nixos/tests/nginx-auth.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / nginx-auth.nix
at 23.05-pre 1.3 kB view raw
 1import ./make-test-python.nix ({ pkgs, ... }: {
 2  name = "nginx-auth";
 3
 4  nodes = {
 5    webserver = { pkgs, lib, ... }: {
 6      services.nginx = let
 7        root = pkgs.runCommand "testdir" {} ''
 8          mkdir "$out"
 9          echo hello world > "$out/index.html"
10        '';
11      in {
12        enable = true;
13
14        virtualHosts.lockedroot = {
15          inherit root;
16          basicAuth.alice = "pwofa";
17        };
18
19        virtualHosts.lockedsubdir = {
20          inherit root;
21          locations."/sublocation/" = {
22            alias = "${root}/";
23            basicAuth.bob = "pwofb";
24          };
25        };
26      };
27    };
28  };
29
30  testScript = ''
31    webserver.wait_for_unit("nginx")
32    webserver.wait_for_open_port(80)
33
34    webserver.fail("curl --fail --resolve lockedroot:80:127.0.0.1 http://lockedroot")
35    webserver.succeed(
36        "curl --fail --resolve lockedroot:80:127.0.0.1 http://alice:pwofa@lockedroot"
37    )
38
39    webserver.succeed("curl --fail --resolve lockedsubdir:80:127.0.0.1 http://lockedsubdir")
40    webserver.fail(
41        "curl --fail --resolve lockedsubdir:80:127.0.0.1 http://lockedsubdir/sublocation/index.html"
42    )
43    webserver.succeed(
44        "curl --fail --resolve lockedsubdir:80:127.0.0.1 http://bob:pwofb@lockedsubdir/sublocation/index.html"
45    )
46  '';
47})