movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 21:50:33 +03:00
Code Activity

nixosTests.rabbitmq: Test config decryption (fails)

Browse source
This commit is contained in:
Robert Hensing 2022-09-23 14:39:06 +01:00 committed by Manuel Bärenz
parent f201ee917d
commit 9480b59b45
1 changed files with 35 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

36
nixos/tests/rabbitmq.nix
View file

@ -1,6 +1,12 @@
# This test runs rabbitmq and checks if rabbitmq is up and running. # This test runs rabbitmq and checks if rabbitmq is up and running.
import ./make-test-python.nix ({ pkgs, ... }: { import ./make-test-python.nix ({ pkgs, ... }:
let
# in real life, you would keep this out of your repo and deploy it to a safe
# location using safe means.
configKeyPath = pkgs.writeText "fake-config-key" "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01";
in
{
name = "rabbitmq"; name = "rabbitmq";
meta = with pkgs.lib.maintainers; { meta = with pkgs.lib.maintainers; {
maintainers = [ eelco offline ]; maintainers = [ eelco offline ];
@ -10,6 +16,29 @@ import ./make-test-python.nix ({ pkgs, ... }: {
services.rabbitmq = { services.rabbitmq = {
enable = true; enable = true;
managementPlugin.enable = true; managementPlugin.enable = true;
# To encrypt:
# rabbitmqctl --quiet encode --cipher blowfish_cfb64 --hash sha256 \
# --iterations 10000 '<<"dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw">>' \
# "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01" ;
config = ''
[ { rabbit
, [ {default_user, <<"alice">>}
, { default_pass
, {encrypted,<<"oKKxyTze9PYmsEfl6FG1MxIUhxY7WPQL7HBoMPRC/1ZOdOZbtr9+DxjWW3e1D5SL48n3D9QOsGD0cOgYG7Qdvb7Txrepw8w=">>}
}
, {config_entry_decoder
, [ {passphrase, {file, <<"${configKeyPath}">>}}
, {cipher, blowfish_cfb64}
, {hash, sha256}
, {iterations, 10000}
]
}
% , {rabbitmq_management, [{path_prefix, "/_queues"}]}
]
}
].
'';
}; };
# Ensure there is sufficient extra disk space for rabbitmq to be happy # Ensure there is sufficient extra disk space for rabbitmq to be happy
virtualisation.diskSize = 1024; virtualisation.diskSize = 1024;
@ -23,5 +52,10 @@ import ./make-test-python.nix ({ pkgs, ... }: {
'su -s ${pkgs.runtimeShell} rabbitmq -c "rabbitmqctl status"' 'su -s ${pkgs.runtimeShell} rabbitmq -c "rabbitmqctl status"'
) )
machine.wait_for_open_port(15672) machine.wait_for_open_port(15672)
# The password is the plaintext that was encrypted with rabbitmqctl encode above.
machine.wait_until_succeeds(
'${pkgs.rabbitmq-java-client}/bin/PerfTest --time 10 --uri amqp://alice:dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw@localhost'
)
''; '';
}) })