tests/keycloak: add non-working ssh config for clients

2024-08-24 23:49:31 +02:00 · 2024-08-24 23:49:31 +02:00 · c469a8a2dc
parent eb337ddd47
commit c469a8a2dc
2 changed files with 24 additions and 0 deletions
--- a/tests/keycloak.nix
+++ b/tests/keycloak.nix
@ -64,6 +64,7 @@ in {

  testScript = ''
    start_all()
+    join_all()

    nachtigall.wait_for_unit("system.slice")
    nachtigall.succeed("ping 127.0.0.1 -c 2")
--- a/tests/support/global.nix
+++ b/tests/support/global.nix
@ -12,6 +12,29 @@
    (builtins.readFile ./step/certs/root_ca.crt)
  ];

+  services.openssh = {
+    enable = true;
+    openFirewall = true;
+    settings = {
+      PermitRootLogin = lib.mkForce "yes";
+      PermitEmptyPasswords = lib.mkForce "yes";
+      PasswordAuthentication = lib.mkForce true;
+    };
+  };
+
+  security.pam.services.sshd.allowNullPassword = true;
+
+  virtualisation.forwardPorts = let
+    address = (builtins.elemAt config.networking.interfaces.eth0.ipv4.addresses 0).address;
+    lastAddressPart = builtins.elemAt (lib.strings.splitString "." address) 3;
+  in [
+    {
+      from = "host";
+      host.port = 2000 + (lib.strings.toInt lastAddressPart);
+      guest.port = 22;
+    }
+  ];
+
  networking.interfaces.eth0.useDHCP = false;

  networking.hosts = {