nixos/tests/kea: migrate to runTest

Part of #386873
2025-06-10 03:23:29 +03:00 · 2025-03-10 20:23:59 +01:00 · 2025-03-10 20:23:59 +01:00 · 5a80e9ed00
commit 5a80e9ed00
parent 6919956d08
2 changed files with 196 additions and 194 deletions
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@ -575,7 +575,7 @@ in {
  kavita = handleTest ./kavita.nix {};
  kbd-setfont-decompress = handleTest ./kbd-setfont-decompress.nix {};
  kbd-update-search-paths-patch = handleTest ./kbd-update-search-paths-patch.nix {};
-  kea = handleTest ./kea.nix {};
+  kea = runTest ./kea.nix;
  keepalived = handleTest ./keepalived.nix {};
  keepassxc = handleTest ./keepassxc.nix {};
  kerberos = handleTest ./kerberos/default.nix {};
--- a/nixos/tests/kea.nix
+++ b/nixos/tests/kea.nix
@ -5,231 +5,233 @@
 # that the nameserver can resolve the clients fqdn to the correct IP
 # address.
-import ./make-test-python.nix (
+{
-  { pkgs, lib, ... }:
+  pkgs,
-  {
+  lib,
-    meta.maintainers = with lib.maintainers; [ hexa ];
+  ...
 }:
 {
  meta.maintainers = with lib.maintainers; [ hexa ];
-    name = "kea";
+  name = "kea";
-    nodes = {
+  nodes = {
-      router =
+    router =
-        { config, pkgs, ... }:
+      { config, pkgs, ... }:
-        {
+      {
-          virtualisation.vlans = [ 1 ];
+        virtualisation.vlans = [ 1 ];
-          networking = {
+        networking = {
-            useDHCP = false;
+          useDHCP = false;
-            firewall.allowedUDPPorts = [ 67 ];
+          firewall.allowedUDPPorts = [ 67 ];
-          };
+        };
-          systemd.network = {
+        systemd.network = {
-            enable = true;
+          enable = true;
-            networks = {
+          networks = {
-              "01-eth1" = {
+            "01-eth1" = {
-                name = "eth1";
+              name = "eth1";
-                networkConfig = {
+              networkConfig = {
-                  Address = "10.0.0.1/29";
+                Address = "10.0.0.1/29";
                };
              };
            };
          };
        };
-          services.kea.dhcp4 = {
+        services.kea.dhcp4 = {
-            enable = true;
+          enable = true;
-            settings = {
+          settings = {
-              valid-lifetime = 3600;
+            valid-lifetime = 3600;
-              renew-timer = 900;
+            renew-timer = 900;
-              rebind-timer = 1800;
+            rebind-timer = 1800;
-              lease-database = {
+            lease-database = {
-                type = "memfile";
+              type = "memfile";
-                persist = true;
+              persist = true;
-                name = "/var/lib/kea/dhcp4.leases";
+              name = "/var/lib/kea/dhcp4.leases";
-              };
+            };
-              control-socket = {
+            control-socket = {
-                socket-type = "unix";
+              socket-type = "unix";
-                socket-name = "/run/kea/dhcp4.sock";
+              socket-name = "/run/kea/dhcp4.sock";
-              };
+            };
-              interfaces-config = {
+            interfaces-config = {
-                dhcp-socket-type = "raw";
+              dhcp-socket-type = "raw";
-                interfaces = [
+              interfaces = [
-                  "eth1"
+                "eth1"
              ];
            };
            subnet4 = [
              {
                id = 1;
                subnet = "10.0.0.0/29";
                pools = [
                  {
                    pool = "10.0.0.3 - 10.0.0.3";
                  }
                ];
-              };
+              }
            ];
-              subnet4 = [
+            # Enable communication between dhcp4 and a local dhcp-ddns
            # instance.
            # https://kea.readthedocs.io/en/kea-2.2.0/arm/dhcp4-srv.html#ddns-for-dhcpv4
            dhcp-ddns = {
              enable-updates = true;
            };
            ddns-send-updates = true;
            ddns-qualifying-suffix = "lan.nixos.test.";
          };
        };
        services.kea.dhcp-ddns = {
          enable = true;
          settings = {
            forward-ddns = {
              # Configure updates of a forward zone named `lan.nixos.test`
              # hosted at the nameserver at 10.0.0.2
              # https://kea.readthedocs.io/en/kea-2.2.0/arm/ddns.html#adding-forward-dns-servers
              ddns-domains = [
                {
-                  id = 1;
+                  name = "lan.nixos.test.";
-                  subnet = "10.0.0.0/29";
+                  # Use a TSIG key in production!
-                  pools = [
+                  key-name = "";
                  dns-servers = [
                    {
-                      pool = "10.0.0.3 - 10.0.0.3";
+                      ip-address = "10.0.0.2";
                      port = 53;
                    }
                  ];
                }
              ];
              # Enable communication between dhcp4 and a local dhcp-ddns
              # instance.
              # https://kea.readthedocs.io/en/kea-2.2.0/arm/dhcp4-srv.html#ddns-for-dhcpv4
              dhcp-ddns = {
                enable-updates = true;
              };
              ddns-send-updates = true;
              ddns-qualifying-suffix = "lan.nixos.test.";
            };
          };
        };
-          services.kea.dhcp-ddns = {
+        services.kea.ctrl-agent = {
-            enable = true;
+          enable = true;
-            settings = {
+          settings = {
-              forward-ddns = {
+            http-host = "127.0.0.1";
-                # Configure updates of a forward zone named `lan.nixos.test`
+            http-port = 8000;
-                # hosted at the nameserver at 10.0.0.2
+            control-sockets.dhcp4 = {
-                # https://kea.readthedocs.io/en/kea-2.2.0/arm/ddns.html#adding-forward-dns-servers
+              socket-type = "unix";
-                ddns-domains = [
+              socket-name = "/run/kea/dhcp4.sock";
-                  {
+            };
-                    name = "lan.nixos.test.";
+          };
-                    # Use a TSIG key in production!
+        };
-                    key-name = "";
+
-                    dns-servers = [
+        services.prometheus.exporters.kea = {
-                      {
+          enable = true;
-                        ip-address = "10.0.0.2";
+          controlSocketPaths = [
-                        port = 53;
+            "http://127.0.0.1:8000"
-                      }
+          ];
-                    ];
+        };
-                  }
+      };
-                ];
+
    nameserver =
      { config, pkgs, ... }:
      {
        virtualisation.vlans = [ 1 ];
        networking = {
          useDHCP = false;
          firewall.allowedUDPPorts = [ 53 ];
        };
        systemd.network = {
          enable = true;
          networks = {
            "01-eth1" = {
              name = "eth1";
              networkConfig = {
                Address = "10.0.0.2/29";
              };
            };
          };
        };
-          services.kea.ctrl-agent = {
+        services.resolved.enable = false;
-            enable = true;
+
-            settings = {
+        # Set up an authoritative nameserver, serving the `lan.nixos.test`
-              http-host = "127.0.0.1";
+        # zone and configure an ACL that allows dynamic updates from
-              http-port = 8000;
+        # the router's ip address.
-              control-sockets.dhcp4 = {
+        # This ACL is likely insufficient for production usage. Please
-                socket-type = "unix";
+        # use TSIG keys.
-                socket-name = "/run/kea/dhcp4.sock";
+        services.knot =
-              };
+          let
            zone = pkgs.writeTextDir "lan.nixos.test.zone" ''
              @ SOA ns.nixos.test nox.nixos.test 0 86400 7200 3600000 172800
              @ NS nameserver
              nameserver A 10.0.0.3
              router A 10.0.0.1
            '';
            zonesDir = pkgs.buildEnv {
              name = "knot-zones";
              paths = [ zone ];
            };
-          };
+          in
-
+          {
          services.prometheus.exporters.kea = {
            enable = true;
-            controlSocketPaths = [
+            extraArgs = [
-              "http://127.0.0.1:8000"
+              "-v"
            ];
-          };
+            settings = {
-        };
+              server.listen = [
-
+                "0.0.0.0@53"
      nameserver =
        { config, pkgs, ... }:
        {
          virtualisation.vlans = [ 1 ];
          networking = {
            useDHCP = false;
            firewall.allowedUDPPorts = [ 53 ];
          };
          systemd.network = {
            enable = true;
            networks = {
              "01-eth1" = {
                name = "eth1";
                networkConfig = {
                  Address = "10.0.0.2/29";
                };
              };
            };
          };
          services.resolved.enable = false;
          # Set up an authoritative nameserver, serving the `lan.nixos.test`
          # zone and configure an ACL that allows dynamic updates from
          # the router's ip address.
          # This ACL is likely insufficient for production usage. Please
          # use TSIG keys.
          services.knot =
            let
              zone = pkgs.writeTextDir "lan.nixos.test.zone" ''
                @ SOA ns.nixos.test nox.nixos.test 0 86400 7200 3600000 172800
                @ NS nameserver
                nameserver A 10.0.0.3
                router A 10.0.0.1
              '';
              zonesDir = pkgs.buildEnv {
                name = "knot-zones";
                paths = [ zone ];
              };
            in
            {
              enable = true;
              extraArgs = [
                "-v"
              ];
-              settings = {
+
-                server.listen = [
+              log.syslog.any = "info";
-                  "0.0.0.0@53"
+
              acl.dhcp_ddns = {
                address = "10.0.0.1";
                action = "update";
              };
              template.default = {
                storage = zonesDir;
                zonefile-sync = "-1";
                zonefile-load = "difference-no-serial";
                journal-content = "all";
              };
              zone."lan.nixos.test" = {
                file = "lan.nixos.test.zone";
                acl = [
                  "dhcp_ddns"
                ];
                log.syslog.any = "info";
                acl.dhcp_ddns = {
                  address = "10.0.0.1";
                  action = "update";
                };
                template.default = {
                  storage = zonesDir;
                  zonefile-sync = "-1";
                  zonefile-load = "difference-no-serial";
                  journal-content = "all";
                };
                zone."lan.nixos.test" = {
                  file = "lan.nixos.test.zone";
                  acl = [
                    "dhcp_ddns"
                  ];
                };
              };
            };
        };
      client =
        { config, pkgs, ... }:
        {
          virtualisation.vlans = [ 1 ];
          systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
          networking = {
            useNetworkd = true;
            useDHCP = false;
            firewall.enable = false;
            interfaces.eth1.useDHCP = true;
          };
      };
    client =
      { config, pkgs, ... }:
      {
        virtualisation.vlans = [ 1 ];
        systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
        networking = {
          useNetworkd = true;
          useDHCP = false;
          firewall.enable = false;
          interfaces.eth1.useDHCP = true;
        };
-    };
+      };
-    testScript =
+  };
-      { ... }:
+  testScript =
-      ''
+    { ... }:
-        start_all()
+    ''
-        router.wait_for_unit("kea-dhcp4-server.service")
+      start_all()
-        client.systemctl("start systemd-networkd-wait-online.service")
+      router.wait_for_unit("kea-dhcp4-server.service")
-        client.wait_for_unit("systemd-networkd-wait-online.service")
+      client.systemctl("start systemd-networkd-wait-online.service")
-        client.wait_until_succeeds("ping -c 5 10.0.0.1")
+      client.wait_for_unit("systemd-networkd-wait-online.service")
-        router.wait_until_succeeds("ping -c 5 10.0.0.3")
+      client.wait_until_succeeds("ping -c 5 10.0.0.1")
-        nameserver.wait_until_succeeds("kdig +short client.lan.nixos.test @10.0.0.2 | grep -q 10.0.0.3")
+      router.wait_until_succeeds("ping -c 5 10.0.0.3")
-        router.log(router.execute("curl 127.0.0.1:9547")[1])
+      nameserver.wait_until_succeeds("kdig +short client.lan.nixos.test @10.0.0.2 | grep -q 10.0.0.3")
-        router.succeed("curl --no-buffer 127.0.0.1:9547 | grep -qE '^kea_dhcp4_addresses_assigned_total.*1.0$'")
+      router.log(router.execute("curl 127.0.0.1:9547")[1])
-      '';
+      router.succeed("curl --no-buffer 127.0.0.1:9547 | grep -qE '^kea_dhcp4_addresses_assigned_total.*1.0$'")
-  }
+    '';
-)
+}