From 4e8b9e89ca080f2f0da3cd800a114f6dfd1cea45 Mon Sep 17 00:00:00 2001
From: Florian Sesser <florian@private.storage>
Date: Wed, 4 Aug 2021 17:30:37 +0000
Subject: [PATCH] Add tests for metrics endpoint accessibility by IP

This should fail currently, since metrics are still public.
Also, I couldn't test this code locally, since I currently run VirtualBox VMs
on my dev box. I'll just see what CI says to this code.
---
 nixos/modules/tests/private-storage.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/nixos/modules/tests/private-storage.nix b/nixos/modules/tests/private-storage.nix
index 353abc89..7cd0100d 100644
--- a/nixos/modules/tests/private-storage.nix
+++ b/nixos/modules/tests/private-storage.nix
@@ -308,4 +308,10 @@ in {
         $client->log($log);
         die $@;
       };
+
+      # The issuer metrics should be accessible from the monitoring network.
+      $issuer->succeed('curl --silent --insecure --fail --output /dev/null https://172.23.23.11/metrics');
+
+      # The issuer metrics should NOT be accessible from any other network.
+      $issuer->fail('curl --silent --insecure --fail --output /dev/null https://localhost/metrics');
       ''; }
-- 
GitLab