diff options
Diffstat (limited to 'home-manager/tests/modules/programs/ssh')
14 files changed, 390 insertions, 0 deletions
diff --git a/home-manager/tests/modules/programs/ssh/default-config-expected.conf b/home-manager/tests/modules/programs/ssh/default-config-expected.conf new file mode 100644 index 00000000000..55748ea6c82 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/default-config-expected.conf @@ -0,0 +1,15 @@ + + + + +Host * + ForwardAgent no + Compression no + ServerAliveInterval 0 + HashKnownHosts no + UserKnownHostsFile ~/.ssh/known_hosts + ControlMaster no + ControlPath ~/.ssh/master-%r@%n:%p + ControlPersist no + + diff --git a/home-manager/tests/modules/programs/ssh/default-config.nix b/home-manager/tests/modules/programs/ssh/default-config.nix new file mode 100644 index 00000000000..266bc9d1f5d --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/default-config.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + }; + + home.file.assertions.text = + builtins.toJSON + (map (a: a.message) + (filter (a: !a.assertion) + config.assertions)); + + nmt.script = '' + assertFileExists home-files/.ssh/config + assertFileContent home-files/.ssh/config ${./default-config-expected.conf} + assertFileContent home-files/assertions ${./no-assertions.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/default.nix b/home-manager/tests/modules/programs/ssh/default.nix new file mode 100644 index 00000000000..507eef0bdb8 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/default.nix @@ -0,0 +1,17 @@ +{ + ssh-defaults = ./default-config.nix; + ssh-match-blocks = ./match-blocks-attrs.nix; + + ssh-forwards-dynamic-valid-bind-no-asserts = + ./forwards-dynamic-valid-bind-no-asserts.nix; + ssh-forwards-dynamic-bind-path-with-port-asserts = + ./forwards-dynamic-bind-path-with-port-asserts.nix; + ssh-forwards-local-bind-path-with-port-asserts = + ./forwards-local-bind-path-with-port-asserts.nix; + ssh-forwards-local-host-path-with-port-asserts = + ./forwards-local-host-path-with-port-asserts.nix; + ssh-forwards-remote-bind-path-with-port-asserts = + ./forwards-remote-bind-path-with-port-asserts.nix; + ssh-forwards-remote-host-path-with-port-asserts = + ./forwards-remote-host-path-with-port-asserts.nix; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-dynamic-bind-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-dynamic-bind-path-with-port-asserts.nix new file mode 100644 index 00000000000..2e9082de378 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-dynamic-bind-path-with-port-asserts.nix @@ -0,0 +1,32 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + dynamicBindPathWithPort = { + dynamicForwards = [ + { + # Error: + address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + port = 3000; + } + ]; + }; + }; + }; + + home.file.result.text = + builtins.toJSON + (map (a: a.message) + (filter (a: !a.assertion) + config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${./forwards-paths-with-ports-error.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf b/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf new file mode 100644 index 00000000000..5213d282c28 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf @@ -0,0 +1,19 @@ + + +Host dynamicBindAddressWithPort + DynamicForward [127.0.0.1]:3000 + +Host dynamicBindPathNoPort + DynamicForward /run/user/1000/gnupg/S.gpg-agent.extra + +Host * + ForwardAgent no + Compression no + ServerAliveInterval 0 + HashKnownHosts no + UserKnownHostsFile ~/.ssh/known_hosts + ControlMaster no + ControlPath ~/.ssh/master-%r@%n:%p + ControlPersist no + + diff --git a/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts.nix new file mode 100644 index 00000000000..15ab59e82ca --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts.nix @@ -0,0 +1,45 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + dynamicBindPathNoPort = { + dynamicForwards = [ + { + # OK: + address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + } + ]; + }; + + dynamicBindAddressWithPort = { + dynamicForwards = [ + { + # OK: + address = "127.0.0.1"; + port = 3000; + } + ]; + }; + }; + }; + + home.file.result.text = + builtins.toJSON + (map (a: a.message) + (filter (a: !a.assertion) + config.assertions)); + + nmt.script = '' + assertFileExists home-files/.ssh/config + assertFileContent \ + home-files/.ssh/config \ + ${./forwards-dynamic-valid-bind-no-asserts-expected.conf} + assertFileContent home-files/result ${./no-assertions.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-local-bind-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-local-bind-path-with-port-asserts.nix new file mode 100644 index 00000000000..c05cba82791 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-local-bind-path-with-port-asserts.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + localBindPathWithPort = { + localForwards = [ + { + # OK: + host.address = "127.0.0.1"; + host.port = 3000; + + # Error: + bind.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + bind.port = 3000; + } + ]; + }; + }; + }; + + home.file.result.text = + builtins.toJSON + (map (a: a.message) + (filter (a: !a.assertion) + config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${./forwards-paths-with-ports-error.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-local-host-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-local-host-path-with-port-asserts.nix new file mode 100644 index 00000000000..8cecc5e5121 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-local-host-path-with-port-asserts.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + localHostPathWithPort = { + localForwards = [ + { + # OK: + bind.address = "127.0.0.1"; + bind.port = 3000; + + # Error: + host.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + host.port = 3000; + } + ]; + }; + }; + }; + + home.file.result.text = + builtins.toJSON + (map (a: a.message) + (filter (a: !a.assertion) + config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${./forwards-paths-with-ports-error.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-paths-with-ports-error.json b/home-manager/tests/modules/programs/ssh/forwards-paths-with-ports-error.json new file mode 100644 index 00000000000..e7e3a374ecc --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-paths-with-ports-error.json @@ -0,0 +1 @@ +["Forwarded paths cannot have ports."]
\ No newline at end of file diff --git a/home-manager/tests/modules/programs/ssh/forwards-remote-bind-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-remote-bind-path-with-port-asserts.nix new file mode 100644 index 00000000000..a0473147bd3 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-remote-bind-path-with-port-asserts.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + remoteBindPathWithPort = { + remoteForwards = [ + { + # OK: + host.address = "127.0.0.1"; + host.port = 3000; + + # Error: + bind.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + bind.port = 3000; + } + ]; + }; + }; + }; + + home.file.result.text = + builtins.toJSON + (map (a: a.message) + (filter (a: !a.assertion) + config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${./forwards-paths-with-ports-error.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-remote-host-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-remote-host-path-with-port-asserts.nix new file mode 100644 index 00000000000..770b8ab2870 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-remote-host-path-with-port-asserts.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + remoteHostPathWithPort = { + remoteForwards = [ + { + # OK: + bind.address = "127.0.0.1"; + bind.port = 3000; + + # Error: + host.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + host.port = 3000; + } + ]; + }; + }; + }; + + home.file.result.text = + builtins.toJSON + (map (a: a.message) + (filter (a: !a.assertion) + config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${./forwards-paths-with-ports-error.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/match-blocks-attrs-expected.conf b/home-manager/tests/modules/programs/ssh/match-blocks-attrs-expected.conf new file mode 100644 index 00000000000..f0d768375f0 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/match-blocks-attrs-expected.conf @@ -0,0 +1,29 @@ + + +Host * !github.com + Port 516 + IdentityFile file1 + IdentityFile file2 + +Host abc + ProxyJump jump-host + +Host xyz + ServerAliveInterval 60 + IdentityFile file + LocalForward [localhost]:8080 [10.0.0.1]:80 + RemoteForward [localhost]:8081 [10.0.0.2]:80 + RemoteForward /run/user/1000/gnupg/S.gpg-agent.extra /run/user/1000/gnupg/S.gpg-agent + DynamicForward [localhost]:2839 + +Host * + ForwardAgent no + Compression no + ServerAliveInterval 0 + HashKnownHosts no + UserKnownHostsFile ~/.ssh/known_hosts + ControlMaster no + ControlPath ~/.ssh/master-%r@%n:%p + ControlPersist no + + diff --git a/home-manager/tests/modules/programs/ssh/match-blocks-attrs.nix b/home-manager/tests/modules/programs/ssh/match-blocks-attrs.nix new file mode 100644 index 00000000000..94263ef9d27 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/match-blocks-attrs.nix @@ -0,0 +1,64 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + abc = { + identityFile = null; + proxyJump = "jump-host"; + }; + + xyz = { + identityFile = "file"; + serverAliveInterval = 60; + localForwards = [ + { + bind.port = 8080; + host.address = "10.0.0.1"; + host.port = 80; + } + ]; + remoteForwards = [ + { + bind.port = 8081; + host.address = "10.0.0.2"; + host.port = 80; + } + { + bind.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + host.address = "/run/user/1000/gnupg/S.gpg-agent"; + } + ]; + dynamicForwards = [ + { + port = 2839; + } + ]; + }; + + "* !github.com" = { + identityFile = ["file1" "file2"]; + port = 516; + }; + }; + }; + + home.file.assertions.text = + builtins.toJSON + (map (a: a.message) + (filter (a: !a.assertion) + config.assertions)); + + nmt.script = '' + assertFileExists home-files/.ssh/config + assertFileContent \ + home-files/.ssh/config \ + ${./match-blocks-attrs-expected.conf} + assertFileContent home-files/assertions ${./no-assertions.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/no-assertions.json b/home-manager/tests/modules/programs/ssh/no-assertions.json new file mode 100644 index 00000000000..0637a088a01 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/no-assertions.json @@ -0,0 +1 @@ +[]
\ No newline at end of file |