nixpkgs-suyu/nixos/tests/netdata.nix
DDoSolitary 060a47e1e4
netdata: set NETDATA_PIPENAME to /run/netdata/ipc
Netdata creates its control socket at /tmp/netdata-ipc by default, which
is insecure and actually inaccessible with systemd's PrivateTmp enabled.

Originally we patched its source code to move the socket to
/run/netdata/ipc. However, it was removed due to incompatibility when
upgrading to v1.41.0: 1d2a2dc7d0

Fortunately, this new version of netdata adds support for setting the
location of the control socket via the environment variable
NETDATA_PIPENAME. So let's set it for the netdata service and the
command line utility so that they can communicate properly.
2023-08-05 18:19:08 +08:00

41 lines
1.2 KiB
Nix

# This test runs netdata and checks for data via apps.plugin
import ./make-test-python.nix ({ pkgs, ...} : {
name = "netdata";
meta = with pkgs.lib.maintainers; {
maintainers = [ cransom raitobezarius ];
};
nodes = {
netdata =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ curl jq netdata ];
services.netdata.enable = true;
};
};
testScript = ''
start_all()
netdata.wait_for_unit("netdata.service")
# wait for the service to listen before sending a request
netdata.wait_for_open_port(19999)
# check if the netdata main page loads.
netdata.succeed("curl --fail http://localhost:19999/")
netdata.succeed("sleep 4")
# check if netdata can read disk ops for root owned processes.
# if > 0, successful. verifies both netdata working and
# apps.plugin has elevated capabilities.
url = "http://localhost:19999/api/v1/data\?chart=users.pwrites"
filter = '[.data[range(10)][.labels | indices("root")[0]]] | add | . > 0'
cmd = f"curl -s {url} | jq -e '{filter}'"
netdata.wait_until_succeeds(cmd)
# check if the control socket is available
netdata.succeed("sudo netdatacli ping")
'';
})