nixos/tests/traefik.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / traefik.nix
at master 3.0 kB view raw
  1# Test Traefik as a reverse proxy of a local web service
  2# and a Docker container.
  3{ pkgs, ... }:
  4{
  5  name = "traefik";
  6  meta = with pkgs.lib.maintainers; {
  7    maintainers = [ joko ];
  8  };
  9
 10  nodes = {
 11    client =
 12      { config, pkgs, ... }:
 13      {
 14        environment.systemPackages = [ pkgs.curl ];
 15      };
 16    traefik =
 17      { config, pkgs, ... }:
 18      {
 19        virtualisation.oci-containers = {
 20          backend = "docker";
 21          containers.nginx = {
 22            extraOptions = [
 23              "-l"
 24              "traefik.enable=true"
 25              "-l"
 26              "traefik.http.routers.nginx.entrypoints=web"
 27              "-l"
 28              "traefik.http.routers.nginx.rule=Host(`nginx.traefik.test`)"
 29            ];
 30            image = "nginx-container";
 31            imageStream = pkgs.dockerTools.examples.nginxStream;
 32          };
 33        };
 34
 35        networking.firewall.allowedTCPPorts = [ 80 ];
 36
 37        services.traefik = {
 38          enable = true;
 39
 40          dynamicConfigOptions = {
 41            http.routers.simplehttp = {
 42              rule = "Host(`simplehttp.traefik.test`)";
 43              entryPoints = [ "web" ];
 44              service = "simplehttp";
 45            };
 46
 47            http.services.simplehttp = {
 48              loadBalancer.servers = [
 49                {
 50                  url = "http://127.0.0.1:8000";
 51                }
 52              ];
 53            };
 54          };
 55
 56          staticConfigOptions = {
 57            global = {
 58              checkNewVersion = false;
 59              sendAnonymousUsage = false;
 60            };
 61
 62            entryPoints.web.address = ":\${HTTP_PORT}";
 63
 64            providers.docker.exposedByDefault = false;
 65          };
 66          environmentFiles = [
 67            (pkgs.writeText "traefik.env" ''
 68              HTTP_PORT=80
 69            '')
 70          ];
 71        };
 72
 73        systemd.services.simplehttp = {
 74          script = "${pkgs.python3}/bin/python -m http.server 8000";
 75          serviceConfig.Type = "simple";
 76          wantedBy = [ "multi-user.target" ];
 77        };
 78
 79        users.users.traefik.extraGroups = [ "docker" ];
 80      };
 81  };
 82
 83  testScript = ''
 84    start_all()
 85
 86    traefik.wait_for_unit("docker-nginx.service")
 87    traefik.wait_until_succeeds("docker ps | grep nginx-container")
 88    traefik.wait_for_unit("simplehttp.service")
 89    traefik.wait_for_unit("traefik.service")
 90    traefik.wait_for_open_port(80)
 91    traefik.wait_for_unit("multi-user.target")
 92
 93    client.wait_for_unit("multi-user.target")
 94
 95    client.wait_until_succeeds("curl -sSf -H Host:nginx.traefik.test http://traefik/")
 96
 97    with subtest("Check that a container can be reached via Traefik"):
 98        assert "Hello from NGINX" in client.succeed(
 99            "curl -sSf -H Host:nginx.traefik.test http://traefik/"
100        )
101
102    with subtest("Check that dynamic configuration works"):
103        assert "Directory listing for " in client.succeed(
104            "curl -sSf -H Host:simplehttp.traefik.test http://traefik/"
105        )
106  '';
107}