From 9d48f1153f6f7412ef7a2ace6cca80045a407d59 Mon Sep 17 00:00:00 2001 From: Kiara Grouwstra Date: Wed, 28 May 2025 21:12:51 +0200 Subject: [PATCH] wip: add proxmox repro test --- .forgejo/workflows/ci.yaml | 6 + deployment/check/proxmox/flake-part.nix | 17 +++ deployment/check/proxmox/proxmoxTest.nix | 99 ++++++++++++++++ deployment/flake-part.nix | 1 + flake.lock | 138 ++++++++++++++++++++++- flake.nix | 1 + myvm.nix | 53 +++++++++ nixmoxer.conf | 4 + npins/sources.json | 45 ++++++++ 9 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 deployment/check/proxmox/flake-part.nix create mode 100644 deployment/check/proxmox/proxmoxTest.nix create mode 100644 myvm.nix create mode 100644 nixmoxer.conf diff --git a/.forgejo/workflows/ci.yaml b/.forgejo/workflows/ci.yaml index 18925ab8..0b452e0c 100644 --- a/.forgejo/workflows/ci.yaml +++ b/.forgejo/workflows/ci.yaml @@ -27,6 +27,12 @@ jobs: - uses: actions/checkout@v4 - run: cd panel && nix-build -A tests + check-proxmox-basic: + runs-on: native + steps: + - uses: actions/checkout@v4 + - run: nix build .#checks.x86_64-linux.proxmox-basic -L + check-deployment-basic: runs-on: native steps: diff --git a/deployment/check/proxmox/flake-part.nix b/deployment/check/proxmox/flake-part.nix new file mode 100644 index 00000000..7465709d --- /dev/null +++ b/deployment/check/proxmox/flake-part.nix @@ -0,0 +1,17 @@ +{ + inputs, + ... +}: + +{ + perSystem = + { pkgs, ... }: + { + checks.proxmox-basic = pkgs.testers.runNixOSTest { + imports = [ + ./proxmoxTest.nix + ]; + _module.args.inputs = inputs; + }; + }; +} diff --git a/deployment/check/proxmox/proxmoxTest.nix b/deployment/check/proxmox/proxmoxTest.nix new file mode 100644 index 00000000..8a1a1eca --- /dev/null +++ b/deployment/check/proxmox/proxmoxTest.nix @@ -0,0 +1,99 @@ +{ + inputs, + lib, + pkgs, + system, + ... +}: + +let + # sources = import ../../../npins; + # proxmox-nixos = import sources.proxmox-nixos; + minimalIso = pkgs.fetchurl { + url = "https://releases.nixos.org/nixos/24.05/nixos-24.05.7139.bcba2fbf6963/nixos-minimal-24.05.7139.bcba2fbf6963-x86_64-linux.iso"; + hash = "sha256-plre/mIHdIgU4xWU+9xErP+L4i460ZbcKq8iy2n4HT8="; + }; +in + +{ + name = "proxmox-basic"; + + nodes.mypve = { + imports = [ + # proxmox-nixos.nixosModules.proxmox-ve + # "${sources.proxmox-nixos}/modules/proxmox-ve" + inputs.proxmox-nixos.nixosModules.proxmox-ve + ]; + + nixpkgs.overlays = lib.mkForce [ + # proxmox-nixos.overlays.x86_64-linux + # (import "${sources.proxmox-nixos}/pkgs" { inherit pkgs; pkgs-unstable = pkgs; craneLib = pkgs.callPackage "${sources.crane}/lib" { }; }) + inputs.proxmox-nixos.overlays.${system} + ]; + + services.proxmox-ve = { + enable = true; + # package = pkgs.callPackage "${sources.proxmox-nixos}/pkgs/proxmox-ve" { }; + ipAddress = "192.168.1.1"; + vms = { + myvm1 = { + vmid = 100; + memory = 1024; + cores = 1; + sockets = 1; + kvm = true; + scsi = [ { file = "local:16"; } ]; + cdrom = "local:iso/minimal.iso"; + }; + }; + }; + + virtualisation = { + additionalPaths = [ minimalIso ]; + diskSize = 4096; + memorySize = 2048; + }; + }; + + testScript = '' + machine.start() + machine.wait_for_unit("pveproxy.service") + assert "running" in machine.succeed("pveproxy status") + + # Copy Iso + machine.succeed("mkdir -p /var/lib/vz/template/iso/") + machine.succeed("cp ${minimalIso} /var/lib/vz/template/iso/minimal.iso") + + # Declarative VM creation + machine.wait_for_unit("multi-user.target") + machine.succeed("qm stop 100 --timeout 0") + + # Seabios VM creation + machine.succeed( + "qm create 101 --kvm 0 --bios seabios -cdrom local:iso/minimal.iso", + "qm start 101", + "qm stop 101 --timeout 0" + ) + + # Legacy ovmf vm creation + machine.succeed( + "qm create 102 --kvm 0 --bios ovmf -cdrom local:iso/minimal.iso", + "qm start 102", + "qm stop 102 --timeout 0" + ) + + # UEFI ovmf vm creation + machine.succeed( + "qm create 103 --kvm 0 --bios ovmf --efidisk0 local:4,efitype=4m -cdrom local:iso/minimal.iso", + "qm start 103", + "qm stop 103 --timeout 0" + ) + + # UEFI ovmf vm creation with secure boot + machine.succeed( + "qm create 104 --kvm 0 --bios ovmf --efidisk0 local:4,efitype=4m,pre-enrolled-keys=1 -cdrom local:iso/minimal.iso", + "qm start 104", + "qm stop 104 --timeout 0" + ) + ''; +} diff --git a/deployment/flake-part.nix b/deployment/flake-part.nix index 5e822688..2e89c94e 100644 --- a/deployment/flake-part.nix +++ b/deployment/flake-part.nix @@ -1,6 +1,7 @@ { imports = [ ./check/basic/flake-part.nix + ./check/proxmox/flake-part.nix ./check/cli/flake-part.nix ]; } diff --git a/flake.lock b/flake.lock index 4eff9508..92278138 100644 --- a/flake.lock +++ b/flake.lock @@ -17,6 +17,25 @@ "type": "github" } }, + "crane_2": { + "inputs": { + "nixpkgs": "nixpkgs_5" + }, + "locked": { + "lastModified": 1717383740, + "narHash": "sha256-559HbY4uhNeoYvK3H6AMZAtVfmR3y8plXZ1x6ON/cWU=", + "owner": "ipetkov", + "repo": "crane", + "rev": "b65673fce97d277934488a451724be94cc62499a", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "ref": "v0.17.3", + "repo": "crane", + "type": "github" + } + }, "dream2nix": { "inputs": { "nixpkgs": [ @@ -106,6 +125,21 @@ "type": "github" } }, + "flake-compat_5": { + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" @@ -564,6 +598,36 @@ "type": "github" } }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1732981179, + "narHash": "sha256-F7thesZPvAMSwjRu0K8uFshTk3ZZSNAsXTIFvXBT+34=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "62c435d93bf046a5396f3016472e8f7c8e2aed65", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-24.11", + "type": "indirect" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1723637854, + "narHash": "sha256-med8+5DSWa2UnOqtdICndjDAEjxr5D7zaIiK4pn0Q7c=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c3aa7b8938b17aebd2deecf7be0636000d62a2b9", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1730768919, @@ -612,6 +676,22 @@ "type": "github" } }, + "nixpkgs_5": { + "locked": { + "lastModified": 1714656196, + "narHash": "sha256-kjQkA98lMcsom6Gbhw8SYzmwrSo+2nruiTcTZp5jK7o=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "94035b482d181af0a0f8f77823a790b256b7c3cc", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "parts": { "inputs": { "nixpkgs-lib": [ @@ -635,6 +715,28 @@ "type": "github" } }, + "proxmox-nixos": { + "inputs": { + "crane": "crane_2", + "flake-compat": "flake-compat_5", + "nixpkgs-stable": "nixpkgs-stable", + "nixpkgs-unstable": "nixpkgs-unstable", + "utils": "utils" + }, + "locked": { + "lastModified": 1746882493, + "narHash": "sha256-KbkIGJ6fe5F6AZRCzrNH3vNAnbbt+gf/PWrfMZ/B0As=", + "owner": "SaumonNet", + "repo": "proxmox-nixos", + "rev": "bda8df28b6656843e459f166b04bc291bc495a29", + "type": "github" + }, + "original": { + "owner": "SaumonNet", + "repo": "proxmox-nixos", + "type": "github" + } + }, "purescript-overlay": { "inputs": { "flake-compat": "flake-compat_4", @@ -687,7 +789,8 @@ "nixops4" ], "nixops4-nixos": "nixops4-nixos", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_4", + "proxmox-nixos": "proxmox-nixos" } }, "rust-overlay": { @@ -753,6 +856,21 @@ "type": "github" } }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "treefmt": { "inputs": { "nixpkgs": [ @@ -775,6 +893,24 @@ "repo": "treefmt-nix", "type": "github" } + }, + "utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 6dd3d3df..d6931950 100644 --- a/flake.nix +++ b/flake.nix @@ -5,6 +5,7 @@ git-hooks.url = "github:cachix/git-hooks.nix"; nixops4.follows = "nixops4-nixos/nixops4"; nixops4-nixos.url = "github:nixops4/nixops4-nixos"; + proxmox-nixos.url = "github:SaumonNet/proxmox-nixos"; }; outputs = diff --git a/myvm.nix b/myvm.nix new file mode 100644 index 00000000..f8a20995 --- /dev/null +++ b/myvm.nix @@ -0,0 +1,53 @@ +{ + pkgs, + lib, + inputs, + system, + ... +}: +let + sources = import ./npins; + # pkgs = import sources.nixpkgs { inherit system; }; + # pkgs = import sources.nixpkgs { }; + # pkgs = import inputs.nixpkgs { }; + # proxmox-nixos = import sources.proxmox-nixos; +in +{ + # error: The option `virtualisation.proxmox' does not exist + imports = [ + (import "${sources.disko}/module.nix") + ./infra/common/nixos/hardware.nix + # proxmox-nixos.nixosModules.proxmox-ve # error: 'builtins.storePath' is not allowed in pure evaluation mode + # "${sources.proxmox-nixos}/modules/proxmox-ve" + inputs.proxmox-nixos.nixosModules.proxmox-ve + ]; + + nixpkgs.overlays = lib.mkForce [ + # proxmox-nixos.overlays.x86_64-linux # error: 'builtins.storePath' is not allowed in pure evaluation mode + # (import "${sources.proxmox-nixos}/pkgs" { + # inherit pkgs; + # pkgs-unstable = pkgs; + # craneLib = pkgs.callPackage "${sources.crane}/lib" { }; + # }) + inputs.proxmox-nixos.overlays.${system} + ]; + networking.hostName = "myvm"; + virtualisation.proxmox = { + node = "myproxmoxnode"; + iso = pkgs.fetchurl { + url = "https://releases.nixos.org/nixos/24.05/nixos-24.05.7139.bcba2fbf6963/nixos-minimal-24.05.7139.bcba2fbf6963-x86_64-linux.iso"; + hash = "sha256-plre/mIHdIgU4xWU+9xErP+L4i460ZbcKq8iy2n4HT8="; + }; + vmid = 101; + memory = 4096; + cores = 4; + sockets = 2; + net = [ + { + model = "virtio"; + bridge = "vmbr0"; + } + ]; + scsi = [ { file = "local:16"; } ]; # This will create a 16GB volume in 'local' + }; +} diff --git a/nixmoxer.conf b/nixmoxer.conf new file mode 100644 index 00000000..cf98d0b6 --- /dev/null +++ b/nixmoxer.conf @@ -0,0 +1,4 @@ +host=192.168.51.81 +verify_ssl=0 +user=kiara@ProcoliX +password= diff --git a/npins/sources.json b/npins/sources.json index 4971590b..685c581f 100644 --- a/npins/sources.json +++ b/npins/sources.json @@ -25,6 +25,38 @@ "url": null, "hash": "1w2gsy6qwxa5abkv8clb435237iifndcxq0s79wihqw11a5yb938" }, + "crane": { + "type": "GitRelease", + "repository": { + "type": "GitHub", + "owner": "ipetkov", + "repo": "crane" + }, + "pre_releases": false, + "version_upper_bound": null, + "release_prefix": null, + "submodules": false, + "version": "v0.20.3", + "revision": "8468a0c46f81d806fd643ffe389fa80328b21cf4", + "url": "https://api.github.com/repos/ipetkov/crane/tarball/v0.20.3", + "hash": "0zw4275c3a6572w6vjmn850yddw6n3qagwfcq6ns247cx72fdfx0" + }, + "disko": { + "type": "GitRelease", + "repository": { + "type": "GitHub", + "owner": "nix-community", + "repo": "disko" + }, + "pre_releases": false, + "version_upper_bound": null, + "release_prefix": null, + "submodules": false, + "version": "v1.12.0", + "revision": "7121f74b976481bc36877abaf52adab2a178fcbe", + "url": "https://api.github.com/repos/nix-community/disko/tarball/v1.12.0", + "hash": "0wbx518d2x54yn4xh98cgm65wvj0gpy6nia6ra7ns4j63hx14fkq" + }, "flake-parts": { "type": "Git", "repository": { @@ -105,6 +137,19 @@ "revision": "f33a4d26226c05d501b9d4d3e5e60a3a59991921", "url": "https://github.com/nixos/nixpkgs/archive/f33a4d26226c05d501b9d4d3e5e60a3a59991921.tar.gz", "hash": "1b6dm1sn0bdpcsmxna0zzspjaixa2dald08005fry5jrbjvwafdj" + }, + "proxmox-nixos": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "SaumonNet", + "repo": "proxmox-nixos" + }, + "branch": "main", + "submodules": false, + "revision": "bda8df28b6656843e459f166b04bc291bc495a29", + "url": "https://github.com/SaumonNet/proxmox-nixos/archive/bda8df28b6656843e459f166b04bc291bc495a29.tar.gz", + "hash": "02yhq6gk3pva7pzhgypdnsfl1wyy8yrwwhll05x92ywzkqc0if99" } }, "version": 5