test: add apache, caddy, and nginx smoke test environments

Signed-off-by: Xe Iaso <me@xeiaso.net>

test/apache/Dockerfile

@@ -0,0 +1,15 @@
+FROM httpd:2.4
+
+RUN sed -i \
+  -e 's/^#\(LoadModule .*mod_ssl.so\)/\1/' \
+  -e 's/^#\(LoadModule .*mod_rewrite.so\)/\1/' \
+  -e 's/^#\(LoadModule .*mod_proxy.so\)/\1/' \
+  -e 's/^#\(LoadModule .*mod_proxy_http.so\)/\1/' \
+  -e 's/^#\(LoadModule .*mod_socache_shmcb.so\)/\1/' \
+  -e 's/^#\(LoadModule .*mod_http2.so\)/\1/' \
+  conf/httpd.conf
+RUN echo '' >> conf/httpd.conf \
+  && echo 'IncludeOptional conf.d/*.conf' >> conf/httpd.conf
+
+COPY conf.d ./conf.d
+COPY snippets /etc/httpd/snippets

test/apache/conf.d/http.conf

@@ -0,0 +1,15 @@
+<VirtualHost *:80>
+  ServerAdmin your@email.here
+  ServerName httpd.local.cetacean.club
+  DocumentRoot /var/www/httpd.local.cetacean.club
+
+  Include /etc/httpd/snippets/proxy-headers.conf
+
+  ProxyPreserveHost On
+
+  ProxyRequests Off
+  ProxyVia Off
+
+  ProxyPass / http://httpdebug:3000/
+  ProxyPassReverse / http://httpdebug:3000/
+</VirtualHost>

test/apache/conf.d/https.conf

@@ -0,0 +1,22 @@
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+  ServerAdmin me@xeiaso.net
+  ServerName httpd.local.cetacean.club
+  DocumentRoot /var/www/httpd.local.cetacean.club
+  Protocols h2 http/1.1
+
+  SSLCertificateFile /etc/techaro/pki/httpd.local.cetacean.club/cert.pem
+  SSLCertificateKeyFile /etc/techaro/pki/httpd.local.cetacean.club/key.pem
+  Include /etc/httpd/snippets/options-ssl-apache.conf
+
+  Include /etc/httpd/snippets/proxy-headers.conf
+
+  ProxyPreserveHost On
+
+  ProxyRequests Off
+  ProxyVia Off
+
+  ProxyPass / http://anubis:3000
+  ProxyPassReverse / http://anubis:3000
+</VirtualHost>
+</IfModule>

test/apache/conf.d/listen-443-https.conf

@@ -0,0 +1 @@
+Listen 443 https

test/apache/docker-compose.yaml

@@ -0,0 +1,23 @@
+services:
+  httpd:
+    image: xxxtest/httpd
+    build: .
+    volumes:
+      - "../shared/www:/var/www/httpd.local.cetacean.club"
+      - "../pki/httpd.local.cetacean.club:/etc/techaro/pki/httpd.local.cetacean.club/"
+    ports:
+      - 8080:80
+      - 8443:443
+
+  anubis:
+    image: git.xeserv.us/techaro/anubis:cel
+    environment:
+      BIND: ":3000"
+      TARGET: http://httpdebug:3000
+      POLICY_FNAME: /etc/techaro/anubis/less_paranoid.yaml
+    volumes:
+      - ../anubis_configs:/etc/techaro/anubis
+
+  httpdebug:
+    image: ghcr.io/xe/x/httpdebug
+    pull_policy: always

test/apache/snippets/options-ssl-apache.conf

@@ -0,0 +1,13 @@
+SSLEngine on
+
+# Intermediate configuration, tweak to your needs
+SSLProtocol             all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+SSLHonorCipherOrder     off
+SSLSessionTickets       off
+
+SSLOptions +StrictRequire
+
+# Add vhost name to log entries:
+LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined
+LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common

test/apache/snippets/proxy-headers.conf

@@ -0,0 +1,3 @@
+RequestHeader set "X-Real-Ip" expr=%{REMOTE_ADDR}
+RequestHeader set "X-Forwarded-Proto" "https"
+RequestHeader set "X-Http-Version" "%{SERVER_PROTOCOL}s"

test/apache/start.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+# If the transient local TLS certificate doesn't exist, mint a new one
+if [ ! -f ../pki/httpd.local.cetacean.club/cert.pem ]; then
+  # Subshell to contain the directory change
+  (
+    cd ../pki \
+    && mkdir -p httpd.local.cetacean.club \
+    && \
+    # Try using https://github.com/FiloSottile/mkcert for better DevEx,
+    # but fall back to using https://github.com/jsha/minica in case
+    # you don't have that installed.
+    (
+      mkcert \
+        --cert-file ./httpd.local.cetacean.club/cert.pem \
+        --key-file ./httpd.local.cetacean.club/key.pem httpd.local.cetacean.club \
+      || go tool minica -domains httpd.local.cetacean.club
+    )
+  )
+fi
+
+docker compose up --build