nixos/tests/nginx-http3.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / nginx-http3.nix
at 23.05-pre 2.5 kB view raw
 1import ./make-test-python.nix ({lib, pkgs, ...}:
 2let
 3  hosts = ''
 4    192.168.2.101 acme.test
 5  '';
 6
 7in
 8{
 9  name = "nginx-http3";
10  meta.maintainers = with pkgs.lib.maintainers; [ izorkin ];
11
12  nodes = {
13    server = { pkgs, ... }: {
14      networking = {
15        interfaces.eth1 = {
16          ipv4.addresses = [
17            { address = "192.168.2.101"; prefixLength = 24; }
18          ];
19        };
20        extraHosts = hosts;
21        firewall.allowedTCPPorts = [ 443 ];
22        firewall.allowedUDPPorts = [ 443 ];
23      };
24
25      security.pki.certificates = [
26        (builtins.readFile ./common/acme/server/ca.cert.pem)
27      ];
28
29      services.nginx = {
30        enable = true;
31        package = pkgs.nginxQuic;
32
33        virtualHosts."acme.test" = {
34          onlySSL = true;
35          sslCertificate = ./common/acme/server/acme.test.cert.pem;
36          sslCertificateKey = ./common/acme/server/acme.test.key.pem;
37          http2 = true;
38          http3 = true;
39          reuseport = true;
40          root = lib.mkForce (pkgs.runCommandLocal "testdir2" {} ''
41            mkdir "$out"
42            cat > "$out/index.html" <<EOF
43            <html><body>Hello World!</body></html>
44            EOF
45            cat > "$out/example.txt" <<EOF
46            Check http3 protocol.
47            EOF
48          '');
49        };
50      };
51    };
52
53    client = { pkgs, ... }: {
54      environment.systemPackages = [ pkgs.curlHTTP3 ];
55      networking = {
56        interfaces.eth1 = {
57          ipv4.addresses = [
58            { address = "192.168.2.201"; prefixLength = 24; }
59          ];
60        };
61        extraHosts = hosts;
62      };
63
64      security.pki.certificates = [
65        (builtins.readFile ./common/acme/server/ca.cert.pem)
66      ];
67    };
68  };
69
70  testScript = ''
71    start_all()
72
73    server.wait_for_unit("nginx")
74    server.wait_for_open_port(443)
75
76    # Check http connections
77    client.succeed("curl --verbose --http3 https://acme.test | grep 'Hello World!'")
78
79    # Check downloadings
80    client.succeed("curl --verbose --http3 https://acme.test/example.txt --output /tmp/example.txt")
81    client.succeed("cat /tmp/example.txt | grep 'Check http3 protocol.'")
82
83    # Check header reading
84    client.succeed("curl --verbose --http3 --head https://acme.test | grep 'content-type'")
85
86    # Check change User-Agent
87    client.succeed("curl --verbose --http3 --user-agent 'Curl test 3.0' https://acme.test")
88    server.succeed("cat /var/log/nginx/access.log | grep 'Curl test 3.0'")
89
90    server.shutdown()
91    client.shutdown()
92  '';
93})