tests/openssh: tidy up tests

This test renames server_allowedusers to server-allowed-users. As a side-effect, since IPs are allocated to machines in alphabetical order, the IP assigned to server-lazy-socket changed, so the corresponding test had its IP updated.
2024-11-17 19:21:04 +00:00 · 2024-04-23 22:31:51 +10:00 · 2024-04-23 22:31:51 +10:00 · 41911ed9d2
parent 818cad4ae1
commit 41911ed9d2
1 changed files with 19 additions and 17 deletions
--- a/nixos/tests/openssh.nix
+++ b/nixos/tests/openssh.nix
@ -22,6 +22,19 @@ in {
        ];
      };

+    server-allowed-users =
+      { ... }:
+
+      {
+        services.openssh = { enable = true; settings.AllowUsers = [ "alice" "bob" ]; };
+        users.groups = { alice = { }; bob = { }; carol = { }; };
+        users.users = {
+          alice = { isNormalUser = true; group = "alice"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; };
+          bob = { isNormalUser = true; group = "bob"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; };
+          carol = { isNormalUser = true; group = "carol"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; };
+        };
+      };
+
    server-lazy =
      { ... }:

@ -95,19 +108,6 @@ in {
        };
      };

-    server_allowedusers =
-      { ... }:
-
-      {
-        services.openssh = { enable = true; settings.AllowUsers = [ "alice" "bob" ]; };
-        users.groups = { alice = { }; bob = { }; carol = { }; };
-        users.users = {
-          alice = { isNormalUser = true; group = "alice"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; };
-          bob = { isNormalUser = true; group = "bob"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; };
-          carol = { isNormalUser = true; group = "carol"; openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; };
-        };
-      };
-
    client =
      { ... }: {
        virtualisation.vlans = [ 1 2 ];
@ -119,6 +119,7 @@ in {
    start_all()

    server.wait_for_unit("sshd", timeout=30)
+    server_allowed_users.wait_for_unit("sshd", timeout=30)
    server_localhost_only.wait_for_unit("sshd", timeout=30)
    server_match_rule.wait_for_unit("sshd", timeout=30)

@ -166,8 +167,9 @@ in {
            "cat ${snakeOilPrivateKey} > privkey.snakeoil"
        )
        client.succeed("chmod 600 privkey.snakeoil")
+        # The final segment in this IP is allocated according to the alphabetical order of machines in this test.
        client.succeed(
-            "ssh -p 2222 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil root@192.168.2.4 true",
+            "ssh -p 2222 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil root@192.168.2.5 true",
            timeout=30
        )

@ -198,15 +200,15 @@ in {
        )
        client.succeed("chmod 600 privkey.snakeoil")
        client.succeed(
-            "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil alice@server_allowedusers true",
+            "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil alice@server-allowed-users true",
            timeout=30
        )
        client.succeed(
-            "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil bob@server_allowedusers true",
+            "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil bob@server-allowed-users true",
            timeout=30
        )
        client.fail(
-            "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil carol@server_allowedusers true",
+            "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil carol@server-allowed-users true",
            timeout=30
        )
  '';