commit 0decee48f5832261143fbfbef4c8684cd3c787cd · pyrox.dev/nixpkgs

nixos/release.nix

···

       300
       300
        
         tests.grafana = callTest tests/grafana.nix {};

     

       301
       301
        
         tests.graphite = callTest tests/graphite.nix {};

     

       302
       302
        
         tests.hardened = callTest tests/hardened.nix { };

     

       303
       303
       +
         tests.haproxy = callTest tests/haproxy.nix {};

     

       303
       304
        
         tests.hibernate = callTest tests/hibernate.nix {};

     

       304
       305
        
         tests.hitch = callTest tests/hitch {};

     

       305
       306
        
         tests.home-assistant = callTest tests/home-assistant.nix { };

+41

nixos/tests/haproxy.nix

···

       1
       1
       +
       import ./make-test.nix ({ pkgs, ...}: {

     

       2
       2
       +
         name = "haproxy";

     

       3
       3
       +
         nodes = {

     

       4
       4
       +
           machine = { config, ...}: {

     

       5
       5
       +
             imports = [ ../modules/profiles/minimal.nix ];

     

       6
       6
       +
             services.haproxy = {

     

       7
       7
       +
               enable = true;

     

       8
       8
       +
               config = ''

     

       9
       9
       +
                 defaults

     

       10
       10
       +
                   timeout connect 10s

     

       11
       11
       +
       

     

       12
       12
       +
                 backend http_server

     

       13
       13
       +
                   mode http

     

       14
       14
       +
                   server httpd [::1]:8000

     

       15
       15
       +
       

     

       16
       16
       +
                 frontend http

     

       17
       17
       +
                   bind *:80

     

       18
       18
       +
                   mode http

     

       19
       19
       +
                   use_backend http_server

     

       20
       20
       +
               '';

     

       21
       21
       +
             };

     

       22
       22
       +
             services.httpd = {

     

       23
       23
       +
               enable = true;

     

       24
       24
       +
               documentRoot = pkgs.writeTextDir "index.txt" "We are all good!";

     

       25
       25
       +
               adminAddr = "notme@yourhost.local";

     

       26
       26
       +
               listen = [{

     

       27
       27
       +
                 ip = "::1";

     

       28
       28
       +
                 port = 8000;

     

       29
       29
       +
               }];

     

       30
       30
       +
             };

     

       31
       31
       +
           };

     

       32
       32
       +
         };

     

       33
       33
       +
         testScript = ''

     

       34
       34
       +
           startAll;

     

       35
       35
       +
           $machine->waitForUnit('multi-user.target');

     

       36
       36
       +
           $machine->waitForUnit('haproxy.service');

     

       37
       37
       +
           $machine->waitForUnit('httpd.service');

     

       38
       38
       +
           $machine->succeed('curl -k http://localhost:80/index.txt | grep "We are all good!"');

     

       39
       39
       +
       

     

       40
       40
       +
         '';

     

       41
       41
       +
       })

+15 -3

pkgs/tools/networking/haproxy/default.nix

···

       1
       1
        
       { useLua ? !stdenv.isDarwin

     

       2
       2
        
       , usePcre ? true

     

       3
       3
       -
       , stdenv, fetchurl

     

       3
       3
       +
       , stdenv, fetchurl, fetchpatch

     

       4
       4
        
       , openssl, zlib, lua5_3 ? null, pcre ? null

     

       5
       5
        
       }:

     

       6
       6
        
       

     
···

       9
       9
        
       

     

       10
       10
        
       stdenv.mkDerivation rec {

     

       11
       11
        
         pname = "haproxy";

     

       12
       12
       -
         version = "1.8.4";

     

       12
       12
       +
         version = "1.8.9";

     

       13
       13
        
         name = "${pname}-${version}";

     

       14
       14
        
       

     

       15
       15
        
         src = fetchurl {

     

       16
       16
        
           url = "https://www.haproxy.org/download/${stdenv.lib.versions.majorMinor version}/src/${name}.tar.gz";

     

       17
       17
       -
           sha256 = "19l4i0p92ahm3vaw42gz3rmmidfivk36mvqyhir81h6ywyjb01g3";

     

       17
       17
       +
           sha256 = "00miblgwll3mycsgmp3gd3cn4lwsagxzgjxk5i6csnyqgj97fss3";

     

       18
       18
        
         };

     

       19
       19
       +
       

     

       20
       20
       +
         patches = [

     

       21
       21
       +
           (fetchpatch {

     

       22
       22
       +
             name = "CVE-2018-11469.patch";

     

       23
       23
       +
             url = "https://git.haproxy.org/?p=haproxy-1.8.git;a=patch;h=17514045e5d934dede62116216c1b016fe23dd06";

     

       24
       24
       +
             sha256 = "0hzcvghg8qz45n3mrcgsjgvrvicvbvm52cc4hs5jbk1yb50qvls7";

     

       25
       25
       +
           })

     

       26
       26
       +
         ] ++ stdenv.lib.optional stdenv.isDarwin (fetchpatch {

     

       27
       27
       +
           name = "fix-darwin-no-threads-build.patch";

     

       28
       28
       +
           url = "https://git.haproxy.org/?p=haproxy-1.8.git;a=patch;h=fbf09c441a4e72c4a690bc7ef25d3374767fe5c5;hp=3157ef219c493f3b01192f1b809a086a5b119a1e";

     

       29
       29
       +
           sha256 = "16ckzb160anf7xih7mmqy59pfz8sdywmyblxnr7lz9xix3jwk55r";

     

       30
       30
       +
         });

     

       19
       31
        
       

     

       20
       32
        
         buildInputs = [ openssl zlib ]

     

       21
       33
        
           ++ stdenv.lib.optional useLua lua5_3