From ded6f89c56ee0737e3eb3f04b3afd8ed4e996aef Mon Sep 17 00:00:00 2001
From: Knapoc <21982227+Knapoc@users.noreply.github.com>
Date: Tue, 22 Apr 2025 12:04:04 +0200
Subject: [PATCH] test: check docker-gen network segregation

---
 .../test_dockergen_network_segregation_v2.py  | 10 +++++
 .../test_dockergen_network_segregation_v2.yml | 38 ++++++++++++++++++
 .../test_dockergen_network_segregation_v3.py  | 27 +++++++++++++
 .../test_dockergen_network_segregation_v3.yml | 40 +++++++++++++++++++
 4 files changed, 115 insertions(+)
 create mode 100644 test/test_dockergen/test_dockergen_network_segregation_v2.py
 create mode 100644 test/test_dockergen/test_dockergen_network_segregation_v2.yml
 create mode 100644 test/test_dockergen/test_dockergen_network_segregation_v3.py
 create mode 100644 test/test_dockergen/test_dockergen_network_segregation_v3.yml

diff --git a/test/test_dockergen/test_dockergen_network_segregation_v2.py b/test/test_dockergen/test_dockergen_network_segregation_v2.py
new file mode 100644
index 0000000..dbb15d4
--- /dev/null
+++ b/test/test_dockergen/test_dockergen_network_segregation_v2.py
@@ -0,0 +1,10 @@
+def test_unknown_virtual_host_is_503(docker_compose, nginxproxy):
+    r = nginxproxy.get("http://unknown.nginx.container.docker/")
+    assert r.status_code == 503
+
+
+def test_forwards_to_whoami(docker_compose, nginxproxy):
+    r = nginxproxy.get("http://whoami.nginx.container.docker/")
+    assert r.status_code == 200
+    whoami_container = docker_compose.containers.get("whoami")
+    assert r.text == f"I'm {whoami_container.id[:12]}\n"
diff --git a/test/test_dockergen/test_dockergen_network_segregation_v2.yml b/test/test_dockergen/test_dockergen_network_segregation_v2.yml
new file mode 100644
index 0000000..949e282
--- /dev/null
+++ b/test/test_dockergen/test_dockergen_network_segregation_v2.yml
@@ -0,0 +1,38 @@
+version: '2'
+
+services:
+  nginx:
+    image: nginx
+    container_name: nginx
+    volumes:
+      - "/etc/nginx/conf.d"
+    labels:
+      - "com.github.nginx-proxy.nginx-proxy.nginx"
+    networks:
+      - proxy
+
+  dockergen:
+    image: nginxproxy/docker-gen
+    command: -notify-sighup nginx -watch /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
+    volumes_from:
+      - nginx
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - ../../nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl
+    networks:
+      - internal
+
+  web:
+    image: web
+    container_name: whoami
+    expose:
+      - "80"
+    environment:
+      WEB_PORTS: "80"
+      VIRTUAL_HOST: "whoami.nginx.container.docker"
+    networks:
+      - proxy
+
+networks:
+  proxy:
+  internal:
diff --git a/test/test_dockergen/test_dockergen_network_segregation_v3.py b/test/test_dockergen/test_dockergen_network_segregation_v3.py
new file mode 100644
index 0000000..b696e6c
--- /dev/null
+++ b/test/test_dockergen/test_dockergen_network_segregation_v3.py
@@ -0,0 +1,27 @@
+import docker
+import pytest
+from distutils.version import LooseVersion
+
+
+raw_version = docker.from_env().version()["Version"]
+pytestmark = pytest.mark.skipif(
+    LooseVersion(raw_version) < LooseVersion("1.13"),
+    reason="Docker compose syntax v3 requires docker engine v1.13 or later (got {raw_version})"
+)
+
+
+def test_unknown_virtual_host_is_503(docker_compose, nginxproxy):
+    r = nginxproxy.get("http://unknown.nginx.container.docker/")
+    assert r.status_code == 503
+
+
+def test_forwards_to_whoami(docker_compose, nginxproxy):
+    r = nginxproxy.get("http://whoami.nginx.container.docker/")
+    assert r.status_code == 200
+    whoami_container = docker_compose.containers.get("whoami")
+    assert r.text == f"I'm {whoami_container.id[:12]}\n"
+
+
+if __name__ == "__main__":
+    import doctest
+    doctest.testmod()
diff --git a/test/test_dockergen/test_dockergen_network_segregation_v3.yml b/test/test_dockergen/test_dockergen_network_segregation_v3.yml
new file mode 100644
index 0000000..c873c31
--- /dev/null
+++ b/test/test_dockergen/test_dockergen_network_segregation_v3.yml
@@ -0,0 +1,40 @@
+version: '3'
+
+services:
+  nginx:
+    image: nginx
+    container_name: nginx
+    volumes:
+      - "nginx_conf:/etc/nginx/conf.d"
+    labels:
+      - "com.github.nginx-proxy.nginx-proxy.nginx"
+    networks:
+      - proxy
+
+  dockergen:
+    image: nginxproxy/docker-gen
+    command: -notify-sighup nginx -watch /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
+    volumes:
+      - "/var/run/docker.sock:/tmp/docker.sock:ro"
+      - "../../nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl"
+      - "nginx_conf:/etc/nginx/conf.d"
+    networks:
+      - internal
+
+  web:
+    image: web
+    container_name: whoami
+    expose:
+      - "80"
+    environment:
+      WEB_PORTS: "80"
+      VIRTUAL_HOST: "whoami.nginx.container.docker"
+    networks:
+      - proxy
+
+networks:
+  proxy:
+  internal:
+
+volumes:
+  nginx_conf: {}