From b0f7bec49702c39d805ae8c445966c645f7ae96f Mon Sep 17 00:00:00 2001 From: John Whitman Date: Fri, 15 Nov 2024 15:04:03 -0500 Subject: [PATCH 1/6] Attempts to add a disko test. --- flake.nix | 6 +++ machines/silver/disko.nix | 105 ++++++++++++++++++++++++++++++++++++++ tests/silver.nix | 35 +++++++++++++ 3 files changed, 146 insertions(+) create mode 100644 machines/silver/disko.nix create mode 100644 tests/silver.nix diff --git a/flake.nix b/flake.nix index 180907f..30ec915 100644 --- a/flake.nix +++ b/flake.nix @@ -24,6 +24,10 @@ system = "${system}"; config.allowUnfree = true; }; + makeTest = import (pkgs.path + "/nixos/tests/make-test-python.nix"); + eval-config = import (pkgs.path + "/nixos/lib/eval-config.nix"); + lib = pkgs.lib; + diskoLib = import disko.lib { inherit lib makeTest eval-config; }; in { formatter.${system} = alejandra.defaultPackage.${system}; devShell."${system}" = import ./shell.nix {inherit pkgs;}; @@ -38,6 +42,8 @@ checks.${system} = { hello = pkgs.testers.runNixOSTest ./tests/hello.nix; + # silver = disko.lib.testLib.makeDiskoTest (import ./tests/silver.nix); + silverAlt = diskoLib.testLib.makeDiskoTest (import ./tests/silver.nix); k3s-multi-node = pkgs.testers.runNixOSTest ./tests/k3s-multi-node.nix; }; }; diff --git a/machines/silver/disko.nix b/machines/silver/disko.nix new file mode 100644 index 0000000..2c00af7 --- /dev/null +++ b/machines/silver/disko.nix @@ -0,0 +1,105 @@ +{ + disko.devices = { + disk = { + x = { + type = "disk"; + device = "/dev/sdx"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "64M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + zfs = { + size = "100%"; + content = { + type = "zfs"; + pool = "zroot"; + }; + }; + }; + }; + }; + y = { + type = "disk"; + device = "/dev/sdy"; + content = { + type = "gpt"; + partitions = { + zfs = { + size = "100%"; + content = { + type = "zfs"; + pool = "zroot"; + }; + }; + }; + }; + }; + }; + zpool = { + zroot = { + type = "zpool"; + mode = "mirror"; + # Workaround: cannot import 'zroot': I/O error in disko tests + options.cachefile = "none"; + rootFsOptions = { + compression = "zstd"; + "com.sun:auto-snapshot" = "false"; + }; + mountpoint = "/"; + postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank"; + + datasets = { + zfs_fs = { + type = "zfs_fs"; + mountpoint = "/zfs_fs"; + options."com.sun:auto-snapshot" = "true"; + }; + zfs_unmounted_fs = { + type = "zfs_fs"; + options.mountpoint = "none"; + }; + zfs_legacy_fs = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/zfs_legacy_fs"; + }; + zfs_testvolume = { + type = "zfs_volume"; + size = "10M"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/ext4onzfs"; + }; + }; + encrypted = { + type = "zfs_fs"; + options = { + mountpoint = "none"; + encryption = "aes-256-gcm"; + keyformat = "passphrase"; + keylocation = "file:///tmp/secret.key"; + }; + # use this to read the key during boot + # postCreateHook = '' + # zfs set keylocation="prompt" "zroot/$name"; + # ''; + }; + "encrypted/test" = { + type = "zfs_fs"; + mountpoint = "/zfs_crypted"; + }; + }; + }; + }; + }; +} diff --git a/tests/silver.nix b/tests/silver.nix new file mode 100644 index 0000000..e8a1e2a --- /dev/null +++ b/tests/silver.nix @@ -0,0 +1,35 @@ +{ + name = "silver"; + disko-config = ../machines/silver/disko.nix; + extraInstallerConfig.networking.hostId = "8425e349"; + extraSystemConfig = { + networking.hostId = "8425e349"; + fileSystems."/zfs_legacy_fs".options = [ "nofail" ]; # TODO find out why we need this! + }; + extraTestScript = '' + machine.succeed("test -b /dev/zvol/zroot/zfs_testvolume"); + + def assert_property(ds, property, expected_value): + out = machine.succeed(f"zfs get -H {property} {ds} -o value").rstrip() + assert ( + out == expected_value + ), f"Expected {property}={expected_value} on {ds}, got: {out}" + + assert_property("zroot", "compression", "zstd") + assert_property("zroot/zfs_fs", "compression", "zstd") + assert_property("zroot", "com.sun:auto-snapshot", "false") + assert_property("zroot/zfs_fs", "com.sun:auto-snapshot", "true") + assert_property("zroot/zfs_testvolume", "volsize", "10M") + assert_property("zroot/zfs_unmounted_fs", "mountpoint", "none") + + machine.succeed("zfs get name zroot@blank") + + machine.succeed("mountpoint /zfs_fs"); + machine.succeed("mountpoint /zfs_legacy_fs"); + machine.succeed("mountpoint /ext4onzfs"); + machine.succeed("mountpoint /zfs_crypted"); + machine.succeed("zfs get keystatus zroot/encrypted"); + machine.succeed("zfs get keystatus zroot/encrypted/test"); + ''; +} + From 420bedb3e04867a76162a1992f533c2ce1301792 Mon Sep 17 00:00:00 2001 From: John Whitman Date: Mon, 18 Nov 2024 07:44:11 -0500 Subject: [PATCH 2/6] Allows impure flake check. --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 817fe43..e6c17dd 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -23,4 +23,4 @@ jobs: - uses: actions/setup-python@v3 - uses: pre-commit/action@v3.0.1 - name: Run `nix flake check` - run: nix flake check --show-trace + run: nix flake check --impure --show-trace From 086a5149339d5b7d1f87683cad58240701e3d139 Mon Sep 17 00:00:00 2001 From: John Whitman Date: Thu, 21 Nov 2024 08:58:30 -0500 Subject: [PATCH 3/6] Formats changes. --- README.md | 2 ++ flake.nix | 2 +- machines/silver/disko.nix | 2 +- tests/silver.nix | 3 +-- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 7af85bb..ff1c3a9 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,8 @@ Collection of system configs for my machines. - [x] Build `test` VM in GHA - [x] Set up renovate on repo - [ ] Clean up `hello.nix` +- [x] Add container to `hello.nix` - [ ] See if disko works with tests +- [ ] Base install on nas [nix_vm_gist]: https://gist.github.com/FlakM/0535b8aa7efec56906c5ab5e32580adf diff --git a/flake.nix b/flake.nix index 30ec915..b91f21b 100644 --- a/flake.nix +++ b/flake.nix @@ -27,7 +27,7 @@ makeTest = import (pkgs.path + "/nixos/tests/make-test-python.nix"); eval-config = import (pkgs.path + "/nixos/lib/eval-config.nix"); lib = pkgs.lib; - diskoLib = import disko.lib { inherit lib makeTest eval-config; }; + diskoLib = import disko.lib {inherit lib makeTest eval-config;}; in { formatter.${system} = alejandra.defaultPackage.${system}; devShell."${system}" = import ./shell.nix {inherit pkgs;}; diff --git a/machines/silver/disko.nix b/machines/silver/disko.nix index 2c00af7..0550726 100644 --- a/machines/silver/disko.nix +++ b/machines/silver/disko.nix @@ -14,7 +14,7 @@ type = "filesystem"; format = "vfat"; mountpoint = "/boot"; - mountOptions = [ "umask=0077" ]; + mountOptions = ["umask=0077"]; }; }; zfs = { diff --git a/tests/silver.nix b/tests/silver.nix index e8a1e2a..8a13a8a 100644 --- a/tests/silver.nix +++ b/tests/silver.nix @@ -4,7 +4,7 @@ extraInstallerConfig.networking.hostId = "8425e349"; extraSystemConfig = { networking.hostId = "8425e349"; - fileSystems."/zfs_legacy_fs".options = [ "nofail" ]; # TODO find out why we need this! + fileSystems."/zfs_legacy_fs".options = ["nofail"]; # TODO find out why we need this! }; extraTestScript = '' machine.succeed("test -b /dev/zvol/zroot/zfs_testvolume"); @@ -32,4 +32,3 @@ machine.succeed("zfs get keystatus zroot/encrypted/test"); ''; } - From 038664030dad2e19dd4d771cb66fcde630e3fc15 Mon Sep 17 00:00:00 2001 From: John Whitman Date: Fri, 29 Nov 2024 10:44:20 -0500 Subject: [PATCH 4/6] Imports disko lib as string. --- flake.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index b91f21b..2c51700 100644 --- a/flake.nix +++ b/flake.nix @@ -27,7 +27,7 @@ makeTest = import (pkgs.path + "/nixos/tests/make-test-python.nix"); eval-config = import (pkgs.path + "/nixos/lib/eval-config.nix"); lib = pkgs.lib; - diskoLib = import disko.lib {inherit lib makeTest eval-config;}; + diskoLib = import (disko + "/lib") {inherit lib makeTest eval-config;}; in { formatter.${system} = alejandra.defaultPackage.${system}; devShell."${system}" = import ./shell.nix {inherit pkgs;}; @@ -43,7 +43,8 @@ checks.${system} = { hello = pkgs.testers.runNixOSTest ./tests/hello.nix; # silver = disko.lib.testLib.makeDiskoTest (import ./tests/silver.nix); - silverAlt = diskoLib.testLib.makeDiskoTest (import ./tests/silver.nix); + # silverAlt = diskoLib.testLib.makeDiskoTest (import ./tests/silver.nix); + silverAlt = diskoLib.testLib.makeDiskoTest ((import ./tests/silver.nix) // { inherit pkgs; }); k3s-multi-node = pkgs.testers.runNixOSTest ./tests/k3s-multi-node.nix; }; }; From d173c6c357eabffb6598c53c7b54f47a40a43ef4 Mon Sep 17 00:00:00 2001 From: John Whitman Date: Fri, 29 Nov 2024 10:44:39 -0500 Subject: [PATCH 5/6] Revert "Allows impure flake check." This reverts commit 420bedb3e04867a76162a1992f533c2ce1301792. --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e6c17dd..817fe43 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -23,4 +23,4 @@ jobs: - uses: actions/setup-python@v3 - uses: pre-commit/action@v3.0.1 - name: Run `nix flake check` - run: nix flake check --impure --show-trace + run: nix flake check --show-trace From 3e8fa2a975770ca5147f90ce7e79b6a360272054 Mon Sep 17 00:00:00 2001 From: John Whitman Date: Fri, 29 Nov 2024 22:19:47 -0500 Subject: [PATCH 6/6] Formats flake. --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 2c51700..dda0c34 100644 --- a/flake.nix +++ b/flake.nix @@ -44,7 +44,7 @@ hello = pkgs.testers.runNixOSTest ./tests/hello.nix; # silver = disko.lib.testLib.makeDiskoTest (import ./tests/silver.nix); # silverAlt = diskoLib.testLib.makeDiskoTest (import ./tests/silver.nix); - silverAlt = diskoLib.testLib.makeDiskoTest ((import ./tests/silver.nix) // { inherit pkgs; }); + silverAlt = diskoLib.testLib.makeDiskoTest ((import ./tests/silver.nix) // {inherit pkgs;}); k3s-multi-node = pkgs.testers.runNixOSTest ./tests/k3s-multi-node.nix; }; };