nixos/nginx: fix mkDefaultListenVhost mapping for unix sockets (#371561)

Author: fpletz

nixos/modules/services/web-servers/nginx/default.nix

@@ -339,7 +339,7 @@ let
             map (
               listen:
               {
-                port = cfg.defaultSSLListenPort;
+                port = if (hasPrefix "unix:" listen.addr) then null else cfg.defaultSSLListenPort;
                 ssl = true;
               }
               // listen
@@ -351,7 +351,7 @@ let
             map (
               listen:
               {
-                port = cfg.defaultHTTPListenPort;
+                port = if (hasPrefix "unix:" listen.addr) then null else cfg.defaultHTTPListenPort;
                 ssl = false;
               }
               // listen

nixos/tests/nginx-unix-socket.nix

@@ -1,5 +1,6 @@
 { ... }:
 let
+  defaultNginxSocketPath = "/var/run/nginx/default-test.sock";
   nginxSocketPath = "/var/run/nginx/test.sock";
 in
 {
@@ -11,6 +12,13 @@ in
       {
         services.nginx = {
           enable = true;
+
+          defaultListen = [ { addr = "unix:${defaultNginxSocketPath}"; } ];
+          virtualHosts.defaultLocalhost = {
+            serverName = "defaultLocalhost";
+            locations."/default".return = "200 'bar'";
+          };
+
           virtualHosts.localhost = {
             serverName = "localhost";
             listen = [ { addr = "unix:${nginxSocketPath}"; } ];
@@ -22,8 +30,10 @@ in
 
   testScript = ''
     webserver.wait_for_unit("nginx")
-    webserver.wait_for_open_unix_socket("${nginxSocketPath}")
+    webserver.wait_for_open_unix_socket("${defaultNginxSocketPath}", timeout=1)
+    webserver.wait_for_open_unix_socket("${nginxSocketPath}", timeout=1)
 
+    webserver.succeed("curl --fail --silent --unix-socket '${defaultNginxSocketPath}' http://defaultLocalhost/default | grep '^bar$'")
     webserver.succeed("curl --fail --silent --unix-socket '${nginxSocketPath}' http://localhost/test | grep '^foo$'")
   '';
 }