From 8b67ea43c1a0ad1db3cf9caf50ea8f7d2efdf95b Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Tue, 12 Mar 2024 00:21:11 +0100
Subject: [PATCH] Add checks/two-peers

---
 checks/two-peers.nix | 117 +++++++++++++++++++++++++++++++++++++++++++
 flake.nix            |  23 +++++++--
 2 files changed, 135 insertions(+), 5 deletions(-)
 create mode 100644 checks/two-peers.nix

diff --git a/checks/two-peers.nix b/checks/two-peers.nix
new file mode 100644
index 0000000..4700ae5
--- /dev/null
+++ b/checks/two-peers.nix
@@ -0,0 +1,117 @@
+{ pkgs ? import <nixpkgs> {} }:
+
+pkgs.nixosTest rec {
+  name = "two-peers";
+
+  nodes = {
+    foo = {
+      imports = [ ../dn42.nix ];
+      networking.dn42 = {
+        enable = true;
+        as = 64600;
+        addr.v4 = "172.20.0.1";
+        nets.v4 = [ "172.20.0.0/24" ];
+        addr.v6 = "fec0::1";
+        nets.v6 = [ "fec0::/64" ];
+        peers.bar = {
+          as = 64601;
+          addr.v4 = (builtins.head nodes.bar.networking.interfaces.enp1s0.ipv4.addresses).address;
+          addr.v6 = (builtins.head nodes.bar.networking.interfaces.enp1s0.ipv6.addresses).address;
+          srcAddr.v4 = (builtins.head nodes.foo.networking.interfaces.enp1s0.ipv4.addresses).address;
+          srcAddr.v6 = (builtins.head nodes.foo.networking.interfaces.enp1s0.ipv6.addresses).address;
+          interface = "enp1s0";
+        };
+      };
+      virtualisation.interfaces.enp1s0.vlan = 2;
+      networking.useNetworkd = true;
+      systemd.network.netdevs.dummy0.netdevConfig = {
+        Kind = "dummy";
+        Name = "dummy0";
+      };
+      networking.interfaces.enp1s0 = {
+        ipv4.addresses = [ {
+          address = "10.0.0.1";
+          prefixLength = 24;
+        } ];
+        ipv6.addresses = [ {
+          address = "fe80::1";
+          prefixLength = 64;
+        } ];
+      };
+      networking.interfaces.dummy0 = {
+        ipv4.addresses = [ {
+          address = nodes.foo.networking.dn42.addr.v4;
+          prefixLength = 24;
+        } ];
+        ipv6.addresses = [ {
+          address = nodes.foo.networking.dn42.addr.v6;
+          prefixLength = 64;
+        } ];
+      };
+      networking.firewall.enable = false;
+    };
+    bar = {
+      imports = [ ../dn42.nix ];
+      networking.dn42 = {
+        enable = true;
+        as = 64601;
+        addr.v4 = "172.20.1.1";
+        nets.v4 = [ "172.20.1.0/24" ];
+        addr.v6 = "fec0:0:0:1::1";
+        nets.v6 = [ "fec0:0:0:1::/64" ];
+        peers.foo = {
+          as = 64600;
+          addr.v4 = (builtins.head nodes.foo.networking.interfaces.enp1s0.ipv4.addresses).address;
+          addr.v6 = (builtins.head nodes.foo.networking.interfaces.enp1s0.ipv6.addresses).address;
+          srcAddr.v4 = (builtins.head nodes.bar.networking.interfaces.enp1s0.ipv4.addresses).address;
+          srcAddr.v6 = (builtins.head nodes.bar.networking.interfaces.enp1s0.ipv6.addresses).address;
+          interface = "enp1s0";
+        };
+      };
+      virtualisation.interfaces.enp1s0.vlan = 2;
+      networking.useNetworkd = true;
+      systemd.network.netdevs.dummy0.netdevConfig = {
+        Kind = "dummy";
+        Name = "dummy0";
+      };
+      networking.interfaces.enp1s0 = {
+        ipv4.addresses = [ {
+          address = "10.0.0.2";
+          prefixLength = 24;
+        } ];
+        ipv6.addresses = [ {
+          address = "fe80::2";
+          prefixLength = 64;
+        } ];
+      };
+      networking.interfaces.dummy0 = {
+        ipv4.addresses = [ {
+          address = nodes.bar.networking.dn42.addr.v4;
+          prefixLength = 24;
+        } ];
+        ipv6.addresses = [ {
+          address = nodes.bar.networking.dn42.addr.v6;
+          prefixLength = 64;
+        } ];
+      };
+      networking.firewall.enable = false;
+    };
+  };
+
+  testScript = ''
+    foo.wait_for_unit("bird2")
+    bar.wait_for_unit("bird2")
+
+    # Test basic reachability on the peering network
+    foo.wait_until_succeeds("ping -c 1 10.0.0.2")
+    bar.wait_until_succeeds("ping -c 1 10.0.0.1")
+
+    # Assuming IPv4 peering is up, try ping on routed dummy0 addrs
+    foo.wait_until_succeeds("ping -c 1 ${nodes.bar.networking.dn42.addr.v4}")
+    bar.wait_until_succeeds("ping -c 1 ${nodes.foo.networking.dn42.addr.v4}")
+
+    # icmpv6 unsupported by QEMU user networking
+    # foo.wait_until_succeeds("ping -c 1 ${nodes.bar.networking.dn42.addr.v6}")
+    # bar.wait_until_succeeds("ping -c 1 ${nodes.foo.networking.dn42.addr.v6}")
+  '';
+}
diff --git a/flake.nix b/flake.nix
index ee86d83..ec5df74 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,8 +1,21 @@
 {
-  outputs = { ... }: {
-    nixosModules = rec {
-      dn42 = import ./dn42.nix;
-      default = dn42;
+  outputs = { self, nixpkgs, ... }:
+    let
+      systems = [ "x86_64-linux" "aarch64-linux" ];
+
+    in {
+      nixosModules = rec {
+        dn42 = import ./dn42.nix;
+        default = dn42;
+      };
+
+      checks = builtins.listToAttrs (map (system: {
+        name = system;
+        value = {
+          two-peers = import ./checks/two-peers.nix {
+            pkgs = nixpkgs.legacyPackages.${system};
+          };
+        };
+      }) systems);
     };
-  };
 }