tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 8 Pull requests Activity

WIP: test: Set up service tests

Browse source
This commit is contained in:
Tristan Daniël Maat 2025-11-13 05:20:09 +08:00
parent 82e9a58bb1
commit 30a5843fdf
Signed by: tlater
GPG key ID: 02E935006CF2E8E7
6 changed files with 121 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

74
configuration/nginx/default.nix
View file

@ -1,4 +1,9 @@
{ lib, ... }:
{
flake-inputs,
pkgs,
lib,
...
}:
{
imports = [
./logging.nix
@ -10,13 +15,64 @@
description = "The base domain name to append to virtual domain names";
};
config.services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
clientMaxBodySize = "10G";
statusPage = true; # For metrics, should be accessible only from localhost
config = {
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
clientMaxBodySize = "10G";
statusPage = true; # For metrics, should be accessible only from localhost
};
serviceTests =
let
testHostConfig =
{ config, ... }:
{
_module.args = { inherit flake-inputs; };
imports = [
./.
../../modules/serviceTests/mocks.nix
flake-inputs.sops-nix.nixosModules.sops
];
services.nginx = {
domain = "testHost";
virtualHosts."${config.services.nginx.domain}" = {
useACMEHost = "tlater.net";
forceSSL = true;
enableHSTS = true;
locations."/".return = "200 ok";
};
};
};
in
{
hstsIsSet = pkgs.testers.runNixOSTest {
name = "assert-hsts";
nodes = {
testHost = testHostConfig;
client =
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.curl ];
};
};
testScript = ''
start_all()
testHost.wait_for_unit("nginx")
testHost.succeed("systemctl start network-online.target")
testHost.wait_for_unit("network-online.target")
client.succeed("curl http://testHost")
'';
};
};
};
}