nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-22 15:03:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

nixosTests.systemd-networkd: fix test flakiness

Browse Source 
The original idea for this test was, on top of providing a networkd
test, to provide newcomers with a sample configuration they could use
to get started with networkd.

That's precisely why we were doing this systemd tmpfile dance in the
first place. It was a convenient way to create a runtime file with a
specific mode and owner.

Sadly, this tmpfile rule made the test flaky. There's a race condition
between the wireguard interface configured by systemd-networkd and
systemd-tmpfiles-setup.

Sometimes, networkd is going to try loading the wireguard private key
file *before* the said file gets created by systemd-tmpfiles.

A perfect solution here would be to create a "After" dependency
between wg0.netdev and systemd-tmpfiles-setup.service. Sadly, it is
currently impossible to create such a dependency between a
networkd-specific unit and a service.

We're removing this tmp file in favor of pointing networkd directly to
the Nix store. This is clearly something that shouldn't be done in the
real world for a private file: the store is world-readable. However,
this is the only way I found to fix this test flakiness for now.
This commit is contained in:
Félix Baylac-Jacqué 2020-08-30 20:37:39 +02:00
parent fe3d667a0f
commit f63c842f1e
No known key found for this signature in database
GPG Key ID: EFD315F31848DBA4
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nixos/tests/systemd-networkd.nix
View File

@ -7,16 +7,17 @@ let generateNodeConf = { lib, pkgs, config, privk, pubk, peerId, nodeId, ...}: {
virtualisation.vlans = [ 1 ];
environment.systemPackages = with pkgs; [ wireguard-tools ];
boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ];
systemd.tmpfiles.rules = [
"f /run/wg_priv 0640 root systemd-network - ${privk}"
];
systemd.network = {
enable = true;
netdevs = {
"90-wg0" = {
netdevConfig = { Kind = "wireguard"; Name = "wg0"; };
wireguardConfig = {
PrivateKeyFile = "/run/wg_priv";
# NOTE: we're storing the wireguard private key in the
# store for this test. Do not do this in the real
# world. Keep in mind the nix store is
# world-readable.
PrivateKeyFile = pkgs.writeText "wg0-priv" privk;
ListenPort = 51820;
FirewallMark = 42;
};