disko-config);
  tsp-mount = pkgs.writeScript "mount" ((pkgs.callPackage ../. {}).mount disko-config);
in makeTest' {
  name = "disko";

  nodes.machine =
    { config, pkgs, modulesPath, ... }:

    {
      imports = [
        (modulesPath + "/profiles/installation-device.nix")
        (modulesPath + "/profiles/base.nix")
      ];

      # speed-up eval
      documentation.enable = false;

      virtualisation.emptyDiskImages = [ 512 ];
    };

  testScript = ''
    machine.succeed("echo 'secret' > /tmp/secret.key");
    machine.succeed("${tsp-create}");
    machine.succeed("${tsp-mount}");
    machine.succeed("${tsp-mount}"); # verify that the command is idempotent
    machine.succeed("test -b /dev/mapper/pool-raw");
  '';
}