diff options
author | Florian Klink <flokli@flokli.de> | 2021-01-10 22:08:02 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-01-10 22:08:02 +0100 |
commit | 07f8292f88f87222b67d2eea7665ab3115aa7512 (patch) | |
tree | af17a438efa067a43bf6c4aeaa4c2c562c67e51a /nixos | |
parent | a7b1c823319e4cf8b721347805fb78531f58b57a (diff) | |
parent | 5d0b0fcc7d841ff749d2880f214980be15ff72bb (diff) |
Merge pull request #108844 from dadada/dadada/redis-unix-socket
nixos/redis: add test for unix socket access
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/tests/redis.nix | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/nixos/tests/redis.nix b/nixos/tests/redis.nix index 529965d7acde..f51bb029d64e 100644 --- a/nixos/tests/redis.nix +++ b/nixos/tests/redis.nix @@ -1,4 +1,8 @@ -import ./make-test-python.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ... }: +let + redisSocket = "/run/redis/redis.sock"; +in +{ name = "redis"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ flokli ]; @@ -10,7 +14,20 @@ import ./make-test-python.nix ({ pkgs, ...} : { { services.redis.enable = true; - services.redis.unixSocket = "/run/redis/redis.sock"; + services.redis.unixSocket = redisSocket; + + # Allow access to the unix socket for the "redis" group. + services.redis.settings.unixsocketperm = "770"; + + users.users."member" = { + createHome = false; + description = "A member of the redis group"; + extraGroups = [ + "redis" + ]; + group = "users"; + shell = "/bin/sh"; + }; }; }; @@ -18,7 +35,11 @@ import ./make-test-python.nix ({ pkgs, ...} : { start_all() machine.wait_for_unit("redis") machine.wait_for_open_port("6379") + + # The unix socket is accessible to the redis group + machine.succeed('su member -c "redis-cli ping | grep PONG"') + machine.succeed("redis-cli ping | grep PONG") - machine.succeed("redis-cli -s /run/redis/redis.sock ping | grep PONG") + machine.succeed("redis-cli -s ${redisSocket} ping | grep PONG") ''; }) |