gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2025-12-12 07:40:30 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix(integration-test): Don't erase endpoint & allowed ips when setting PSK

Browse Source
This commit is contained in:
Karolin Varner
2025-08-22 17:09:55 +02:00
committed by David Niehues
parent d5162d7b9a
commit 098aff91ab
2 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
tests/integration/rp-key-sync.nix
View File

@@ -41,6 +41,16 @@ let
type = lib.types.path; type = lib.types.path;
description = "Location of the .osk file on the key exchange server"; description = "Location of the .osk file on the key exchange server";
}; };
endpoint = lib.mkOption {
type = lib.types.str;
description = "IP address of the peer to connect via.";
};
allowedIps = lib.mkOption {
type = lib.types.str;
description = "IP addresses on the WireGuard VPN the peer is allowed to use";
};
}; };
}; };
in in
@@ -67,6 +77,8 @@ in
| ${pkgs.wireguard-tools}/bin/wg \ | ${pkgs.wireguard-tools}/bin/wg \
set ${instanceCfg.wgInterface} \ set ${instanceCfg.wgInterface} \
peer ${instanceCfg.peerPubkey} \ peer ${instanceCfg.peerPubkey} \
endpoint ${instanceCfg.endpoint} \
allowed-ips ${instanceCfg.allowedIps} \
preshared-key /dev/stdin preshared-key /dev/stdin
''; '';
serviceConfig = { serviceConfig = {

12
tests/integration/rpsc-test.nix
View File

@@ -207,6 +207,8 @@ in
rpHost = "peerakeyexchanger"; rpHost = "peerakeyexchanger";
peerPubkey = staticConfig.peerB.publicKey; peerPubkey = staticConfig.peerB.publicKey;
remoteKeyPath = keyExchangePathAB; remoteKeyPath = keyExchangePathAB;
endpoint = "peerB:${builtins.toString wgPort}";
allowedIps = "${staticConfig.peerB.innerIp}/24";
}; };
} }
// lib.optionalAttrs multiPeer { // lib.optionalAttrs multiPeer {
@@ -217,6 +219,8 @@ in
rpHost = "peerakeyexchanger"; rpHost = "peerakeyexchanger";
peerPubkey = staticConfig.peerC.publicKey; peerPubkey = staticConfig.peerC.publicKey;
remoteKeyPath = keyExchangePathAC; remoteKeyPath = keyExchangePathAC;
endpoint = "peerC:${builtins.toString wgPort}";
allowedIps = "${staticConfig.peerC.innerIp}/24";
}; };
}; };
}; };
@@ -255,6 +259,8 @@ in
rpHost = "peerbkeyexchanger"; rpHost = "peerbkeyexchanger";
peerPubkey = staticConfig.peerA.publicKey; peerPubkey = staticConfig.peerA.publicKey;
remoteKeyPath = keyExchangePathBA; remoteKeyPath = keyExchangePathBA;
endpoint = "peerA:${builtins.toString wgPort}";
allowedIps = "${staticConfig.peerB.innerIp}/24";
}; };
} }
// lib.optionalAttrs multiPeer { // lib.optionalAttrs multiPeer {
@@ -265,6 +271,8 @@ in
rpHost = "peerbkeyexchanger"; rpHost = "peerbkeyexchanger";
peerPubkey = staticConfig.peerC.publicKey; peerPubkey = staticConfig.peerC.publicKey;
remoteKeyPath = keyExchangePathBC; remoteKeyPath = keyExchangePathBC;
endpoint = "peerC:${builtins.toString wgPort}";
allowedIps = "${staticConfig.peerC.innerIp}/24";
}; };
}; };
}; };
@@ -330,6 +338,8 @@ in
rpHost = "peerckeyexchanger"; rpHost = "peerckeyexchanger";
peerPubkey = staticConfig.peerA.publicKey; peerPubkey = staticConfig.peerA.publicKey;
remoteKeyPath = keyExchangePathCA; remoteKeyPath = keyExchangePathCA;
endpoint = "peerA:${builtins.toString wgPort}";
allowedIps = "${staticConfig.peerA.innerIp}/24";
}; };
CB = { CB = {
create = true; create = true;
@@ -338,6 +348,8 @@ in
rpHost = "peerckeyexchanger"; rpHost = "peerckeyexchanger";
peerPubkey = staticConfig.peerB.publicKey; peerPubkey = staticConfig.peerB.publicKey;
remoteKeyPath = keyExchangePathCB; remoteKeyPath = keyExchangePathCB;
endpoint = "peerB:${builtins.toString wgPort}";
allowedIps = "${staticConfig.peerB.innerIp}/24";
}; };
}; };
}; };