mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-06-16 06:29:17 +03:00
b4f21322d7
make the client wait for its network to come up before starting test
without the wait, the client might try to access the network before its
own network stack is up, as evidenced in
https://hydra.nixos.org/build/299048133/nixlog/9/tail
(cherry picked from commit 962db80796)
120 lines
3.7 KiB
Nix
120 lines
3.7 KiB
Nix
{ pkgs, runTest, ... }:
|
|
let
|
|
hosts = ''
|
|
192.168.2.101 acme.test
|
|
'';
|
|
|
|
in
|
|
builtins.listToAttrs (
|
|
builtins.map
|
|
(nginxPackage: {
|
|
name = pkgs.lib.getName nginxPackage;
|
|
value = runTest {
|
|
name = "nginx-http3-${pkgs.lib.getName nginxPackage}";
|
|
meta.maintainers = with pkgs.lib.maintainers; [ izorkin ];
|
|
|
|
nodes = {
|
|
server =
|
|
{ lib, pkgs, ... }:
|
|
{
|
|
networking = {
|
|
interfaces.eth1 = {
|
|
ipv4.addresses = [
|
|
{
|
|
address = "192.168.2.101";
|
|
prefixLength = 24;
|
|
}
|
|
];
|
|
};
|
|
extraHosts = hosts;
|
|
firewall.allowedTCPPorts = [ 443 ];
|
|
firewall.allowedUDPPorts = [ 443 ];
|
|
};
|
|
|
|
security.pki.certificates = [
|
|
(builtins.readFile ./common/acme/server/ca.cert.pem)
|
|
];
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
package = nginxPackage;
|
|
|
|
virtualHosts."acme.test" = {
|
|
onlySSL = true;
|
|
sslCertificate = ./common/acme/server/acme.test.cert.pem;
|
|
sslCertificateKey = ./common/acme/server/acme.test.key.pem;
|
|
http2 = true;
|
|
http3 = true;
|
|
http3_hq = false;
|
|
quic = true;
|
|
reuseport = true;
|
|
root = lib.mkForce (
|
|
pkgs.runCommandLocal "testdir" { } ''
|
|
mkdir "$out"
|
|
cat > "$out/index.html" <<EOF
|
|
<html><body>Hello World!</body></html>
|
|
EOF
|
|
cat > "$out/example.txt" <<EOF
|
|
Check http3 protocol.
|
|
EOF
|
|
''
|
|
);
|
|
};
|
|
};
|
|
};
|
|
|
|
client =
|
|
{ pkgs, ... }:
|
|
{
|
|
environment.systemPackages = [ pkgs.curlHTTP3 ];
|
|
networking = {
|
|
interfaces.eth1 = {
|
|
ipv4.addresses = [
|
|
{
|
|
address = "192.168.2.201";
|
|
prefixLength = 24;
|
|
}
|
|
];
|
|
};
|
|
extraHosts = hosts;
|
|
};
|
|
|
|
security.pki.certificates = [
|
|
(builtins.readFile ./common/acme/server/ca.cert.pem)
|
|
];
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
start_all()
|
|
|
|
server.wait_for_unit("nginx")
|
|
server.wait_for_open_port(443)
|
|
client.wait_for_unit("network-online.target")
|
|
|
|
# Check http connections
|
|
client.succeed("curl --verbose --http3-only https://acme.test | grep 'Hello World!'")
|
|
|
|
# Check downloadings
|
|
client.succeed("curl --verbose --http3-only https://acme.test/example.txt --output /tmp/example.txt")
|
|
client.succeed("cat /tmp/example.txt | grep 'Check http3 protocol.'")
|
|
|
|
# Check header reading
|
|
client.succeed("curl --verbose --http3-only --head https://acme.test | grep 'content-type'")
|
|
client.succeed("curl --verbose --http3-only --head https://acme.test | grep 'HTTP/3 200'")
|
|
client.succeed("curl --verbose --http3-only --head https://acme.test/error | grep 'HTTP/3 404'")
|
|
|
|
# Check change User-Agent
|
|
client.succeed("curl --verbose --http3-only --user-agent 'Curl test 3.0' https://acme.test")
|
|
server.succeed("cat /var/log/nginx/access.log | grep 'Curl test 3.0'")
|
|
|
|
server.shutdown()
|
|
client.shutdown()
|
|
'';
|
|
};
|
|
})
|
|
[
|
|
pkgs.angieQuic
|
|
pkgs.nginxQuic
|
|
]
|
|
)
|