nixos/tests/nginx-http3.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / nginx-http3.nix
at 23.11-pre 2.8 kB view raw
 1import ./make-test-python.nix ({lib, pkgs, ...}:
 2let
 3  hosts = ''
 4    192.168.2.101 acme.test
 5  '';
 6
 7in
 8{
 9  name = "nginx-http3";
10  meta.maintainers = with pkgs.lib.maintainers; [ izorkin ];
11
12  nodes = {
13    server = { pkgs, ... }: {
14      networking = {
15        interfaces.eth1 = {
16          ipv4.addresses = [
17            { address = "192.168.2.101"; prefixLength = 24; }
18          ];
19        };
20        extraHosts = hosts;
21        firewall.allowedTCPPorts = [ 443 ];
22        firewall.allowedUDPPorts = [ 443 ];
23      };
24
25      security.pki.certificates = [
26        (builtins.readFile ./common/acme/server/ca.cert.pem)
27      ];
28
29      services.nginx = {
30        enable = true;
31        package = pkgs.nginxQuic;
32
33        virtualHosts."acme.test" = {
34          onlySSL = true;
35          sslCertificate = ./common/acme/server/acme.test.cert.pem;
36          sslCertificateKey = ./common/acme/server/acme.test.key.pem;
37          http2 = true;
38          http3 = true;
39          http3_hq = false;
40          quic = true;
41          reuseport = true;
42          root = lib.mkForce (pkgs.runCommandLocal "testdir" {} ''
43            mkdir "$out"
44            cat > "$out/index.html" <<EOF
45            <html><body>Hello World!</body></html>
46            EOF
47            cat > "$out/example.txt" <<EOF
48            Check http3 protocol.
49            EOF
50          '');
51        };
52      };
53    };
54
55    client = { pkgs, ... }: {
56      environment.systemPackages = [ pkgs.curlHTTP3 ];
57      networking = {
58        interfaces.eth1 = {
59          ipv4.addresses = [
60            { address = "192.168.2.201"; prefixLength = 24; }
61          ];
62        };
63        extraHosts = hosts;
64      };
65
66      security.pki.certificates = [
67        (builtins.readFile ./common/acme/server/ca.cert.pem)
68      ];
69    };
70  };
71
72  testScript = ''
73    start_all()
74
75    server.wait_for_unit("nginx")
76    server.wait_for_open_port(443)
77
78    # Check http connections
79    client.succeed("curl --verbose --http3 https://acme.test | grep 'Hello World!'")
80
81    # Check downloadings
82    client.succeed("curl --verbose --http3 https://acme.test/example.txt --output /tmp/example.txt")
83    client.succeed("cat /tmp/example.txt | grep 'Check http3 protocol.'")
84
85    # Check header reading
86    client.succeed("curl --verbose --http3 --head https://acme.test | grep 'content-type'")
87    client.succeed("curl --verbose --http3 --head https://acme.test | grep 'HTTP/3 200'")
88    client.succeed("curl --verbose --http3 --head https://acme.test/error | grep 'HTTP/3 404'")
89
90    # Check change User-Agent
91    client.succeed("curl --verbose --http3 --user-agent 'Curl test 3.0' https://acme.test")
92    server.succeed("cat /var/log/nginx/access.log | grep 'Curl test 3.0'")
93
94    server.shutdown()
95    client.shutdown()
96  '';
97})