nixos/tests/traefik.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / traefik.nix
at 23.05-pre 2.7 kB view raw
 1# Test Traefik as a reverse proxy of a local web service
 2# and a Docker container.
 3import ./make-test-python.nix ({ pkgs, ... }: {
 4  name = "traefik";
 5  meta = with pkgs.lib.maintainers; {
 6    maintainers = [ joko ];
 7  };
 8
 9  nodes = {
10    client = { config, pkgs, ... }: {
11      environment.systemPackages = [ pkgs.curl ];
12    };
13    traefik = { config, pkgs, ... }: {
14      virtualisation.oci-containers = {
15        backend = "docker";
16        containers.nginx = {
17          extraOptions = [
18            "-l"
19            "traefik.enable=true"
20            "-l"
21            "traefik.http.routers.nginx.entrypoints=web"
22            "-l"
23            "traefik.http.routers.nginx.rule=Host(`nginx.traefik.test`)"
24          ];
25          image = "nginx-container";
26          imageFile = pkgs.dockerTools.examples.nginx;
27        };
28      };
29
30      networking.firewall.allowedTCPPorts = [ 80 ];
31
32      services.traefik = {
33        enable = true;
34
35        dynamicConfigOptions = {
36          http.routers.simplehttp = {
37            rule = "Host(`simplehttp.traefik.test`)";
38            entryPoints = [ "web" ];
39            service = "simplehttp";
40          };
41
42          http.services.simplehttp = {
43            loadBalancer.servers = [{
44              url = "http://127.0.0.1:8000";
45            }];
46          };
47        };
48
49        staticConfigOptions = {
50          global = {
51            checkNewVersion = false;
52            sendAnonymousUsage = false;
53          };
54
55          entryPoints.web.address = ":80";
56
57          providers.docker.exposedByDefault = false;
58        };
59      };
60
61      systemd.services.simplehttp = {
62        script = "${pkgs.python3}/bin/python -m http.server 8000";
63        serviceConfig.Type = "simple";
64        wantedBy = [ "multi-user.target" ];
65      };
66
67      users.users.traefik.extraGroups = [ "docker" ];
68    };
69  };
70
71  testScript = ''
72    start_all()
73
74    traefik.wait_for_unit("docker-nginx.service")
75    traefik.wait_until_succeeds("docker ps | grep nginx-container")
76    traefik.wait_for_unit("simplehttp.service")
77    traefik.wait_for_unit("traefik.service")
78    traefik.wait_for_open_port(80)
79    traefik.wait_for_unit("multi-user.target")
80
81    client.wait_for_unit("multi-user.target")
82
83    client.wait_until_succeeds("curl -sSf -H Host:nginx.traefik.test http://traefik/")
84
85    with subtest("Check that a container can be reached via Traefik"):
86        assert "Hello from NGINX" in client.succeed(
87            "curl -sSf -H Host:nginx.traefik.test http://traefik/"
88        )
89
90    with subtest("Check that dynamic configuration works"):
91        assert "Directory listing for " in client.succeed(
92            "curl -sSf -H Host:simplehttp.traefik.test http://traefik/"
93        )
94  '';
95})