nixos/tests/nginx-http3.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / nginx-http3.nix
at 25.11-pre 3.8 kB view raw
  1{ pkgs, runTest, ... }:
  2let
  3  hosts = ''
  4    192.168.2.101 acme.test
  5  '';
  6
  7in
  8builtins.listToAttrs (
  9  builtins.map
 10    (nginxPackage: {
 11      name = pkgs.lib.getName nginxPackage;
 12      value = runTest {
 13        name = "nginx-http3-${pkgs.lib.getName nginxPackage}";
 14        meta.maintainers = with pkgs.lib.maintainers; [ izorkin ];
 15
 16        nodes = {
 17          server =
 18            { lib, pkgs, ... }:
 19            {
 20              networking = {
 21                interfaces.eth1 = {
 22                  ipv4.addresses = [
 23                    {
 24                      address = "192.168.2.101";
 25                      prefixLength = 24;
 26                    }
 27                  ];
 28                };
 29                extraHosts = hosts;
 30                firewall.allowedTCPPorts = [ 443 ];
 31                firewall.allowedUDPPorts = [ 443 ];
 32              };
 33
 34              security.pki.certificates = [
 35                (builtins.readFile ./common/acme/server/ca.cert.pem)
 36              ];
 37
 38              services.nginx = {
 39                enable = true;
 40                package = nginxPackage;
 41
 42                virtualHosts."acme.test" = {
 43                  onlySSL = true;
 44                  sslCertificate = ./common/acme/server/acme.test.cert.pem;
 45                  sslCertificateKey = ./common/acme/server/acme.test.key.pem;
 46                  http2 = true;
 47                  http3 = true;
 48                  http3_hq = false;
 49                  quic = true;
 50                  reuseport = true;
 51                  root = lib.mkForce (
 52                    pkgs.runCommandLocal "testdir" { } ''
 53                      mkdir "$out"
 54                      cat > "$out/index.html" <<EOF
 55                      <html><body>Hello World!</body></html>
 56                      EOF
 57                      cat > "$out/example.txt" <<EOF
 58                      Check http3 protocol.
 59                      EOF
 60                    ''
 61                  );
 62                };
 63              };
 64            };
 65
 66          client =
 67            { pkgs, ... }:
 68            {
 69              environment.systemPackages = [ pkgs.curlHTTP3 ];
 70              networking = {
 71                interfaces.eth1 = {
 72                  ipv4.addresses = [
 73                    {
 74                      address = "192.168.2.201";
 75                      prefixLength = 24;
 76                    }
 77                  ];
 78                };
 79                extraHosts = hosts;
 80              };
 81
 82              security.pki.certificates = [
 83                (builtins.readFile ./common/acme/server/ca.cert.pem)
 84              ];
 85            };
 86        };
 87
 88        testScript = ''
 89          start_all()
 90
 91          server.wait_for_unit("nginx")
 92          server.wait_for_open_port(443)
 93
 94          # Check http connections
 95          client.succeed("curl --verbose --http3-only https://acme.test | grep 'Hello World!'")
 96
 97          # Check downloadings
 98          client.succeed("curl --verbose --http3-only https://acme.test/example.txt --output /tmp/example.txt")
 99          client.succeed("cat /tmp/example.txt | grep 'Check http3 protocol.'")
100
101          # Check header reading
102          client.succeed("curl --verbose --http3-only --head https://acme.test | grep 'content-type'")
103          client.succeed("curl --verbose --http3-only --head https://acme.test | grep 'HTTP/3 200'")
104          client.succeed("curl --verbose --http3-only --head https://acme.test/error | grep 'HTTP/3 404'")
105
106          # Check change User-Agent
107          client.succeed("curl --verbose --http3-only --user-agent 'Curl test 3.0' https://acme.test")
108          server.succeed("cat /var/log/nginx/access.log | grep 'Curl test 3.0'")
109
110          server.shutdown()
111          client.shutdown()
112        '';
113      };
114    })
115    [
116      pkgs.angieQuic
117      pkgs.nginxQuic
118    ]
119)