forked from fediversity/fediversity
136 lines
3.7 KiB
Nix
136 lines
3.7 KiB
Nix
{
|
|
lib,
|
|
pkgs,
|
|
sources,
|
|
...
|
|
}:
|
|
let
|
|
inherit (pkgs) system;
|
|
backendPort = builtins.toString 8080;
|
|
httpBackend = rec {
|
|
TF_HTTP_USERNAME = "basic";
|
|
TF_HTTP_PASSWORD = "fake-secret";
|
|
TF_HTTP_ADDRESS = "http://localhost:${backendPort}/state/project1/example";
|
|
TF_HTTP_LOCK_ADDRESS = TF_HTTP_ADDRESS;
|
|
TF_HTTP_UNLOCK_ADDRESS = TF_HTTP_ADDRESS;
|
|
};
|
|
deployment-config = {
|
|
inherit httpBackend;
|
|
inherit (import ./constants.nix) pathToRoot;
|
|
nodeName = "pve";
|
|
targetSystem = system;
|
|
sshOpts = [ ];
|
|
key-file = "/root/.ssh/id_ed25519";
|
|
proxmox-user = "root@pam";
|
|
proxmox-password = "mytestpw";
|
|
node-name = "pve";
|
|
bridge = "br0";
|
|
vlanId = 0;
|
|
imageDatastoreId = "local";
|
|
vmDatastoreId = "local";
|
|
cdDatastoreId = "local";
|
|
ipv4Gateway = "192.168.1.1";
|
|
ipv4Address = "192.168.1.236/24";
|
|
ipv6Gateway = "";
|
|
ipv6Address = "";
|
|
};
|
|
# FIXME generate the image `nixos-generate` was to make, but now do it for a desired `-c configuration.nix` rather than whatever generic thing now
|
|
deployment =
|
|
(import ../common/data-model.nix {
|
|
inherit system;
|
|
config = deployment-config;
|
|
# opt not to pass `inputs`, as we could only pass serializable arguments through to its self-call
|
|
})."tf-proxmox-deployment".tf-proxmox-host;
|
|
in
|
|
{
|
|
_class = "nixosTest";
|
|
imports = [
|
|
../common/data-model-options.nix
|
|
];
|
|
|
|
name = "deployment-model";
|
|
sourceFileset = lib.fileset.unions [
|
|
../../run/tf-proxmox/run.sh
|
|
];
|
|
|
|
nodes.pve =
|
|
{ sources, ... }:
|
|
{
|
|
imports = [
|
|
"${sources.proxmox-nixos}/modules/proxmox-ve"
|
|
];
|
|
users.users.root = {
|
|
password = "mytestpw";
|
|
hashedPasswordFile = lib.mkForce null;
|
|
};
|
|
# https://github.com/SaumonNet/proxmox-nixos/blob/main/modules/proxmox-ve/default.nix
|
|
services.proxmox-ve = {
|
|
enable = true;
|
|
ipAddress = "192.168.1.1";
|
|
};
|
|
virtualisation = {
|
|
diskSize = 2 * 1024;
|
|
memorySize = 2048;
|
|
};
|
|
};
|
|
|
|
nodes.deployer =
|
|
{ ... }:
|
|
{
|
|
imports = [
|
|
../../modules/terraform-backend
|
|
];
|
|
|
|
nix.nixPath = [
|
|
(lib.concatStringsSep ":" (lib.mapAttrsToList (k: v: k + "=" + v) sources))
|
|
];
|
|
|
|
environment.systemPackages = [
|
|
deployment.run
|
|
];
|
|
|
|
# needed only when building from deployer
|
|
system.extraDependenciesFromModule =
|
|
{ pkgs, ... }:
|
|
{
|
|
environment.systemPackages = with pkgs; [
|
|
hello
|
|
];
|
|
};
|
|
system.extraDependencies = [
|
|
pkgs.ubootQemuX86
|
|
pkgs.ubootQemuX86.inputDerivation
|
|
pkgs.pve-qemu
|
|
pkgs.pve-qemu.inputDerivation
|
|
pkgs.gnu-config
|
|
pkgs.byacc
|
|
pkgs.stdenv
|
|
pkgs.stdenvNoCC
|
|
sources.nixpkgs
|
|
pkgs.vte
|
|
];
|
|
services.terraform-backend = {
|
|
enable = true;
|
|
settings = {
|
|
LISTEN_ADDR = ":${backendPort}";
|
|
KMS_KEY = "tsjxw9NjKUBUlzbTnD7orqIAdEmpGYRARvxD51jtY+o=";
|
|
};
|
|
};
|
|
};
|
|
|
|
extraTestScript = ''
|
|
pve.wait_for_unit("pveproxy.service")
|
|
assert "running" in pve.succeed("pveproxy status")
|
|
pve.succeed("mkdir -p /run/pve")
|
|
assert "Proxmox" in pve.succeed("curl -s -i -k https://localhost:8006")
|
|
|
|
# pve.succeed("pvesh set /access/password --userid root@pam --password mypwdlol --confirmation-password mytestpw 1>&2")
|
|
# pve.succeed("curl -s -i -k -d '{\"userid\":\"root@pam\",\"password\":\"mypwdhaha\",\"confirmation-password\":\"mypwdlol\"}' -X PUT https://localhost:8006/api2/json/access/password 1>&2")
|
|
|
|
with subtest("Run the deployment"):
|
|
deployer.succeed("""
|
|
${lib.getExe deployment.run}
|
|
""")
|
|
# target.succeed("su - operator -c hello 1>&2")
|
|
'';
|
|
}
|