Skip to content

Instantly share code, notes, and snippets.

@grahamc

grahamc/gist:0d38bb4868b3d46229d3df020c024b78 Secret

Created April 5, 2019 21:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save grahamc/0d38bb4868b3d46229d3df020c024b78 to your computer and use it in GitHub Desktop.
Save grahamc/0d38bb4868b3d46229d3df020c024b78 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.nix
let
vlans = {
external = {
id = 1;
prefix = 24;
target-ip = "1.1.1.1";
source-ip = "1.1.1.100";
};
internal-192-168 = {
id = 2;
prefix = 16;
target-ip = "192.168.1.3";
source-ip = "192.168.1.100";
};
internal-172-16 = {
id = 3;
prefix = 12;
target-ip = "172.16.1.3";
source-ip = "172.16.1.100";
};
internal-10 = {
id = 4;
prefix = 8;
target-ip = "10.1.1.3";
source-ip = "10.1.1.100";
};
};
in import <nixpkgs/nixos/tests/make-test.nix> ({ pkgs, ...} : {
name = "network-experiments";
nodes = {
external = {
services.nginx = {
enable = true;
virtualHosts.localhost = {
listen = [
{ addr = "0.0.0.0"; port = 80; }
];
root = pkgs.writeTextDir "index.html" "hello!";
};
};
networking = {
firewall.enable = false;
dhcpcd.enable = false;
interfaces.eth0.ipv4.addresses = [
{ address = vlans.external.target-ip; prefixLength = vlans.external.prefix; }
];
};
virtualisation.vlans = [ vlans.external.id ];
};
internal = {
services.nginx = {
enable = true;
virtualHosts.localhost = {
listen = [
{ addr = "0.0.0.0"; port = 80; }
];
root = pkgs.writeTextDir "index.html" "hello!";
};
};
networking = {
firewall.enable = false;
dhcpcd.enable = false;
interfaces.eth0.ipv4.addresses = [
{ address = vlans.internal-192-168.target-ip; prefixLength = vlans.internal-192-168.prefix; }
];
interfaces.eth1.ipv4.addresses = [
{ address = vlans.internal-172-16.target-ip; prefixLength = vlans.internal-172-16.prefix; }
];
interfaces.eth2.ipv4.addresses = [
{ address = vlans.internal-10.target-ip; prefixLength = vlans.internal-10.prefix; }
];
};
virtualisation.vlans = [
vlans.internal-192-168.id
vlans.internal-172-16.id
vlans.internal-10.id
];
};
host = {
networking = {
firewall.enable = false;
dhcpcd.enable = false;
interfaces.eth0.ipv4.addresses = [
{ address = vlans.external.source-ip; prefixLength = vlans.external.prefix; }
];
interfaces.eth1.ipv4.addresses = [
{ address = vlans.internal-192-168.source-ip; prefixLength = vlans.internal-192-168.prefix; }
];
interfaces.eth2.ipv4.addresses = [
{ address = vlans.internal-172-16.source-ip; prefixLength = vlans.internal-172-16.prefix; }
];
interfaces.eth3.ipv4.addresses = [
{ address = vlans.internal-10.source-ip; prefixLength = vlans.internal-10.prefix; }
];
};
virtualisation.vlans = [
vlans.external.id
vlans.internal-192-168.id
vlans.internal-172-16.id
vlans.internal-10.id
];
};
};
testScript =
''
$external->start;
$internal->start;
$host->start;
$external->waitForUnit("multi-user.target");
$external->succeed("curl http://1.1.1.1:80");
$internal->waitForUnit("multi-user.target");
$internal->succeed("systemd-cat ip route");
$internal->succeed("curl http://192.168.1.3:80");
$internal->succeed("curl http://172.16.1.3:80");
$internal->succeed("curl http://10.1.1.3:80");
$host->waitForUnit("multi-user.target");
$host->succeed("systemd-cat ip route");
$host->succeed("curl http://192.168.1.3:80");
$host->succeed("curl http://172.16.1.3:80");
$host->succeed("curl http://10.1.1.3:80");
$host->succeed("curl http://1.1.1.1:80");
'';
})
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment