nix-community/nixos-anywhere
1
1
Fork 0
mirror of https://github.com/nix-community/nixos-anywhere.git synced 2024-08-15 11:20:36 +03:00
Code Issues Packages Projects Releases Wiki Activity
242444d228
nixos-anywhere/tests/from-nixos-with-sudo.nix
zimbatm 8428ae7c52 add -i to allow passing private key files 
Mirror the `-i` option from SSH, so you can run `nixos-anywhere ~/.ssh/other_key`.

This commit also fixes an issue where the generated key-pair would stay
around when using the SSH_PRIVATE_KEY env var.
2023-05-14 16:08:29 +02:00

41 lines
1.5 KiB
Nix
Raw Blame History

(import ./lib/test-base.nix) {
name = "from-nixos-with-sudo";
nodes = {
installer = ./modules/installer.nix;
installed = {
services.openssh.enable = true;
virtualisation.memorySize = 1512;
users.users.nixos = {
isNormalUser = true;
openssh.authorizedKeys.keyFiles = [ ./modules/ssh-keys/ssh.pub ];
extraGroups = [ "wheel" ];
};
security.sudo.enable = true;
security.sudo.wheelNeedsPassword = false;
};
};
testScript = ''
start_all()
installer.succeed("echo super-secret > /tmp/disk-1.key")
output = installer.succeed("""
nixos-anywhere \
-i /root/.ssh/install_key \
--debug \
--kexec /etc/nixos-anywhere/kexec-installer \
--stop-after-disko \
--disk-encryption-keys /tmp/disk-1.key /tmp/disk-1.key \
--disk-encryption-keys /tmp/disk-2.key <(echo another-secret) \
--store-paths /etc/nixos-anywhere/disko /etc/nixos-anywhere/system-to-install \
nixos@installed >&2
echo "disk-1.key: '$(ssh -i /root/.ssh/install_key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
root@installed cat /tmp/disk-1.key)'"
echo "disk-2.key: '$(ssh -i /root/.ssh/install_key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
root@installed cat /tmp/disk-2.key)'"
""")
assert "disk-1.key: 'super-secret'" in output, f"output does not contain expected values: {output}"
assert "disk-2.key: 'another-secret'" in output, f"output does not contain expected values: {output}"
'';
}
Reference in New Issue View Git Blame Copy Permalink