From 160edcf2c5fd9aab2fd26d7e6a32b00a4afc28ca Mon Sep 17 00:00:00 2001 From: Ilan Joselevich Date: Fri, 7 Jul 2023 19:50:29 +0300 Subject: [PATCH] nixos/twingate: add package option and test --- .../modules/services/networking/twingate.nix | 30 ++++++++----------- nixos/tests/all-tests.nix | 1 + nixos/tests/twingate.nix | 10 +++++++ .../networking/twingate/default.nix | 3 ++ 4 files changed, 27 insertions(+), 17 deletions(-) create mode 100644 nixos/tests/twingate.nix diff --git a/nixos/modules/services/networking/twingate.nix b/nixos/modules/services/networking/twingate.nix index 17140bffd218..1454a7431cd2 100644 --- a/nixos/modules/services/networking/twingate.nix +++ b/nixos/modules/services/networking/twingate.nix @@ -1,28 +1,24 @@ { config, lib, pkgs, ... }: -with lib; - let cfg = config.services.twingate; - -in { - +in +{ options.services.twingate = { - enable = mkEnableOption (lib.mdDoc "Twingate Client daemon"); + enable = lib.mkEnableOption (lib.mdDoc "Twingate Client daemon"); + package = lib.mkPackageOptionMD pkgs "twingate" { }; }; - config = mkIf cfg.enable { + config = lib.mkIf cfg.enable { + systemd.packages = [ cfg.package ]; + systemd.services.twingate = { + preStart = "cp -r -n ${cfg.package}/etc/twingate/. /etc/twingate/"; + wantedBy = [ "multi-user.target" ]; + }; - networking.firewall.checkReversePath = lib.mkDefault false; - networking.networkmanager.enable = true; + networking.firewall.checkReversePath = lib.mkDefault "loose"; + services.resolved.enable = !(config.networking.networkmanager.enable); - environment.systemPackages = [ pkgs.twingate ]; # for the CLI - systemd.packages = [ pkgs.twingate ]; - - systemd.services.twingate.preStart = '' - cp -r -n ${pkgs.twingate}/etc/twingate/. /etc/twingate/ - ''; - - systemd.services.twingate.wantedBy = [ "multi-user.target" ]; + environment.systemPackages = [ cfg.package ]; # For the CLI. }; } diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index f7f57b3268ef..587fb07ed7b5 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -801,6 +801,7 @@ in { tuptime = handleTest ./tuptime.nix {}; turbovnc-headless-server = handleTest ./turbovnc-headless-server.nix {}; tuxguitar = handleTest ./tuxguitar.nix {}; + twingate = runTest ./twingate.nix; ucarp = handleTest ./ucarp.nix {}; udisks2 = handleTest ./udisks2.nix {}; ulogd = handleTest ./ulogd.nix {}; diff --git a/nixos/tests/twingate.nix b/nixos/tests/twingate.nix new file mode 100644 index 000000000000..8c7161b6fae5 --- /dev/null +++ b/nixos/tests/twingate.nix @@ -0,0 +1,10 @@ +{ + name = "twingate"; + + nodes.machine.services.twingate.enable = true; + + testScript = { nodes, ... }: '' + machine.wait_for_unit("twingate.service") + machine.succeed("twingate --version | grep '${nodes.machine.services.twingate.package.version}' >&2") + ''; +} diff --git a/pkgs/applications/networking/twingate/default.nix b/pkgs/applications/networking/twingate/default.nix index 33e0820bec9f..e555ddacffd8 100644 --- a/pkgs/applications/networking/twingate/default.nix +++ b/pkgs/applications/networking/twingate/default.nix @@ -8,6 +8,7 @@ , udev , cryptsetup , stdenv +, nixosTests }: stdenv.mkDerivation rec { @@ -41,6 +42,8 @@ stdenv.mkDerivation rec { mv usr/share $out/share ''; + passthru.tests = { inherit (nixosTests) twingate; }; + meta = with lib; { description = "Twingate Client"; homepage = "https://twingate.com";