trustmeim.gay / nix
Personal Nix flake
nixos home-manager nix
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat(tests): Add age pubkey snapshot, ensure servers have authorized keys

Luna Perroni 2b217b71 8699c6bf

+33 -5
+1 -1
justfile
··· 10 10 mod u2f './just/u2f.just' 11 11 12 12 # Run tests 13 - test: tests::run 13 + test *args: (tests::run args)
+2 -2
nix/nixos/modules/users/lpchaim.nix
··· 19 19 }; 20 20 21 21 users = { 22 - extraGroups.${userName}.gid = 1000; 23 - extraUsers.${userName} = 22 + groups.${userName}.gid = 1000; 23 + users.${userName} = 24 24 config.my.users.defaultUserAttrs 25 25 // { 26 26 uid = 1000;
+1
nix/tests/_snapshots/pubkey-desktop.snap.json
··· 1 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNf+oynlWr+Xq3UYKpCy8ih/w9sT6IuIKAtYjo6sfJr"
+1
nix/tests/_snapshots/pubkey-laptop.snap.json
··· 1 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHh5IZnZipti8mCt0NPCVrJ5XTU2z+nb7d2hgMG4/B3C"
+1
nix/tests/_snapshots/pubkey-raspberrypi.snap.json
··· 1 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILr9pl4qaL/+DV//lhE5y6V7xJ2eh1BSlwNYD9L9a2sQ"
+1
nix/tests/_snapshots/pubkey-steamdeck.snap.json
··· 1 + "age1qyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqs3290gq"
+26 -2
nix/tests/default.nix
··· 12 12 nixtest = { 13 13 skip = ""; 14 14 suites = { 15 - "Filesystems" = { 15 + "Age pubkeys snapshot" = { 16 + pos = __curPos; 17 + tests = 18 + self.nixosConfigurations 19 + |> lib.mapAttrsToList (name: os: { 20 + name = "pubkey-${name}"; 21 + type = "snapshot"; 22 + actual = os.config.age.rekey.hostPubkey; 23 + }); 24 + }; 25 + "Filesystems snapshot" = { 16 26 pos = __curPos; 17 27 tests = 18 28 self.nixosConfigurations ··· 25 35 |> lib.mapAttrs (_: cfg: {inherit (cfg) device fsType options;}); 26 36 }); 27 37 }; 28 - "Profiles" = { 38 + "Profiles snapshot" = { 29 39 pos = __curPos; 30 40 tests = 31 41 self.nixosConfigurations ··· 39 49 nixos = os.config.my.profiles |> filterEnabled |> attrsToString; 40 50 home = os.config.home-manager.users.lpchaim.my.profiles |> filterEnabled |> attrsToString; 41 51 }; 52 + }); 53 + }; 54 + "Servers have authorized keys" = { 55 + pos = __curPos; 56 + tests = 57 + self.nixosConfigurations 58 + |> lib.filterAttrs (_: os: os.config.my.profiles.server) 59 + |> lib.mapAttrsToList (name: os: { 60 + name = "authorizedkeys-${name}"; 61 + actual = let 62 + inherit (os.config.users.users.lpchaim.openssh.authorizedKeys) keys keyFiles; 63 + in 64 + (builtins.length (keys ++ keyFiles)) > 0; 65 + expected = true; 42 66 }); 43 67 }; 44 68 };