060a47e1e4
Netdata creates its control socket at /tmp/netdata-ipc by default, which
is insecure and actually inaccessible with systemd's PrivateTmp enabled.
Originally we patched its source code to move the socket to
/run/netdata/ipc. However, it was removed due to incompatibility when
upgrading to v1.41.0: 1d2a2dc7d0
Fortunately, this new version of netdata adds support for setting the
location of the control socket via the environment variable
NETDATA_PIPENAME. So let's set it for the netdata service and the
command line utility so that they can communicate properly.
41 lines
1.2 KiB
Nix
41 lines
1.2 KiB
Nix
# This test runs netdata and checks for data via apps.plugin
|
|
|
|
import ./make-test-python.nix ({ pkgs, ...} : {
|
|
name = "netdata";
|
|
meta = with pkgs.lib.maintainers; {
|
|
maintainers = [ cransom raitobezarius ];
|
|
};
|
|
|
|
nodes = {
|
|
netdata =
|
|
{ pkgs, ... }:
|
|
{
|
|
environment.systemPackages = with pkgs; [ curl jq netdata ];
|
|
services.netdata.enable = true;
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
start_all()
|
|
|
|
netdata.wait_for_unit("netdata.service")
|
|
|
|
# wait for the service to listen before sending a request
|
|
netdata.wait_for_open_port(19999)
|
|
|
|
# check if the netdata main page loads.
|
|
netdata.succeed("curl --fail http://localhost:19999/")
|
|
netdata.succeed("sleep 4")
|
|
|
|
# check if netdata can read disk ops for root owned processes.
|
|
# if > 0, successful. verifies both netdata working and
|
|
# apps.plugin has elevated capabilities.
|
|
url = "http://localhost:19999/api/v1/data\?chart=users.pwrites"
|
|
filter = '[.data[range(10)][.labels | indices("root")[0]]] | add | . > 0'
|
|
cmd = f"curl -s {url} | jq -e '{filter}'"
|
|
netdata.wait_until_succeeds(cmd)
|
|
|
|
# check if the control socket is available
|
|
netdata.succeed("sudo netdatacli ping")
|
|
'';
|
|
})
|