nixos/tests/openresty-lua.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / openresty-lua.nix
at master 3.3 kB view raw
  1{ pkgs, lib, ... }:
  2let
  3  luaLibs = [
  4    pkgs.lua.pkgs.markdown
  5  ];
  6
  7  getLuaPath = lib: "${lib}/share/lua/${pkgs.lua.luaversion}/?.lua";
  8  luaPath = lib.concatStringsSep ";" (map getLuaPath luaLibs);
  9in
 10{
 11  name = "openresty-lua";
 12  meta = with pkgs.lib.maintainers; {
 13    maintainers = [ bbigras ];
 14  };
 15
 16  nodes = {
 17    webserver =
 18      { pkgs, lib, ... }:
 19      {
 20        networking = {
 21          extraHosts = ''
 22            127.0.0.1 default.test
 23            127.0.0.1 sandbox.test
 24          '';
 25        };
 26        services.nginx = {
 27          enable = true;
 28          package = pkgs.openresty;
 29
 30          commonHttpConfig = ''
 31            lua_package_path '${luaPath};;';
 32          '';
 33
 34          virtualHosts."default.test" = {
 35            default = true;
 36            locations."/" = {
 37              extraConfig = ''
 38                default_type text/html;
 39                access_by_lua '
 40                  local markdown = require "markdown"
 41                  markdown("source")
 42                ';
 43              '';
 44            };
 45          };
 46
 47          virtualHosts."sandbox.test" = {
 48            locations."/test1-write" = {
 49              extraConfig = ''
 50                content_by_lua_block {
 51                  local create = os.execute('${pkgs.coreutils}/bin/mkdir /tmp/test1-read')
 52                  local create = os.execute('${pkgs.coreutils}/bin/touch /tmp/test1-read/foo.txt')
 53                  local echo = os.execute('${pkgs.coreutils}/bin/echo worked > /tmp/test1-read/foo.txt')
 54                }
 55              '';
 56            };
 57            locations."/test1-read" = {
 58              root = "/tmp";
 59            };
 60            locations."/test2-write" = {
 61              extraConfig = ''
 62                content_by_lua_block {
 63                  local create = os.execute('${pkgs.coreutils}/bin/mkdir /var/web/test2-read')
 64                  local create = os.execute('${pkgs.coreutils}/bin/touch /var/web/test2-read/bar.txt')
 65                  local echo = os.execute('${pkgs.coreutils}/bin/echo error-worked > /var/web/test2-read/bar.txt')
 66                }
 67              '';
 68            };
 69            locations."/test2-read" = {
 70              root = "/var/web";
 71            };
 72          };
 73        };
 74      };
 75  };
 76
 77  testScript =
 78    { nodes, ... }:
 79    ''
 80      url = "http://localhost"
 81
 82      webserver.wait_for_unit("nginx")
 83      webserver.wait_for_open_port(80)
 84
 85      http_code = webserver.succeed(
 86        f"curl -w '%{{http_code}}' --head --fail {url}"
 87      )
 88      assert http_code.split("\n")[-1] == "200"
 89
 90      # This test checks the creation and reading of a file in sandbox mode.
 91      # Checking write in temporary folder
 92      webserver.succeed("$(curl -vvv http://sandbox.test/test1-write)")
 93      webserver.succeed('test "$(curl -fvvv http://sandbox.test/test1-read/foo.txt)" = worked')
 94      # Checking write in protected folder. In sandbox mode for the nginx service, the folder /var/web is mounted
 95      # in read-only mode.
 96      webserver.succeed("mkdir -p /var/web")
 97      webserver.succeed("chown nginx:nginx /var/web")
 98      webserver.succeed("$(curl -vvv http://sandbox.test/test2-write)")
 99      assert "404 Not Found" in machine.succeed(
100          "curl -vvv -s http://sandbox.test/test2-read/bar.txt"
101      )
102    '';
103}