pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / nginx-http3.nix
at 24.11-pre 3.7 kB view raw
1{ system ? builtins.currentSystem, 2 config ? {}, 3 pkgs ? import ../.. { inherit system config; } 4}: 5 6with import ../lib/testing-python.nix { inherit system pkgs; }; 7 8let 9 hosts = '' 10 192.168.2.101 acme.test 11 ''; 12 13in 14 15builtins.listToAttrs ( 16 builtins.map 17 (nginxPackage: 18 { 19 name = pkgs.lib.getName nginxPackage; 20 value = makeTest { 21 name = "nginx-http3-${pkgs.lib.getName nginxPackage}"; 22 meta.maintainers = with pkgs.lib.maintainers; [ izorkin ]; 23 24 nodes = { 25 server = { lib, pkgs, ... }: { 26 networking = { 27 interfaces.eth1 = { 28 ipv4.addresses = [ 29 { address = "192.168.2.101"; prefixLength = 24; } 30 ]; 31 }; 32 extraHosts = hosts; 33 firewall.allowedTCPPorts = [ 443 ]; 34 firewall.allowedUDPPorts = [ 443 ]; 35 }; 36 37 security.pki.certificates = [ 38 (builtins.readFile ./common/acme/server/ca.cert.pem) 39 ]; 40 41 services.nginx = { 42 enable = true; 43 package = nginxPackage; 44 45 virtualHosts."acme.test" = { 46 onlySSL = true; 47 sslCertificate = ./common/acme/server/acme.test.cert.pem; 48 sslCertificateKey = ./common/acme/server/acme.test.key.pem; 49 http2 = true; 50 http3 = true; 51 http3_hq = false; 52 quic = true; 53 reuseport = true; 54 root = lib.mkForce (pkgs.runCommandLocal "testdir" {} '' 55 mkdir "$out" 56 cat > "$out/index.html" <<EOF 57 <html><body>Hello World!</body></html> 58 EOF 59 cat > "$out/example.txt" <<EOF 60 Check http3 protocol. 61 EOF 62 ''); 63 }; 64 }; 65 }; 66 67 client = { pkgs, ... }: { 68 environment.systemPackages = [ pkgs.curlHTTP3 ]; 69 networking = { 70 interfaces.eth1 = { 71 ipv4.addresses = [ 72 { address = "192.168.2.201"; prefixLength = 24; } 73 ]; 74 }; 75 extraHosts = hosts; 76 }; 77 78 security.pki.certificates = [ 79 (builtins.readFile ./common/acme/server/ca.cert.pem) 80 ]; 81 }; 82 }; 83 84 testScript = '' 85 start_all() 86 87 server.wait_for_unit("nginx") 88 server.wait_for_open_port(443) 89 90 # Check http connections 91 client.succeed("curl --verbose --http3-only https://acme.test | grep 'Hello World!'") 92 93 # Check downloadings 94 client.succeed("curl --verbose --http3-only https://acme.test/example.txt --output /tmp/example.txt") 95 client.succeed("cat /tmp/example.txt | grep 'Check http3 protocol.'") 96 97 # Check header reading 98 client.succeed("curl --verbose --http3-only --head https://acme.test | grep 'content-type'") 99 client.succeed("curl --verbose --http3-only --head https://acme.test | grep 'HTTP/3 200'") 100 client.succeed("curl --verbose --http3-only --head https://acme.test/error | grep 'HTTP/3 404'") 101 102 # Check change User-Agent 103 client.succeed("curl --verbose --http3-only --user-agent 'Curl test 3.0' https://acme.test") 104 server.succeed("cat /var/log/nginx/access.log | grep 'Curl test 3.0'") 105 106 server.shutdown() 107 client.shutdown() 108 ''; 109 }; 110 } 111 ) 112 [ pkgs.angieQuic pkgs.nginxQuic ] 113)