pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / librenms.nix
at 23.11-beta 3.6 kB view raw
1import ./make-test-python.nix ({ pkgs, lib, ... }: 2 3let 4 api_token = "f87f42114e44b63ad1b9e3c3d33d6fbe"; # random md5 hash 5 wrong_api_token = "e68ba041fcf1eab923a7a6de3af5f726"; # another random md5 hash 6in { 7 name = "librenms"; 8 meta.maintainers = lib.teams.wdz.members; 9 10 nodes.librenms = { 11 time.timeZone = "Europe/Berlin"; 12 13 environment.systemPackages = with pkgs; [ 14 curl 15 jq 16 ]; 17 18 services.librenms = { 19 enable = true; 20 hostname = "librenms"; 21 database = { 22 createLocally = true; 23 host = "localhost"; 24 database = "librenms"; 25 username = "librenms"; 26 passwordFile = pkgs.writeText "librenms-db-pass" "librenmsdbpass"; 27 }; 28 nginx = { 29 default = true; 30 }; 31 enableOneMinutePolling = true; 32 settings = { 33 enable_billing = true; 34 }; 35 }; 36 37 # systemd oneshot to create a dummy admin user and a API token for testing 38 systemd.services.lnms-api-init = { 39 description = "LibreNMS API init"; 40 after = [ "librenms-setup.service" ]; 41 wantedBy = [ "multi-user.target" ]; 42 serviceConfig = { 43 Type = "oneshot"; 44 RemainAfterExit = true; 45 User = "root"; 46 Group = "root"; 47 }; 48 script = '' 49 API_USER_NAME=api 50 API_TOKEN=${api_token} # random md5 hash 51 52 # we don't need to know the password, it just has to exist 53 API_USER_PASS=$(${pkgs.pwgen}/bin/pwgen -s 64 1) 54 ${pkgs.librenms}/artisan user:add $API_USER_NAME -r admin -p $API_USER_PASS 55 API_USER_ID=$(${pkgs.mariadb}/bin/mysql -D librenms -N -B -e "SELECT user_id FROM users WHERE username = '$API_USER_NAME';") 56 57 ${pkgs.mariadb}/bin/mysql -D librenms -e "INSERT INTO api_tokens (user_id, token_hash, description) VALUES ($API_USER_ID, '$API_TOKEN', 'API User')" 58 ''; 59 }; 60 }; 61 62 nodes.snmphost = { 63 networking.firewall.allowedUDPPorts = [ 161 ]; 64 65 systemd.services.snmpd = { 66 description = "snmpd"; 67 after = [ "network-online.target" ]; 68 wants = [ "network-online.target" ]; 69 wantedBy = [ "multi-user.target" ]; 70 serviceConfig = { 71 Type = "forking"; 72 User = "root"; 73 Group = "root"; 74 ExecStart = let 75 snmpd-config = pkgs.writeText "snmpd-config" '' 76 com2sec readonly default public 77 78 group MyROGroup v2c readonly 79 view all included .1 80 80 access MyROGroup "" any noauth exact all none none 81 82 syslocation Testcity, Testcountry 83 syscontact Testi mc Test <test@example.com> 84 ''; 85 in "${pkgs.net-snmp}/bin/snmpd -c ${snmpd-config} -C"; 86 }; 87 }; 88 }; 89 90 testScript = '' 91 start_all() 92 93 snmphost.wait_until_succeeds("pgrep snmpd") 94 95 librenms.wait_for_unit("lnms-api-init.service") 96 librenms.wait_for_open_port(80) 97 98 # Test that we can authenticate against the API 99 librenms.succeed("curl --fail -H 'X-Auth-Token: ${api_token}' http://localhost/api/v0") 100 librenms.fail("curl --fail -H 'X-Auth-Token: ${wrong_api_token}' http://localhost/api/v0") 101 102 # add snmphost as a device 103 librenms.succeed("curl --fail -X POST -d '{\"hostname\":\"snmphost\",\"version\":\"v2c\",\"community\":\"public\"}' -H 'X-Auth-Token: ${api_token}' http://localhost/api/v0/devices") 104 105 # wait until snmphost gets polled 106 librenms.wait_until_succeeds("test $(curl -H 'X-Auth-Token: ${api_token}' http://localhost/api/v0/devices/snmphost | jq -Mr .devices[0].last_polled) != 'null'") 107 ''; 108})