pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / containers-portforward.nix
at master 1.9 kB view raw
1let 2 hostIp = "192.168.0.1"; 3 hostPort = 10080; 4 containerIp = "192.168.0.100"; 5 containerPort = 80; 6in 7 8{ pkgs, lib, ... }: 9{ 10 name = "containers-portforward"; 11 meta = { 12 maintainers = with lib.maintainers; [ 13 aristid 14 aszlig 15 kampfschlaefer 16 ianwookim 17 ]; 18 }; 19 20 nodes.machine = 21 { pkgs, ... }: 22 { 23 imports = [ ../modules/installer/cd-dvd/channel.nix ]; 24 virtualisation.writableStore = true; 25 26 containers.webserver = { 27 privateNetwork = true; 28 hostAddress = hostIp; 29 localAddress = containerIp; 30 forwardPorts = [ 31 { 32 protocol = "tcp"; 33 hostPort = hostPort; 34 containerPort = containerPort; 35 } 36 ]; 37 config = { 38 services.httpd.enable = true; 39 services.httpd.adminAddr = "foo@example.org"; 40 networking.firewall.allowedTCPPorts = [ 80 ]; 41 }; 42 }; 43 44 virtualisation.additionalPaths = [ pkgs.stdenv ]; 45 }; 46 47 testScript = '' 48 container_list = machine.succeed("nixos-container list") 49 assert "webserver" in container_list 50 51 # Start the webserver container. 52 machine.succeed("nixos-container start webserver") 53 54 # wait two seconds for the container to start and the network to be up 55 machine.sleep(2) 56 57 # Since "start" returns after the container has reached 58 # multi-user.target, we should now be able to access it. 59 # ip = machine.succeed("nixos-container show-ip webserver").strip() 60 machine.succeed("ping -n -c1 ${hostIp}") 61 machine.succeed("curl --fail http://${hostIp}:${toString hostPort}/ > /dev/null") 62 63 # Stop the container. 64 machine.succeed("nixos-container stop webserver") 65 machine.fail("curl --fail --connect-timeout 2 http://${hostIp}:${toString hostPort}/ > /dev/null") 66 67 # Destroying a declarative container should fail. 68 machine.fail("nixos-container destroy webserver") 69 ''; 70 71}