nixos/tests/traefik.nix at 23.11-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / traefik.nix
at 23.11-beta 2.8 kB view raw
 1# Test Traefik as a reverse proxy of a local web service
 2# and a Docker container.
 3import ./make-test-python.nix ({ pkgs, ... }: {
 4  name = "traefik";
 5  meta = with pkgs.lib.maintainers; {
 6    maintainers = [ joko ];
 7  };
 8
 9  nodes = {
10    client = { config, pkgs, ... }: {
11      environment.systemPackages = [ pkgs.curl ];
12    };
13    traefik = { config, pkgs, ... }: {
14      virtualisation.oci-containers = {
15        backend = "docker";
16        containers.nginx = {
17          extraOptions = [
18            "-l"
19            "traefik.enable=true"
20            "-l"
21            "traefik.http.routers.nginx.entrypoints=web"
22            "-l"
23            "traefik.http.routers.nginx.rule=Host(`nginx.traefik.test`)"
24          ];
25          image = "nginx-container";
26          imageFile = pkgs.dockerTools.examples.nginx;
27        };
28      };
29
30      networking.firewall.allowedTCPPorts = [ 80 ];
31
32      services.traefik = {
33        enable = true;
34
35        dynamicConfigOptions = {
36          http.routers.simplehttp = {
37            rule = "Host(`simplehttp.traefik.test`)";
38            entryPoints = [ "web" ];
39            service = "simplehttp";
40          };
41
42          http.services.simplehttp = {
43            loadBalancer.servers = [{
44              url = "http://127.0.0.1:8000";
45            }];
46          };
47        };
48
49        staticConfigOptions = {
50          global = {
51            checkNewVersion = false;
52            sendAnonymousUsage = false;
53          };
54
55          entryPoints.web.address = ":\${HTTP_PORT}";
56
57          providers.docker.exposedByDefault = false;
58        };
59        environmentFiles = [(pkgs.writeText "traefik.env" ''
60          HTTP_PORT=80
61        '')];
62      };
63
64      systemd.services.simplehttp = {
65        script = "${pkgs.python3}/bin/python -m http.server 8000";
66        serviceConfig.Type = "simple";
67        wantedBy = [ "multi-user.target" ];
68      };
69
70      users.users.traefik.extraGroups = [ "docker" ];
71    };
72  };
73
74  testScript = ''
75    start_all()
76
77    traefik.wait_for_unit("docker-nginx.service")
78    traefik.wait_until_succeeds("docker ps | grep nginx-container")
79    traefik.wait_for_unit("simplehttp.service")
80    traefik.wait_for_unit("traefik.service")
81    traefik.wait_for_open_port(80)
82    traefik.wait_for_unit("multi-user.target")
83
84    client.wait_for_unit("multi-user.target")
85
86    client.wait_until_succeeds("curl -sSf -H Host:nginx.traefik.test http://traefik/")
87
88    with subtest("Check that a container can be reached via Traefik"):
89        assert "Hello from NGINX" in client.succeed(
90            "curl -sSf -H Host:nginx.traefik.test http://traefik/"
91        )
92
93    with subtest("Check that dynamic configuration works"):
94        assert "Directory listing for " in client.succeed(
95            "curl -sSf -H Host:simplehttp.traefik.test http://traefik/"
96        )
97  '';
98})