tjh.dev
nixpkgs mirror (for testing)
github.com/NixOS/nixpkgs
nix
1{ pkgs, package, ... }:
2let
3 testPath = pkgs.hello;
4in
5{
6 name = "varnish";
7 meta = {
8 maintainers = [ ];
9 };
10
11 nodes = {
12 varnish =
13 {
14 config,
15 pkgs,
16 lib,
17 ...
18 }:
19 {
20 services.nix-serve = {
21 enable = true;
22 };
23
24 services.varnish = {
25 inherit package;
26 enable = true;
27 http_address = "0.0.0.0:81";
28 listen = [
29 {
30 address = "0.0.0.0";
31 port = 80;
32 proto = "HTTP";
33 }
34 {
35 name = "proxyport";
36 address = "0.0.0.0";
37 port = 8080;
38 proto = "PROXY";
39 }
40 { address = "@asdf"; }
41 {
42 address = "/run/varnishd/client.http.sock";
43 user = "varnish";
44 group = "varnish";
45 mode = "660";
46 }
47 ];
48 config = ''
49 vcl 4.1;
50
51 backend nix-serve {
52 .host = "127.0.0.1";
53 .port = "${toString config.services.nix-serve.port}";
54 }
55 '';
56 };
57
58 networking.firewall.allowedTCPPorts = [ 80 ];
59 system.extraDependencies = [ testPath ];
60
61 assertions =
62 map
63 (
64 pattern:
65 let
66 cmdline = config.systemd.services.varnish.serviceConfig.ExecStart;
67 in
68 {
69 assertion = lib.hasInfix pattern cmdline;
70 message = "Address argument `${pattern}` missing in commandline `${cmdline}`.";
71 }
72 )
73 [
74 " -a 0.0.0.0:80,HTTP "
75 " -a proxyport=0.0.0.0:8080,PROXY "
76 " -a @asdf,HTTP "
77 " -a /run/varnishd/client.http.sock,HTTP,user=varnish,group=varnish,mode=660 "
78 " -a 0.0.0.0:81 "
79 ];
80 };
81
82 client =
83 { lib, ... }:
84 {
85 nix.settings = {
86 require-sigs = false;
87 substituters = lib.mkForce [ "http://varnish" ];
88 };
89 };
90 };
91
92 testScript = ''
93 start_all()
94 varnish.wait_for_open_port(80)
95
96
97 client.wait_until_succeeds("curl -f http://varnish/nix-cache-info");
98
99 client.wait_until_succeeds("nix-store -r ${testPath}")
100 client.succeed("${testPath}/bin/hello")
101
102 output = varnish.succeed("varnishadm status")
103 print(output)
104 assert "Child in state running" in output, "Unexpected varnishadm response"
105 '';
106}