infra/tests/support/global.nix

{
  pkgs,
  lib,
  config,
  ...
}:
{
  pub-solar-os.networking.domain = "test.pub.solar";

  security.acme.defaults.server = "https://ca.${config.pub-solar-os.networking.domain}/acme/acme/directory";

  security.pki.certificates = [ (builtins.readFile ./step/certs/root_ca.crt) ];

  services.openssh = {
    enable = true;
    openFirewall = true;
    settings = {
      PermitRootLogin = lib.mkForce "yes";
      PermitEmptyPasswords = lib.mkForce "yes";
      PasswordAuthentication = lib.mkForce true;
    };
  };

  security.pam.services.sshd.allowNullPassword = true;

  virtualisation.forwardPorts =
    let
      address = (builtins.elemAt config.networking.interfaces.eth0.ipv4.addresses 0).address;
      lastAddressPart = builtins.elemAt (lib.strings.splitString "." address) 3;
    in
    [
      {
        from = "host";
        host.port = 2000 + (lib.strings.toInt lastAddressPart);
        guest.port = 22;
      }
    ];

  networking.interfaces.eth0.useDHCP = false;

  networking.hosts = {
    "192.168.1.1" = [ "ca.${config.pub-solar-os.networking.domain}" ];
    "192.168.1.2" = [ "client.${config.pub-solar-os.networking.domain}" ];
    "192.168.1.3" = [
      "${config.pub-solar-os.networking.domain}"
      "www.${config.pub-solar-os.networking.domain}"
      "auth.${config.pub-solar-os.networking.domain}"
    ];
  };
}
tests: create keycloak test, add working test for website Co-authored-by: b12f <b12f@noreply.git.pub.solar> Co-authored-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar> 2024-08-27 07:55:25 +00:00			`{`
			`pkgs,`
			`lib,`
			`config,`
			`...`
			`}:`
			`{`
			`pub-solar-os.networking.domain = "test.pub.solar";`

			`security.acme.defaults.server = "https://ca.${config.pub-solar-os.networking.domain}/acme/acme/directory";`

			`security.pki.certificates = [ (builtins.readFile ./step/certs/root_ca.crt) ];`

			`services.openssh = {`
			`enable = true;`
			`openFirewall = true;`
			`settings = {`
			`PermitRootLogin = lib.mkForce "yes";`
			`PermitEmptyPasswords = lib.mkForce "yes";`
			`PasswordAuthentication = lib.mkForce true;`
			`};`
			`};`

			`security.pam.services.sshd.allowNullPassword = true;`

			`virtualisation.forwardPorts =`
			`let`
			`address = (builtins.elemAt config.networking.interfaces.eth0.ipv4.addresses 0).address;`
			`lastAddressPart = builtins.elemAt (lib.strings.splitString "." address) 3;`
			`in`
			`[`
			`{`
			`from = "host";`
			`host.port = 2000 + (lib.strings.toInt lastAddressPart);`
			`guest.port = 22;`
			`}`
			`];`

			`networking.interfaces.eth0.useDHCP = false;`

			`networking.hosts = {`
			`"192.168.1.1" = [ "ca.${config.pub-solar-os.networking.domain}" ];`
			`"192.168.1.2" = [ "client.${config.pub-solar-os.networking.domain}" ];`
			`"192.168.1.3" = [`
			`"${config.pub-solar-os.networking.domain}"`
			`"www.${config.pub-solar-os.networking.domain}"`
			`"auth.${config.pub-solar-os.networking.domain}"`
			`];`
			`};`
			`}`