diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index f175aaa48cb1..088b04d9fc4a 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -166,7 +166,7 @@ in { amazon-init-shell = runTest ./amazon-init-shell.nix; amazon-ssm-agent = runTest ./amazon-ssm-agent.nix; amd-sev = runTest ./amd-sev.nix; - angie-api = handleTest ./angie-api.nix {}; + angie-api = runTest ./angie-api.nix; anki-sync-server = handleTest ./anki-sync-server.nix {}; anuko-time-tracker = handleTest ./anuko-time-tracker.nix {}; apcupsd = handleTest ./apcupsd.nix {}; diff --git a/nixos/tests/angie-api.nix b/nixos/tests/angie-api.nix index 95e66de9060e..5e31ceff0247 100644 --- a/nixos/tests/angie-api.nix +++ b/nixos/tests/angie-api.nix @@ -1,170 +1,168 @@ -import ./make-test-python.nix ( - { lib, pkgs, ... }: - let - hosts = '' - 192.168.2.101 example.com - 192.168.2.101 api.example.com - 192.168.2.101 backend.example.com - ''; +{ lib, pkgs, ... }: +let + hosts = '' + 192.168.2.101 example.com + 192.168.2.101 api.example.com + 192.168.2.101 backend.example.com + ''; - in - { - name = "angie-api"; - meta.maintainers = with pkgs.lib.maintainers; [ izorkin ]; +in +{ + name = "angie-api"; + meta.maintainers = with pkgs.lib.maintainers; [ izorkin ]; - nodes = { - server = - { pkgs, ... }: - { - networking = { - interfaces.eth1 = { - ipv4.addresses = [ - { - address = "192.168.2.101"; - prefixLength = 24; - } - ]; + nodes = { + server = + { pkgs, ... }: + { + networking = { + interfaces.eth1 = { + ipv4.addresses = [ + { + address = "192.168.2.101"; + prefixLength = 24; + } + ]; + }; + extraHosts = hosts; + firewall.allowedTCPPorts = [ 80 ]; + }; + + services.nginx = { + enable = true; + package = pkgs.angie; + + upstreams = { + "backend-http" = { + servers = { + "backend.example.com:8080" = { + fail_timeout = "0"; + }; + }; + extraConfig = '' + zone upstream 256k; + ''; + }; + "backend-socket" = { + servers = { + "unix:/run/example.sock" = { + fail_timeout = "0"; + }; + }; + extraConfig = '' + zone upstream 256k; + ''; }; - extraHosts = hosts; - firewall.allowedTCPPorts = [ 80 ]; }; - services.nginx = { - enable = true; - package = pkgs.angie; + virtualHosts."api.example.com" = { + locations."/console/" = { + extraConfig = '' + api /status/; - upstreams = { - "backend-http" = { - servers = { - "backend.example.com:8080" = { - fail_timeout = "0"; - }; - }; - extraConfig = '' - zone upstream 256k; - ''; - }; - "backend-socket" = { - servers = { - "unix:/run/example.sock" = { - fail_timeout = "0"; - }; - }; - extraConfig = '' - zone upstream 256k; - ''; - }; + allow 192.168.2.201; + deny all; + ''; }; + }; - virtualHosts."api.example.com" = { - locations."/console/" = { - extraConfig = '' - api /status/; + virtualHosts."example.com" = { + locations."/test/" = { + root = lib.mkForce ( + pkgs.runCommandLocal "testdir" { } '' + mkdir -p "$out/test" + cat > "$out/test/index.html" <Hello World! + EOF + '' + ); + extraConfig = '' + status_zone test_zone; - allow 192.168.2.201; - deny all; - ''; - }; + allow 192.168.2.201; + deny all; + ''; }; + locations."/test/locked/" = { + extraConfig = '' + status_zone test_zone; - virtualHosts."example.com" = { - locations."/test/" = { - root = lib.mkForce ( - pkgs.runCommandLocal "testdir" { } '' - mkdir -p "$out/test" - cat > "$out/test/index.html" <Hello World! - EOF - '' - ); - extraConfig = '' - status_zone test_zone; + deny all; + ''; + }; + locations."/test/error/" = { + extraConfig = '' + status_zone test_zone; - allow 192.168.2.201; - deny all; - ''; - }; - locations."/test/locked/" = { - extraConfig = '' - status_zone test_zone; - - deny all; - ''; - }; - locations."/test/error/" = { - extraConfig = '' - status_zone test_zone; - - allow all; - ''; - }; - locations."/upstream-http/" = { - proxyPass = "http://backend-http"; - }; - locations."/upstream-socket/" = { - proxyPass = "http://backend-socket"; - }; + allow all; + ''; + }; + locations."/upstream-http/" = { + proxyPass = "http://backend-http"; + }; + locations."/upstream-socket/" = { + proxyPass = "http://backend-socket"; }; }; }; + }; - client = - { pkgs, ... }: - { - environment.systemPackages = [ pkgs.jq ]; - networking = { - interfaces.eth1 = { - ipv4.addresses = [ - { - address = "192.168.2.201"; - prefixLength = 24; - } - ]; - }; - extraHosts = hosts; + client = + { pkgs, ... }: + { + environment.systemPackages = [ pkgs.jq ]; + networking = { + interfaces.eth1 = { + ipv4.addresses = [ + { + address = "192.168.2.201"; + prefixLength = 24; + } + ]; }; + extraHosts = hosts; }; - }; + }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - server.wait_for_unit("nginx") - server.wait_for_open_port(80) + server.wait_for_unit("nginx") + server.wait_for_open_port(80) - # Check Angie version - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.angie.version' | grep '${pkgs.angie.version}'") + # Check Angie version + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.angie.version' | grep '${pkgs.angie.version}'") - # Check access - client.succeed("curl --verbose --head http://api.example.com/console/ | grep 'HTTP/1.1 200'") - server.succeed("curl --verbose --head http://api.example.com/console/ | grep 'HTTP/1.1 403 Forbidden'") + # Check access + client.succeed("curl --verbose --head http://api.example.com/console/ | grep 'HTTP/1.1 200'") + server.succeed("curl --verbose --head http://api.example.com/console/ | grep 'HTTP/1.1 403 Forbidden'") - # Check responses and requests - client.succeed("curl --verbose http://example.com/test/") - client.succeed("curl --verbose http://example.com/test/locked/") - client.succeed("curl --verbose http://example.com/test/locked/") - client.succeed("curl --verbose http://example.com/test/error/") - client.succeed("curl --verbose http://example.com/test/error/") - client.succeed("curl --verbose http://example.com/test/error/") - server.succeed("curl --verbose http://example.com/test/") - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.location_zones.test_zone.responses.\"200\"' | grep '1'") - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.location_zones.test_zone.responses.\"403\"' | grep '3'") - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.location_zones.test_zone.responses.\"404\"' | grep '3'") - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.location_zones.test_zone.requests.total' | grep '7'") + # Check responses and requests + client.succeed("curl --verbose http://example.com/test/") + client.succeed("curl --verbose http://example.com/test/locked/") + client.succeed("curl --verbose http://example.com/test/locked/") + client.succeed("curl --verbose http://example.com/test/error/") + client.succeed("curl --verbose http://example.com/test/error/") + client.succeed("curl --verbose http://example.com/test/error/") + server.succeed("curl --verbose http://example.com/test/") + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.location_zones.test_zone.responses.\"200\"' | grep '1'") + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.location_zones.test_zone.responses.\"403\"' | grep '3'") + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.location_zones.test_zone.responses.\"404\"' | grep '3'") + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.location_zones.test_zone.requests.total' | grep '7'") - # Check upstreams - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-http\".peers.\"192.168.2.101:8080\".state' | grep 'up'") - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-http\".peers.\"192.168.2.101:8080\".health.fails' | grep '0'") - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-socket\".peers.\"unix:/run/example.sock\".state' | grep 'up'") - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-socket\".peers.\"unix:/run/example.sock\".health.fails' | grep '0'") - client.succeed("curl --verbose http://example.com/upstream-http/") - client.succeed("curl --verbose http://example.com/upstream-socket/") - client.succeed("curl --verbose http://example.com/upstream-socket/") - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-http\".peers.\"192.168.2.101:8080\".health.fails' | grep '1'") - client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-socket\".peers.\"unix:/run/example.sock\".health.fails' | grep '2'") + # Check upstreams + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-http\".peers.\"192.168.2.101:8080\".state' | grep 'up'") + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-http\".peers.\"192.168.2.101:8080\".health.fails' | grep '0'") + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-socket\".peers.\"unix:/run/example.sock\".state' | grep 'up'") + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-socket\".peers.\"unix:/run/example.sock\".health.fails' | grep '0'") + client.succeed("curl --verbose http://example.com/upstream-http/") + client.succeed("curl --verbose http://example.com/upstream-socket/") + client.succeed("curl --verbose http://example.com/upstream-socket/") + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-http\".peers.\"192.168.2.101:8080\".health.fails' | grep '1'") + client.succeed("curl --verbose http://api.example.com/console/ | jq -e '.http.upstreams.\"backend-socket\".peers.\"unix:/run/example.sock\".health.fails' | grep '2'") - server.shutdown() - client.shutdown() - ''; - } -) + server.shutdown() + client.shutdown() + ''; +}