SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-03-22 20:09:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

tests/infrastructure: Add test case for dns resolution of unqualified hostnames

Browse source
This commit is contained in:
SebastianStork 2026-02-16 19:37:41 +01:00
parent 8450cabd86
commit ea4a9c7cbc
Signed by: SebastianStork
SSH key fingerprint: SHA256:tRrGdjYOwgHxpSc/wTOZQZEjxcb15P0tyXRsbAfd+2Q
1 changed files with 11 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

16
tests/infrastructure/default.nix
View file

@ -38,6 +38,7 @@
privateKeyPath = ./keys/${config.networking.hostName}.key; privateKeyPath = ./keys/${config.networking.hostName}.key;
}; };
networking.extraHosts = lib.mkForce "";
services.resolved.dnssec = lib.mkForce "false"; services.resolved.dnssec = lib.mkForce "false";
}; };
@ -145,16 +146,21 @@
with subtest("Overlay connectivity between nodes"): with subtest("Overlay connectivity between nodes"):
client1.succeed("ping -c 1 ${serverNetCfg.overlay.address}") client1.succeed("ping -c 1 ${serverNetCfg.overlay.address}")
client1.succeed("ping -c 1 ${client2NetCfg.overlay.address}") client1.succeed("ping -c 1 ${client2NetCfg.overlay.address}")
server.succeed("ping -c 1 ${client1NetCfg.overlay.address}") server.succeed("ping -c 1 ${client2NetCfg.overlay.address}")
with subtest("DNS resolution of FQDNs"): with subtest("DNS resolution of FQDNs"):
client1.succeed("ping -c 1 ${serverNetCfg.overlay.fqdn}") client1.succeed("ping -c 1 ${serverNetCfg.overlay.fqdn}")
client1.succeed("ping -c 1 ${client2NetCfg.overlay.fqdn}") client1.succeed("ping -c 1 ${client2NetCfg.overlay.fqdn}")
server.succeed("ping -c 1 ${client1NetCfg.overlay.fqdn}") server.succeed("ping -c 1 ${client2NetCfg.overlay.fqdn}")
with subtest("DNS resolution of unqualified hostnames"):
client1.succeed("ping -c 1 server")
client1.succeed("ping -c 1 client2")
server.succeed("ping -c 1 client2")
with subtest("SSH access restricted by role"): with subtest("SSH access restricted by role"):
client1.succeed("ssh ${sshOptions} seb@${serverNetCfg.overlay.fqdn} 'echo Hello'") client1.succeed("ssh ${sshOptions} seb@server 'echo Hello'")
client1.succeed("ssh ${sshOptions} seb@${client2NetCfg.overlay.fqdn} 'echo Hello'") client1.succeed("ssh ${sshOptions} seb@client2 'echo Hello'")
server.fail("ssh ${sshOptions} seb@${client2NetCfg.overlay.fqdn} 'echo Hello'") server.fail("ssh ${sshOptions} seb@client2 'echo Hello'")
''; '';
} }