How to access the port of a nixos test VM from the host?

Hi all,

We are trying to setup some tests for a NixOS module Lemmy at the moment. Lemmy comes with an http backend and a web UI which can be curled successfully within the test VM with the usual testScript attribute.

We would now like to inspect the UI that the frontend is serving interactively with a browser on the host machine. To this end, we have started the interactive test driver with:

$ nix-build . -A nixosTests.lemmy.driverInteractive
$ ./result/bin/nixos-test-driver
>>> start_all()

The curl tests run fine then, e.g. >>> machine.succeed("curl --fail"). We used the following command to forward the relevant ports to the host:

>>> machine.send_monitor_command("hostfwd_add tcp::1234-:1234") # for the frontend
>>> machine.send_monitor_command("hostfwd_add tcp::3421-:3421") # for the backend

… and opened the machine firewall in the test configuration with:

nodes.default = { ...
      networking.firewall.allowedTCPPorts = [ 1234 3421 ]; 

This seems to at least somewhat work because we can do on the host machine:

curl --fail
curl: (56) Recv failure: Connection reset by peer

# or as in the actual test
curl --fail
curl: (56) Recv failure: Connection reset by peer

instead of just getting a

curl --fail
curl: (7) Failed to connect to port 3422: Connection refused

However, we don’t get the expected curl output which is:

default: must succeed: curl --fail
default #   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
default #                                  Dload  Upload   Total   Spent    Left  Speed
default #   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0[   25.717075] lemmy-start[940]: 2022-08-10T08:31:44.262191Z  INFO actix_web::middleware::logger: "GET /api/v3/site HTTP/1.1" 200 111 "-" "curl/7.84.0" 0.104145
default # 100   111  100   111    0     0    852      0 --:--:-- --:--:-- --:--:--   860

Does anyone have an idea what could cause this? Is there a preferred way or a good example of doing something like this?

1 Like

I have figured this out now. Going through the QEMU router and the internal ip instead of localhost works. Will write this up when ready.