Merge pull request #41466 from andir/haproxy-1.8.9

Haproxy 1.8.9
This commit is contained in:
Andreas Rammhold 2018-06-08 23:41:05 +02:00 committed by GitHub
commit 0decee48f5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 57 additions and 3 deletions

View File

@ -300,6 +300,7 @@ in rec {
tests.grafana = callTest tests/grafana.nix {};
tests.graphite = callTest tests/graphite.nix {};
tests.hardened = callTest tests/hardened.nix { };
tests.haproxy = callTest tests/haproxy.nix {};
tests.hibernate = callTest tests/hibernate.nix {};
tests.hitch = callTest tests/hitch {};
tests.home-assistant = callTest tests/home-assistant.nix { };

41
nixos/tests/haproxy.nix Normal file
View File

@ -0,0 +1,41 @@
import ./make-test.nix ({ pkgs, ...}: {
name = "haproxy";
nodes = {
machine = { config, ...}: {
imports = [ ../modules/profiles/minimal.nix ];
services.haproxy = {
enable = true;
config = ''
defaults
timeout connect 10s
backend http_server
mode http
server httpd [::1]:8000
frontend http
bind *:80
mode http
use_backend http_server
'';
};
services.httpd = {
enable = true;
documentRoot = pkgs.writeTextDir "index.txt" "We are all good!";
adminAddr = "notme@yourhost.local";
listen = [{
ip = "::1";
port = 8000;
}];
};
};
};
testScript = ''
startAll;
$machine->waitForUnit('multi-user.target');
$machine->waitForUnit('haproxy.service');
$machine->waitForUnit('httpd.service');
$machine->succeed('curl -k http://localhost:80/index.txt | grep "We are all good!"');
'';
})

View File

@ -1,6 +1,6 @@
{ useLua ? !stdenv.isDarwin
, usePcre ? true
, stdenv, fetchurl
, stdenv, fetchurl, fetchpatch
, openssl, zlib, lua5_3 ? null, pcre ? null
}:
@ -9,14 +9,26 @@ assert usePcre -> pcre != null;
stdenv.mkDerivation rec {
pname = "haproxy";
version = "1.8.4";
version = "1.8.9";
name = "${pname}-${version}";
src = fetchurl {
url = "https://www.haproxy.org/download/${stdenv.lib.versions.majorMinor version}/src/${name}.tar.gz";
sha256 = "19l4i0p92ahm3vaw42gz3rmmidfivk36mvqyhir81h6ywyjb01g3";
sha256 = "00miblgwll3mycsgmp3gd3cn4lwsagxzgjxk5i6csnyqgj97fss3";
};
patches = [
(fetchpatch {
name = "CVE-2018-11469.patch";
url = "https://git.haproxy.org/?p=haproxy-1.8.git;a=patch;h=17514045e5d934dede62116216c1b016fe23dd06";
sha256 = "0hzcvghg8qz45n3mrcgsjgvrvicvbvm52cc4hs5jbk1yb50qvls7";
})
] ++ stdenv.lib.optional stdenv.isDarwin (fetchpatch {
name = "fix-darwin-no-threads-build.patch";
url = "https://git.haproxy.org/?p=haproxy-1.8.git;a=patch;h=fbf09c441a4e72c4a690bc7ef25d3374767fe5c5;hp=3157ef219c493f3b01192f1b809a086a5b119a1e";
sha256 = "16ckzb160anf7xih7mmqy59pfz8sdywmyblxnr7lz9xix3jwk55r";
});
buildInputs = [ openssl zlib ]
++ stdenv.lib.optional useLua lua5_3
++ stdenv.lib.optional usePcre pcre;