nixos/tests/librenms.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / librenms.nix
at master 3.1 kB view raw
  1{ pkgs, lib, ... }:
  2
  3let
  4  api_token = "f87f42114e44b63ad1b9e3c3d33d6fbe"; # random md5 hash
  5  wrong_api_token = "e68ba041fcf1eab923a7a6de3af5f726"; # another random md5 hash
  6in
  7{
  8  name = "librenms";
  9  meta.maintainers = lib.teams.wdz.members;
 10
 11  nodes.librenms = {
 12    time.timeZone = "Europe/Berlin";
 13
 14    environment.systemPackages = with pkgs; [
 15      curl
 16      jq
 17    ];
 18
 19    services.librenms = {
 20      enable = true;
 21      hostname = "librenms";
 22      database = {
 23        createLocally = true;
 24        host = "localhost";
 25        database = "librenms";
 26        username = "librenms";
 27        passwordFile = pkgs.writeText "librenms-db-pass" "librenmsdbpass";
 28      };
 29      nginx = {
 30        default = true;
 31      };
 32      enableOneMinutePolling = true;
 33      settings = {
 34        enable_billing = true;
 35      };
 36    };
 37
 38    # systemd oneshot to create a dummy admin user and a API token for testing
 39    systemd.services.lnms-api-init = {
 40      description = "LibreNMS API init";
 41      after = [ "librenms-setup.service" ];
 42      wantedBy = [ "multi-user.target" ];
 43      serviceConfig = {
 44        Type = "oneshot";
 45        RemainAfterExit = true;
 46        User = "root";
 47        Group = "root";
 48      };
 49      script = ''
 50        API_USER_NAME=api
 51        API_TOKEN=${api_token} # random md5 hash
 52
 53        # we don't need to know the password, it just has to exist
 54        API_USER_PASS=$(${pkgs.pwgen}/bin/pwgen -s 64 1)
 55        ${pkgs.librenms}/artisan user:add $API_USER_NAME -r admin -p $API_USER_PASS
 56        API_USER_ID=$(${pkgs.mariadb}/bin/mysql -D librenms -N -B -e "SELECT user_id FROM users WHERE username = '$API_USER_NAME';")
 57
 58        ${pkgs.mariadb}/bin/mysql -D librenms -e "INSERT INTO api_tokens (user_id, token_hash, description) VALUES ($API_USER_ID, '$API_TOKEN', 'API User')"
 59      '';
 60    };
 61  };
 62
 63  nodes.snmphost = {
 64
 65    services.snmpd = {
 66      enable = true;
 67      openFirewall = true;
 68
 69      configText = ''
 70        com2sec readonly default public
 71
 72        group MyROGroup v2c        readonly
 73        view all    included  .1                               80
 74        access MyROGroup ""      any       noauth    exact  all    none   none
 75
 76        syslocation Testcity, Testcountry
 77        syscontact Testi mc Test <test@example.com>
 78      '';
 79
 80    };
 81  };
 82
 83  testScript = ''
 84    start_all()
 85
 86    snmphost.wait_for_unit("snmpd.service")
 87
 88    librenms.wait_for_unit("lnms-api-init.service")
 89    librenms.wait_for_open_port(80)
 90
 91    # Test that we can authenticate against the API
 92    librenms.succeed("curl --fail -H 'X-Auth-Token: ${api_token}' http://localhost/api/v0")
 93    librenms.fail("curl --fail -H 'X-Auth-Token: ${wrong_api_token}' http://localhost/api/v0")
 94
 95    # add snmphost as a device
 96    librenms.succeed("curl --fail -X POST -d '{\"hostname\":\"snmphost\",\"version\":\"v2c\",\"community\":\"public\"}' -H 'X-Auth-Token: ${api_token}' http://localhost/api/v0/devices")
 97
 98    # wait until snmphost gets polled
 99    librenms.wait_until_succeeds("test $(curl -H 'X-Auth-Token: ${api_token}' http://localhost/api/v0/devices/snmphost | jq -Mr .devices[0].last_polled) != 'null'")
100  '';
101}