tests: factor out base nginx-proxy config

test/test_ssl/compose.base.override.yml

@@ -0,0 +1,6 @@
+services:
+  nginx-proxy:
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - ${PYTEST_MODULE_PATH}/certs:/etc/nginx/certs:ro
+      - ${PYTEST_MODULE_PATH}/acme_root:/usr/share/nginx/html:ro

test/test_ssl/test_cert-selection.yml

@@ -1,5 +1,13 @@
 services:
-  base: 
+  nginx-proxy:
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - ${PYTEST_MODULE_PATH}/cert_selection:/etc/nginx/certs:ro
+      - ${PYTEST_MODULE_PATH}/acme_root:/usr/share/nginx/html:ro
+    environment:
+      DEBUG_ENDPOINT: "true"
+
+  base:
       image: web
       environment:
         WEB_PORTS: "80"
@@ -10,7 +18,7 @@ services:
       environment:
         WEB_PORTS: "80"
         VIRTUAL_HOST: "www.nginx-proxy.tld"
-  
+
   sub-www:
       image: web
       environment:
@@ -22,12 +30,3 @@ services:
       environment:
         WEB_PORTS: "80"
         VIRTUAL_HOST: "web1.nginx-proxy.tld"
-
-  sut:
-    image: nginxproxy/nginx-proxy:test
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./cert_selection:/etc/nginx/certs:ro
-      - ./acme_root:/usr/share/nginx/html:ro
-    environment:
-      DEBUG_ENDPOINT: "true"

test/test_ssl/test_dhparam.base.yml

@@ -1,3 +1,7 @@
+networks:
+  default:
+    name: test_dhparam-net
+
 services:
   web5:
     image: web

test/test_ssl/test_dhparam.py

@@ -61,7 +61,7 @@ def require_openssl(required_version):
 @require_openssl("1.0.2")
 def negotiate_cipher(sut_container, additional_params='', grep='Cipher is'):
     sut_container.reload()
-    host = f"{sut_container.attrs['NetworkSettings']['Networks']['test_ssl_default']['IPAddress']}:443"
+    host = f"{sut_container.attrs['NetworkSettings']['Networks']['test_dhparam-net']['IPAddress']}:443"
 
     try:
         # Enforce TLS 1.2 as newer versions don't support custom dhparam or ciphersuite preference.

test/test_ssl/test_hsts.yml

@@ -44,9 +44,3 @@ services:
       VIRTUAL_HOST: http3-vhost-enabled.nginx-proxy.tld
     labels:
       com.github.nginx-proxy.nginx-proxy.http3.enable: "true"
-
-  sut:
-    image: nginxproxy/nginx-proxy:test
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./certs:/etc/nginx/certs:ro

test/test_ssl/test_https-port.yml

@@ -1,4 +1,9 @@
 services:
+  nginx-proxy:
+    environment:
+      HTTP_PORT: 8080
+      HTTPS_PORT: 8443
+
   web1:
     image: web
     expose:
@@ -6,13 +11,3 @@ services:
     environment:
       WEB_PORTS: "81"
       VIRTUAL_HOST: "*.nginx-proxy.tld"
-
-  sut:
-    image: nginxproxy/nginx-proxy:test
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./certs:/etc/nginx/certs:ro
-      - ./acme_root:/usr/share/nginx/html:ro
-    environment:
-      HTTP_PORT: 8080
-      HTTPS_PORT: 8443

test/test_ssl/test_nohttp.yml

@@ -7,10 +7,3 @@ services:
       WEB_PORTS: "82"
       VIRTUAL_HOST: "web2.nginx-proxy.tld"
       HTTPS_METHOD: nohttp
-
-  sut:
-    image: nginxproxy/nginx-proxy:test
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./certs:/etc/nginx/certs:ro
-      - ./acme_root:/usr/share/nginx/html:ro

test/test_ssl/test_nohttps.yml

@@ -7,9 +7,3 @@ services:
       WEB_PORTS: "83"
       VIRTUAL_HOST: "web.nginx-proxy.tld"
       HTTPS_METHOD: nohttps
-
-  sut:
-    image: nginxproxy/nginx-proxy:test
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./acme_root:/usr/share/nginx/html:ro

test/test_ssl/test_noredirect.yml

@@ -7,10 +7,3 @@ services:
       WEB_PORTS: "83"
       VIRTUAL_HOST: "web3.nginx-proxy.tld"
       HTTPS_METHOD: noredirect
-
-  sut:
-    image: nginxproxy/nginx-proxy:test
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./certs:/etc/nginx/certs:ro
-      - ./acme_root:/usr/share/nginx/html:ro

test/test_ssl/test_virtual-path.yml

@@ -18,10 +18,3 @@ services:
       VIRTUAL_HOST: "www.nginx-proxy.tld"
       VIRTUAL_PATH: "/web2/"
       VIRTUAL_DEST: "/"
-
-  sut:
-    image: nginxproxy/nginx-proxy:test
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./certs:/etc/nginx/certs:ro
-      - ./acme_root:/usr/share/nginx/html:ro

test/test_ssl/test_wildcard-cert-nohttps.yml

@@ -1,13 +1,16 @@
-version: "3"
+# In this scenario, we have a wildcard certificate for `*.web.nginx-proxy.tld` and 3 web containers:
+# - 1.web.nginx-proxy.tld
+# - 2.web.nginx-proxy.tld
+# - 3.web.nginx-proxy.tld
+#
+# We want web containers 1 and 2 to support SSL, but 3 should not (using `HTTPS_METHOD=nohttps`)
 
 services:
-
-  proxy:
-    image: nginxproxy/nginx-proxy:test
+  nginx-proxy:
     volumes:
       - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./certs:/etc/nginx/certs:ro
-      - ./acme_root:/usr/share/nginx/html:ro
+      - ${PYTEST_MODULE_PATH}/certs_wildcard_nohttps:/etc/nginx/certs:ro
+      - ${PYTEST_MODULE_PATH}/acme_root:/usr/share/nginx/html:ro
 
   web1:
     image: web

test/test_ssl/test_wildcard.yml

@@ -6,10 +6,3 @@ services:
     environment:
       WEB_PORTS: "81"
       VIRTUAL_HOST: "*.nginx-proxy.tld"
-
-  sut:
-    image: nginxproxy/nginx-proxy:test
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - ./certs:/etc/nginx/certs:ro
-      - ./acme_root:/usr/share/nginx/html:ro

test/test_ssl/wildcard_cert_and_nohttps/README.md

@@ -1,6 +0,0 @@
-In this scenario, we have a wildcard certificate for `*.web.nginx-proxy.tld` and 3 web containers:
-- 1.web.nginx-proxy.tld
-- 2.web.nginx-proxy.tld
-- 3.web.nginx-proxy.tld
-
-We want web containers 1 and 2 to support SSL, but 3 should not (using `HTTPS_METHOD=nohttps`)

test/test_ssl/wildcard_cert_and_nohttps/acme_root/.well-known/acme-challenge/test-filename

@@ -1 +0,0 @@
-challenge-teststring