nixpkgs/nixos/tests/traefik.nix

# Test Traefik as a reverse proxy of a local web service
# and a Docker container.
import ./make-test-python.nix ({ pkgs, ... }: {
  name = "traefik";
  meta = with pkgs.lib.maintainers; {
    maintainers = [ joko ];
  };

  nodes = {
    client = { config, pkgs, ... }: {
      environment.systemPackages = [ pkgs.curl ];
    };
    traefik = { config, pkgs, ... }: {
      virtualisation.oci-containers.containers.nginx = {
        extraOptions = [
          "-l" "traefik.enable=true"
          "-l" "traefik.http.routers.nginx.entrypoints=web"
          "-l" "traefik.http.routers.nginx.rule=Host(`nginx.traefik.test`)"
        ];
        image = "nginx-container";
        imageFile = pkgs.dockerTools.examples.nginx;
      };

      networking.firewall.allowedTCPPorts = [ 80 ];

      services.traefik = {
        enable = true;

        dynamicConfigOptions = {
          http.routers.simplehttp = {
            rule = "Host(`simplehttp.traefik.test`)";
            entryPoints = [ "web" ];
            service = "simplehttp";
          };

          http.services.simplehttp = {
            loadBalancer.servers = [{
              url = "http://127.0.0.1:8000";
            }];
          };
        };

        staticConfigOptions = {
          global = {
            checkNewVersion = false;
            sendAnonymousUsage = false;
          };

          entryPoints.web.address = ":80";

          providers.docker.exposedByDefault = false;
        };
      };

      systemd.services.simplehttp = {
        script = "${pkgs.python3}/bin/python -m http.server 8000";
        serviceConfig.Type = "simple";
        wantedBy = [ "multi-user.target" ];
      };

      users.users.traefik.extraGroups = [ "docker" ];
    };
  };

  testScript = ''
    start_all()

    traefik.wait_for_unit("docker-nginx.service")
    traefik.wait_until_succeeds("docker ps | grep nginx-container")
    traefik.wait_for_unit("simplehttp.service")
    traefik.wait_for_unit("traefik.service")
    traefik.wait_for_open_port(80)
    traefik.wait_for_unit("multi-user.target")

    client.wait_for_unit("multi-user.target")

    with subtest("Check that a container can be reached via Traefik"):
        assert "Hello from NGINX" in client.succeed(
            "curl -sSf -H Host:nginx.traefik.test http://traefik/"
        )

    with subtest("Check that dynamic configuration works"):
        assert "Directory listing for " in client.succeed(
            "curl -sSf -H Host:simplehttp.traefik.test http://traefik/"
        )
  '';
})
nixos/traefik: add test 2020-04-06 08:21:35 +02:00			`# Test Traefik as a reverse proxy of a local web service`
			`# and a Docker container.`
			`import ./make-test-python.nix ({ pkgs, ... }: {`
			`name = "traefik";`
treewide: simplify pkgs.stdenv.lib -> pkgs.lib The library does not depend on stdenv, that `stdenv` exposes `lib` is an artifact of the ancient origins of nixpkgs. 2021-01-10 20:08:30 +01:00			`meta = with pkgs.lib.maintainers; {`
nixos/traefik: add test 2020-04-06 08:21:35 +02:00			`maintainers = [ joko ];`
			`};`

			`nodes = {`
			`client = { config, pkgs, ... }: {`
			`environment.systemPackages = [ pkgs.curl ];`
			`};`
			`traefik = { config, pkgs, ... }: {`
traefik: update test to use virtualisation.oci-containers 2021-02-21 09:16:04 +01:00			`virtualisation.oci-containers.containers.nginx = {`
			`extraOptions = [`
nixos/traefik: add test 2020-04-06 08:21:35 +02:00			`"-l" "traefik.enable=true"`
			`"-l" "traefik.http.routers.nginx.entrypoints=web"`
			"-l" "traefik.http.routers.nginx.rule=Host(`nginx.traefik.test`)"
			`];`
			`image = "nginx-container";`
			`imageFile = pkgs.dockerTools.examples.nginx;`
			`};`

			`networking.firewall.allowedTCPPorts = [ 80 ];`

			`services.traefik = {`
			`enable = true;`

			`dynamicConfigOptions = {`
			`http.routers.simplehttp = {`
			rule = "Host(`simplehttp.traefik.test`)";
			`entryPoints = [ "web" ];`
			`service = "simplehttp";`
			`};`

			`http.services.simplehttp = {`
			`loadBalancer.servers = [{`
			`url = "http://127.0.0.1:8000";`
			`}];`
			`};`
			`};`

			`staticConfigOptions = {`
			`global = {`
			`checkNewVersion = false;`
			`sendAnonymousUsage = false;`
			`};`

			`entryPoints.web.address = ":80";`

			`providers.docker.exposedByDefault = false;`
			`};`
			`};`

			`systemd.services.simplehttp = {`
			`script = "${pkgs.python3}/bin/python -m http.server 8000";`
			`serviceConfig.Type = "simple";`
			`wantedBy = [ "multi-user.target" ];`
			`};`

			`users.users.traefik.extraGroups = [ "docker" ];`
			`};`
			`};`

			`testScript = ''`
			`start_all()`

			`traefik.wait_for_unit("docker-nginx.service")`
			`traefik.wait_until_succeeds("docker ps \| grep nginx-container")`
			`traefik.wait_for_unit("simplehttp.service")`
			`traefik.wait_for_unit("traefik.service")`
			`traefik.wait_for_open_port(80)`
			`traefik.wait_for_unit("multi-user.target")`

			`client.wait_for_unit("multi-user.target")`

			`with subtest("Check that a container can be reached via Traefik"):`
			`assert "Hello from NGINX" in client.succeed(`
			`"curl -sSf -H Host:nginx.traefik.test http://traefik/"`
			`)`

			`with subtest("Check that dynamic configuration works"):`
			`assert "Directory listing for " in client.succeed(`
			`"curl -sSf -H Host:simplehttp.traefik.test http://traefik/"`
			`)`
			`'';`
			`})`