pyrox.dev / nixpkgs
lol
fork atom

nixos/nginx: fix mkDefaultListenVhost mapping for unix sockets (#371561)

Franz Pletz a5945201 32e932d1

options
unified split
Changed files
+13 -3
nixos
modules
services
web-servers
nginx
default.nix
tests
nginx-unix-socket.nix
+2 -2
nixos/modules/services/web-servers/nginx/default.nix 
···

       
339

       
 

       
            map (


     

       
340

       
 

       
              listen:


     

       
341

       
 

       
              {


     

       
342

       
-

       
                port = cfg.defaultSSLListenPort;


     

       
343

       
 

       
                ssl = true;


     

       
344

       
 

       
              }


     

       
345

       
 

       
              // listen


     
···

       
351

       
 

       
            map (


     

       
352

       
 

       
              listen:


     

       
353

       
 

       
              {


     

       
354

       
-

       
                port = cfg.defaultHTTPListenPort;


     

       
355

       
 

       
                ssl = false;


     

       
356

       
 

       
              }


     

       
357

       
 

       
              // listen


     
···

       
339

       
 

       
            map (


     

       
340

       
 

       
              listen:


     

       
341

       
 

       
              {


     

       
342

       
+

       
                port = if (hasPrefix "unix:" listen.addr) then null else cfg.defaultSSLListenPort;


     

       
343

       
 

       
                ssl = true;


     

       
344

       
 

       
              }


     

       
345

       
 

       
              // listen


     
···

       
351

       
 

       
            map (


     

       
352

       
 

       
              listen:


     

       
353

       
 

       
              {


     

       
354

       
+

       
                port = if (hasPrefix "unix:" listen.addr) then null else cfg.defaultHTTPListenPort;


     

       
355

       
 

       
                ssl = false;


     

       
356

       
 

       
              }


     

       
357

       
 

       
              // listen
+11 -1
nixos/tests/nginx-unix-socket.nix 
···

       
1

       
 

       
{ ... }:


     

       
2

       
 

       
let


     

       

       

       
     

       
3

       
 

       
  nginxSocketPath = "/var/run/nginx/test.sock";


     

       
4

       
 

       
in


     

       
5

       
 

       
{


     
···

       
11

       
 

       
      {


     

       
12

       
 

       
        services.nginx = {


     

       
13

       
 

       
          enable = true;


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
14

       
 

       
          virtualHosts.localhost = {


     

       
15

       
 

       
            serverName = "localhost";


     

       
16

       
 

       
            listen = [ { addr = "unix:${nginxSocketPath}"; } ];


     
···

       
22

       
 

       



     

       
23

       
 

       
  testScript = ''


     

       
24

       
 

       
    webserver.wait_for_unit("nginx")


     

       
25

       
-

       
    webserver.wait_for_open_unix_socket("${nginxSocketPath}")


     

       

       

       
     

       
26

       
 

       



     

       

       

       
     

       
27

       
 

       
    webserver.succeed("curl --fail --silent --unix-socket '${nginxSocketPath}' http://localhost/test | grep '^foo$'")


     

       
28

       
 

       
  '';


     

       
29

       
 

       
}


     
···

       
1

       
 

       
{ ... }:


     

       
2

       
 

       
let


     

       
3

       
+

       
  defaultNginxSocketPath = "/var/run/nginx/default-test.sock";


     

       
4

       
 

       
  nginxSocketPath = "/var/run/nginx/test.sock";


     

       
5

       
 

       
in


     

       
6

       
 

       
{


     
···

       
12

       
 

       
      {


     

       
13

       
 

       
        services.nginx = {


     

       
14

       
 

       
          enable = true;


     

       
15

       
+

       



     

       
16

       
+

       
          defaultListen = [ { addr = "unix:${defaultNginxSocketPath}"; } ];


     

       
17

       
+

       
          virtualHosts.defaultLocalhost = {


     

       
18

       
+

       
            serverName = "defaultLocalhost";


     

       
19

       
+

       
            locations."/default".return = "200 'bar'";


     

       
20

       
+

       
          };


     

       
21

       
+

       



     

       
22

       
 

       
          virtualHosts.localhost = {


     

       
23

       
 

       
            serverName = "localhost";


     

       
24

       
 

       
            listen = [ { addr = "unix:${nginxSocketPath}"; } ];


     
···

       
30

       
 

       



     

       
31

       
 

       
  testScript = ''


     

       
32

       
 

       
    webserver.wait_for_unit("nginx")


     

       
33

       
+

       
    webserver.wait_for_open_unix_socket("${defaultNginxSocketPath}", timeout=1)


     

       
34

       
+

       
    webserver.wait_for_open_unix_socket("${nginxSocketPath}", timeout=1)


     

       
35

       
 

       



     

       
36

       
+

       
    webserver.succeed("curl --fail --silent --unix-socket '${defaultNginxSocketPath}' http://defaultLocalhost/default | grep '^bar$'")


     

       
37

       
 

       
    webserver.succeed("curl --fail --silent --unix-socket '${nginxSocketPath}' http://localhost/test | grep '^foo$'")


     

       
38

       
 

       
  '';


     

       
39

       
 

       
}