diff --git a/nixos/tests/rabbitmq.nix b/nixos/tests/rabbitmq.nix index f8e8e61c47d25..040679e68d989 100644 --- a/nixos/tests/rabbitmq.nix +++ b/nixos/tests/rabbitmq.nix @@ -1,6 +1,12 @@ # This test runs rabbitmq and checks if rabbitmq is up and running. -import ./make-test-python.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: +let + # in real life, you would keep this out of your repo and deploy it to a safe + # location using safe means. + configKeyPath = pkgs.writeText "fake-config-key" "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01"; +in +{ name = "rabbitmq"; meta = with pkgs.lib.maintainers; { maintainers = [ eelco offline ]; @@ -10,6 +16,29 @@ import ./make-test-python.nix ({ pkgs, ... }: { services.rabbitmq = { enable = true; managementPlugin.enable = true; + + # To encrypt: + # rabbitmqctl --quiet encode --cipher blowfish_cfb64 --hash sha256 \ + # --iterations 10000 '<<"dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw">>' \ + # "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01" ; + config = '' + [ { rabbit + , [ {default_user, <<"alice">>} + , { default_pass + , {encrypted,<<"oKKxyTze9PYmsEfl6FG1MxIUhxY7WPQL7HBoMPRC/1ZOdOZbtr9+DxjWW3e1D5SL48n3D9QOsGD0cOgYG7Qdvb7Txrepw8w=">>} + } + , {config_entry_decoder + , [ {passphrase, {file, <<"${configKeyPath}">>}} + , {cipher, blowfish_cfb64} + , {hash, sha256} + , {iterations, 10000} + ] + } + % , {rabbitmq_management, [{path_prefix, "/_queues"}]} + ] + } + ]. + ''; }; # Ensure there is sufficient extra disk space for rabbitmq to be happy virtualisation.diskSize = 1024; @@ -23,5 +52,10 @@ import ./make-test-python.nix ({ pkgs, ... }: { 'su -s ${pkgs.runtimeShell} rabbitmq -c "rabbitmqctl status"' ) machine.wait_for_open_port(15672) + + # The password is the plaintext that was encrypted with rabbitmqctl encode above. + machine.wait_until_succeeds( + '${pkgs.rabbitmq-java-client}/bin/PerfTest --time 10 --uri amqp://alice:dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw@localhost' + ) ''; }) diff --git a/pkgs/servers/amqp/rabbitmq-server/default.nix b/pkgs/servers/amqp/rabbitmq-server/default.nix index fe030db1b31d3..9fc0588ce27ec 100644 --- a/pkgs/servers/amqp/rabbitmq-server/default.nix +++ b/pkgs/servers/amqp/rabbitmq-server/default.nix @@ -25,6 +25,17 @@ , nixosTests }: +let + runtimePath = lib.makeBinPath ([ + erlang + getconf # for getting memory limits + socat + procps + gnused + coreutils # used by helper scripts + ] ++ lib.optionals stdenv.isLinux [ systemd ]); # for systemd unit activation check +in + stdenv.mkDerivation rec { pname = "rabbitmq-server"; version = "3.10.7"; @@ -48,15 +59,6 @@ stdenv.mkDerivation rec { export LANG=C.UTF-8 # fix elixir locale warning ''; - runtimePath = lib.makeBinPath ([ - erlang - getconf # for getting memory limits - socat - procps - gnused - coreutils # used by helper scripts - ] ++ lib.optionals stdenv.isLinux [ systemd ]); # for systemd unit activation check - postInstall = '' # rabbitmq-env calls to sed/coreutils, so provide everything early sed -i $out/sbin/rabbitmq-env -e '2s|^|PATH=${runtimePath}\''${PATH:+:}\$PATH/\n|' diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 409c9214bceec..7fb5dd5d6d505 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -23789,6 +23789,7 @@ with pkgs; rabbitmq-server = callPackage ../servers/amqp/rabbitmq-server { inherit (darwin.apple_sdk.frameworks) AppKit Carbon Cocoa; elixir = elixir_1_12; + erlang = erlang.override { opensslPackage = openssl_1_1; }; }; radicale2 = callPackage ../servers/radicale/2.x.nix { };