nixpkgs/nixos/tests/graylog.nix
Maximilian Bosch 16d0b8dcbd
nixos/graylog: add test
Basic test which confirms new inputs can be created and that messages
can be sent to a UDP-GELF input using `netcat`.

This test requires 4GB of RAM to avoid issues due insufficient
memory (please refer to `nixos/tests/elk.nix` for a detailed explanation of
the issue) for elasticsearch.

Also it's ensured that elasticsearch has an open HTTP port for communication
when starting `graylog`. This is a workaround to ensure that all services
are started in proper order, even in test environments with less power.
However this shouldn't be implemented in the `nixos/graylog` module as
this might be harmful when using elasticsearch clusters that require e.g.
authentication and/or run on different servers.
2019-07-09 23:57:45 +02:00

111 lines
4.1 KiB
Nix

import ./make-test.nix ({ pkgs, lib, ... }: {
name = "graylog";
meta.maintainers = with lib.maintainers; [ ma27 ];
machine = { pkgs, ... }: {
virtualisation.memorySize = 4096;
virtualisation.diskSize = 4096;
services.mongodb.enable = true;
services.elasticsearch.enable = true;
services.elasticsearch.package = pkgs.elasticsearch-oss;
services.elasticsearch.extraConf = ''
network.publish_host: 127.0.0.1
network.bind_host: 127.0.0.1
'';
services.graylog = {
enable = true;
passwordSecret = "YGhZ59wXMrYOojx5xdgEpBpDw2N6FbhM4lTtaJ1KPxxmKrUvSlDbtWArwAWMQ5LKx1ojHEVrQrBMVRdXbRyZLqffoUzHfssc";
elasticsearchHosts = [ "http://localhost:9200" ];
# `echo -n "nixos" | shasum -a 256`
rootPasswordSha2 = "6ed332bcfa615381511d4d5ba44a293bb476f368f7e9e304f0dff50230d1a85b";
};
environment.systemPackages = [ pkgs.jq ];
systemd.services.graylog.path = [ pkgs.netcat ];
systemd.services.graylog.preStart = ''
until nc -z localhost 9200; do
sleep 2
done
'';
};
testScript = let
payloads.login = pkgs.writeText "login.json" (builtins.toJSON {
host = "127.0.0.1:9000";
username = "admin";
password = "nixos";
});
payloads.input = pkgs.writeText "input.json" (builtins.toJSON {
title = "Demo";
global = false;
type = "org.graylog2.inputs.gelf.udp.GELFUDPInput";
node = "@node@";
configuration = {
bind_address = "0.0.0.0";
decompress_size_limit = 8388608;
number_worker_threads = 1;
override_source = null;
port = 12201;
recv_buffer_size = 262144;
};
});
payloads.gelf_message = pkgs.writeText "gelf.json" (builtins.toJSON {
host = "example.org";
short_message = "A short message";
full_message = "A long message";
version = "1.1";
level = 5;
facility = "Test";
});
in ''
$machine->start;
$machine->waitForUnit("graylog.service");
$machine->waitForOpenPort(9000);
$machine->succeed("curl -sSfL http://127.0.0.1:9000/");
my $session = $machine->succeed("curl -X POST "
. "-sSfL http://127.0.0.1:9000/api/system/sessions "
. "-d \$(cat ${payloads.login}) "
. "-H 'Content-Type: application/json' "
. "-H 'Accept: application/json' "
. "-H 'x-requested-by: cli' "
. "| jq .session_id | xargs echo"
);
chomp($session);
$machine->succeed("curl -X POST "
. "-sSfL http://127.0.0.1:9000/api/system/inputs -u $session:session "
. "-d \$(cat ${payloads.input} | sed -e \"s,\@node\@,\$(cat /var/lib/graylog/server/node-id),\") "
. "-H 'Accept: application/json' "
. "-H 'Content-Type: application/json' "
. "-H 'x-requested-by: cli' "
);
$machine->waitUntilSucceeds("test \"\$(curl -sSfL 'http://127.0.0.1:9000/api/cluster/inputstates' "
. "-u $session:session "
. "-H 'Accept: application/json' "
. "-H 'Content-Type: application/json' "
. "-H 'x-requested-by: cli'"
. "| jq 'to_entries[]|.value|.[0]|.state' | xargs echo"
. ")\" = \"RUNNING\""
);
$machine->succeed("echo -n \$(cat ${payloads.gelf_message}) | nc -w10 -u 127.0.0.1 12201");
$machine->succeed("test \"\$(curl -X GET "
. "-sSfL 'http://127.0.0.1:9000/api/search/universal/relative?query=*' "
. "-u $session:session "
. "-H 'Accept: application/json' "
. "-H 'Content-Type: application/json' "
. "-H 'x-requested-by: cli'"
. " | jq '.total_results' | xargs echo)\" = \"1\""
);
'';
})