diff options
Diffstat (limited to 'home-manager/tests/modules/programs/ssh')
14 files changed, 364 insertions, 0 deletions
diff --git a/home-manager/tests/modules/programs/ssh/default-config-expected.conf b/home-manager/tests/modules/programs/ssh/default-config-expected.conf new file mode 100644 index 00000000000..6885392b26c --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/default-config-expected.conf @@ -0,0 +1,16 @@ + + + + +Host * + ForwardAgent no + Compression no + ServerAliveInterval 0 + ServerAliveCountMax 3 + HashKnownHosts no + UserKnownHostsFile ~/.ssh/known_hosts + ControlMaster no + ControlPath ~/.ssh/master-%r@%n:%p + ControlPersist no + + diff --git a/home-manager/tests/modules/programs/ssh/default-config.nix b/home-manager/tests/modules/programs/ssh/default-config.nix new file mode 100644 index 00000000000..6d7e5508a2f --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/default-config.nix @@ -0,0 +1,18 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { enable = true; }; + + home.file.assertions.text = builtins.toJSON + (map (a: a.message) (filter (a: !a.assertion) config.assertions)); + + nmt.script = '' + assertFileExists home-files/.ssh/config + assertFileContent home-files/.ssh/config ${./default-config-expected.conf} + assertFileContent home-files/assertions ${./no-assertions.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/default.nix b/home-manager/tests/modules/programs/ssh/default.nix new file mode 100644 index 00000000000..507eef0bdb8 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/default.nix @@ -0,0 +1,17 @@ +{ + ssh-defaults = ./default-config.nix; + ssh-match-blocks = ./match-blocks-attrs.nix; + + ssh-forwards-dynamic-valid-bind-no-asserts = + ./forwards-dynamic-valid-bind-no-asserts.nix; + ssh-forwards-dynamic-bind-path-with-port-asserts = + ./forwards-dynamic-bind-path-with-port-asserts.nix; + ssh-forwards-local-bind-path-with-port-asserts = + ./forwards-local-bind-path-with-port-asserts.nix; + ssh-forwards-local-host-path-with-port-asserts = + ./forwards-local-host-path-with-port-asserts.nix; + ssh-forwards-remote-bind-path-with-port-asserts = + ./forwards-remote-bind-path-with-port-asserts.nix; + ssh-forwards-remote-host-path-with-port-asserts = + ./forwards-remote-host-path-with-port-asserts.nix; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-dynamic-bind-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-dynamic-bind-path-with-port-asserts.nix new file mode 100644 index 00000000000..cf2efe5a5a5 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-dynamic-bind-path-with-port-asserts.nix @@ -0,0 +1,29 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + dynamicBindPathWithPort = { + dynamicForwards = [{ + # Error: + address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + port = 3000; + }]; + }; + }; + }; + + home.file.result.text = builtins.toJSON + (map (a: a.message) (filter (a: !a.assertion) config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${ + ./forwards-paths-with-ports-error.json + } + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf b/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf new file mode 100644 index 00000000000..02268e8cb8b --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf @@ -0,0 +1,20 @@ + + +Host dynamicBindAddressWithPort + DynamicForward [127.0.0.1]:3000 + +Host dynamicBindPathNoPort + DynamicForward /run/user/1000/gnupg/S.gpg-agent.extra + +Host * + ForwardAgent no + Compression no + ServerAliveInterval 0 + ServerAliveCountMax 3 + HashKnownHosts no + UserKnownHostsFile ~/.ssh/known_hosts + ControlMaster no + ControlPath ~/.ssh/master-%r@%n:%p + ControlPersist no + + diff --git a/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts.nix new file mode 100644 index 00000000000..d0c3a732256 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts.nix @@ -0,0 +1,38 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + dynamicBindPathNoPort = { + dynamicForwards = [{ + # OK: + address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + }]; + }; + + dynamicBindAddressWithPort = { + dynamicForwards = [{ + # OK: + address = "127.0.0.1"; + port = 3000; + }]; + }; + }; + }; + + home.file.result.text = builtins.toJSON + (map (a: a.message) (filter (a: !a.assertion) config.assertions)); + + nmt.script = '' + assertFileExists home-files/.ssh/config + assertFileContent \ + home-files/.ssh/config \ + ${./forwards-dynamic-valid-bind-no-asserts-expected.conf} + assertFileContent home-files/result ${./no-assertions.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-local-bind-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-local-bind-path-with-port-asserts.nix new file mode 100644 index 00000000000..f9d8e2daf85 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-local-bind-path-with-port-asserts.nix @@ -0,0 +1,33 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + localBindPathWithPort = { + localForwards = [{ + # OK: + host.address = "127.0.0.1"; + host.port = 3000; + + # Error: + bind.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + bind.port = 3000; + }]; + }; + }; + }; + + home.file.result.text = builtins.toJSON + (map (a: a.message) (filter (a: !a.assertion) config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${ + ./forwards-paths-with-ports-error.json + } + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-local-host-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-local-host-path-with-port-asserts.nix new file mode 100644 index 00000000000..02a7e5b168d --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-local-host-path-with-port-asserts.nix @@ -0,0 +1,33 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + localHostPathWithPort = { + localForwards = [{ + # OK: + bind.address = "127.0.0.1"; + bind.port = 3000; + + # Error: + host.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + host.port = 3000; + }]; + }; + }; + }; + + home.file.result.text = builtins.toJSON + (map (a: a.message) (filter (a: !a.assertion) config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${ + ./forwards-paths-with-ports-error.json + } + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-paths-with-ports-error.json b/home-manager/tests/modules/programs/ssh/forwards-paths-with-ports-error.json new file mode 100644 index 00000000000..e7e3a374ecc --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-paths-with-ports-error.json @@ -0,0 +1 @@ +["Forwarded paths cannot have ports."]
\ No newline at end of file diff --git a/home-manager/tests/modules/programs/ssh/forwards-remote-bind-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-remote-bind-path-with-port-asserts.nix new file mode 100644 index 00000000000..61ce9ae0385 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-remote-bind-path-with-port-asserts.nix @@ -0,0 +1,33 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + remoteBindPathWithPort = { + remoteForwards = [{ + # OK: + host.address = "127.0.0.1"; + host.port = 3000; + + # Error: + bind.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + bind.port = 3000; + }]; + }; + }; + }; + + home.file.result.text = builtins.toJSON + (map (a: a.message) (filter (a: !a.assertion) config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${ + ./forwards-paths-with-ports-error.json + } + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/forwards-remote-host-path-with-port-asserts.nix b/home-manager/tests/modules/programs/ssh/forwards-remote-host-path-with-port-asserts.nix new file mode 100644 index 00000000000..71bdbcb70fd --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/forwards-remote-host-path-with-port-asserts.nix @@ -0,0 +1,33 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + remoteHostPathWithPort = { + remoteForwards = [{ + # OK: + bind.address = "127.0.0.1"; + bind.port = 3000; + + # Error: + host.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + host.port = 3000; + }]; + }; + }; + }; + + home.file.result.text = builtins.toJSON + (map (a: a.message) (filter (a: !a.assertion) config.assertions)); + + nmt.script = '' + assertFileContent home-files/result ${ + ./forwards-paths-with-ports-error.json + } + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/match-blocks-attrs-expected.conf b/home-manager/tests/modules/programs/ssh/match-blocks-attrs-expected.conf new file mode 100644 index 00000000000..e2c3290153d --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/match-blocks-attrs-expected.conf @@ -0,0 +1,34 @@ + + +Host * !github.com + Port 516 + IdentityFile file1 + IdentityFile file2 + +Host abc + ProxyJump jump-host + +Host xyz + ServerAliveInterval 60 + ServerAliveCountMax 10 + IdentityFile file + LocalForward [localhost]:8080 [10.0.0.1]:80 + RemoteForward [localhost]:8081 [10.0.0.2]:80 + RemoteForward /run/user/1000/gnupg/S.gpg-agent.extra /run/user/1000/gnupg/S.gpg-agent + DynamicForward [localhost]:2839 + +Host ordered + Port 1 + +Host * + ForwardAgent no + Compression no + ServerAliveInterval 0 + ServerAliveCountMax 3 + HashKnownHosts no + UserKnownHostsFile ~/.ssh/known_hosts + ControlMaster no + ControlPath ~/.ssh/master-%r@%n:%p + ControlPersist no + + diff --git a/home-manager/tests/modules/programs/ssh/match-blocks-attrs.nix b/home-manager/tests/modules/programs/ssh/match-blocks-attrs.nix new file mode 100644 index 00000000000..eaa20c6e32d --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/match-blocks-attrs.nix @@ -0,0 +1,58 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + config = { + programs.ssh = { + enable = true; + matchBlocks = { + abc = { + identityFile = null; + proxyJump = "jump-host"; + }; + + ordered = hm.dag.entryAfter [ "xyz" ] { port = 1; }; + + xyz = { + identityFile = "file"; + serverAliveInterval = 60; + serverAliveCountMax = 10; + localForwards = [{ + bind.port = 8080; + host.address = "10.0.0.1"; + host.port = 80; + }]; + remoteForwards = [ + { + bind.port = 8081; + host.address = "10.0.0.2"; + host.port = 80; + } + { + bind.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + host.address = "/run/user/1000/gnupg/S.gpg-agent"; + } + ]; + dynamicForwards = [{ port = 2839; }]; + }; + + "* !github.com" = { + identityFile = [ "file1" "file2" ]; + port = 516; + }; + }; + }; + + home.file.assertions.text = builtins.toJSON + (map (a: a.message) (filter (a: !a.assertion) config.assertions)); + + nmt.script = '' + assertFileExists home-files/.ssh/config + assertFileContent \ + home-files/.ssh/config \ + ${./match-blocks-attrs-expected.conf} + assertFileContent home-files/assertions ${./no-assertions.json} + ''; + }; +} diff --git a/home-manager/tests/modules/programs/ssh/no-assertions.json b/home-manager/tests/modules/programs/ssh/no-assertions.json new file mode 100644 index 00000000000..0637a088a01 --- /dev/null +++ b/home-manager/tests/modules/programs/ssh/no-assertions.json @@ -0,0 +1 @@ +[]
\ No newline at end of file |