diff --git a/roles/backup/molecule.yml b/roles/backup/molecule.yml new file mode 100644 index 0000000000000000000000000000000000000000..3d9e1f7b9bb5df0230737cecd5e0775713670e7d --- /dev/null +++ b/roles/backup/molecule.yml @@ -0,0 +1,29 @@ +--- + +dependency: {} + +driver: + name: vagrant + +vagrant: + + platforms: + - name: debian-jessie64 + box: debian/contrib-jessie64 + - name: debian-stretch64 + box: debian/stretch64 + + providers: + - name: virtualbox + type: virtualbox + options: + memory: 512 + cpus: 1 + + instances: + + - name: parameters-mandatory + - name: parameters-optional + +verifier: + name: testinfra diff --git a/roles/backup/playbook.yml b/roles/backup/playbook.yml new file mode 100644 index 0000000000000000000000000000000000000000..f3c93048509624870c710edcadb63532ddfae3a7 --- /dev/null +++ b/roles/backup/playbook.yml @@ -0,0 +1,44 @@ +--- + +- hosts: all + tasks: + + - name: Update all caches to avoid errors due to missing remote archives + apt: + update_cache: yes + + +- hosts: parameters-mandatory + roles: + - role: backup + backup_patterns_filename: "test" + vars: + # Required for backup_client role which is part of meta dependencies. + backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-mandatory.asc') }}" + backup_server: 10.31.127.10 + backup_server_host_ssh_public_keys: + - "{{ lookup('file', 'tests/data/ssh/server_dsa.pub') }}" + - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}" + - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}" + - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}" + backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory' ) }}" + + +- hosts: parameters-optional + roles: + - role: backup + backup_patterns_filename: "test" + backup_patterns: + - /etc/hosts + - /etc/ethers + - /var/log + vars: + # Required for backup_client role which is part of meta dependencies. + backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}" + backup_server: 10.31.127.10 + backup_server_host_ssh_public_keys: + - "{{ lookup('file', 'tests/data/ssh/server_dsa.pub') }}" + - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}" + - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}" + - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}" + backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory' ) }}" diff --git a/roles/backup/tests/data/gnupg/parameters-mandatory.asc b/roles/backup/tests/data/gnupg/parameters-mandatory.asc new file mode 100644 index 0000000000000000000000000000000000000000..974a97fb3f8a0835b71e404762701e0bed09cc95 --- /dev/null +++ b/roles/backup/tests/data/gnupg/parameters-mandatory.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQHYBFk8WNsBBADDuqGCU+ZnCytbeCVGloE8UVq9myYyemT8uP3+wuQEQNAncFb4 +k0+55GtDdfnNywqp+N+Q/wNV9jq7pOs8ybgipCptcAH33ZjmyWNf2xk1dzvMbI5X +1q2qTSFp0mrWO/O5r6RwXNCvvjALpK4pkS+tACDEucis1+jW4l6+M9qajwARAQAB +AAP/SBPEQkAvSqb8UnTOFU57TQEQj15BFLmp0r81GcofOcm8Xamq/WMSKvyI25Do +avZoeOtjOPwP+GnyewNidUI7gjFVAvnFHuolCxdtZwcA0OxPZgbt5J2dQhOkTw/j +9rZA6PwlBbVBPjQQn63OKnBZjvogAOoFV6nITPKdqWasSaECANqTyeKaoaL3j26U ++aS7Keej55ODbVq8Vvem1ujbyXklOtBDhaN8oeW6w/q+EySKcMfRUYWDF/0fp5v3 +QSoRJOkCAOU9Z+NHzeOFukDly2HA4tZtKeCo3Zc58oVV4sjFWoLedQ9jRfdZvtPT +Etr9AT8Y3Q2odOavrjHJ2xWqzZZseLcB/A2ckW9Ik4+MNroXOhcYl9/VYwKX4aeH +tK83VOo0tonY9WbNzb5lKJK1Vd7wDseRScg7t0kwnuhA1qDuAmDODtOqErQUcGFy +YW1ldGVycy1tYW5kYXRvcnmIzgQTAQgAOBYhBGcrWwWy3Nqb7On2uVnCbwMaEpxU +BQJZPFjbAhsvBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEFnCbwMaEpxUomoD +/idxt2FGBi1xMWC6om2fk8JBST6Ond5lYd9V3M8bjQvmvKn0yrmV6W89ElmmIH4G +DHB8ZbX9TwqDcQFsW5aDQDzK8BL88UgTPcZ3W5ERp9pqao8FefCK/knI5OQmmNOT +iZ+LxY0FzwSoLyPNjUWdTwsCx2m70ZVHfT9m7nRn6zW5 +=Lkrt +-----END PGP PRIVATE KEY BLOCK----- diff --git a/roles/backup/tests/data/gnupg/parameters-optional.asc b/roles/backup/tests/data/gnupg/parameters-optional.asc new file mode 100644 index 0000000000000000000000000000000000000000..36dc4cef758b4b7f10c8056350bdefc01b2987d9 --- /dev/null +++ b/roles/backup/tests/data/gnupg/parameters-optional.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQHYBFk8WOUBBACx3ucDgYW7KWDO1q1Y00+YpezTqI6X4xZ/JmGGQsb0004RRWha +lCdhPOyVHLZ+JJtIBxd6nvZcEyS7oN4JVkM6un7vWmI7ZdS5hb2muKUPUVxq9bj+ +aKMpMMhT4nKQFFNQtzCYxMmGnt8ju4+ofbCpfoutjtaBMuHdAy8rfujUvQARAQAB +AAP8Cg0uIdkWbRK0CUxBZIUgeOBbh0R9tmCbW1kYZsVsR9aPEVPKR2Aa75hJSE3k +lDFOYx4fegr0ohRk3YOEOKPazaUq9Zd38z5MhJQ3DHDnWmyxzrOhPUlVxeJKYeoB +HFq2ZvGA2Cr2LN2aIhgVliCamoatfCZI+4KDxHHuyqkaQJMCAMv6tb5VqiLrLYu5 +cd4ZtbKWZBI7l124odKx+Vbv2W7BTx5Ox2QztQxBTuGtbYpn1yGsvTdgxUKlvLbh +SMD/2zsCAN87oIo2Vo7cfabi4MSTwq9hvEYZWgH14m8J7ov+JM7I8uo4jnG9IKGU ++FTF+oOHpXKKV97UadHNHboFnD4s4GcB/iU50BziDAiCQHN5VSiPUwBtRN1zsKWM +XKEIy9l9Q3iDBcDZK3RSYDR+MTJw7XKpCR3Sk1Gc8djYucSzVcVIdc2iiLQTcGFy +YW1ldGVycy1vcHRpb25hbIjOBBMBCAA4FiEEqnuyHTJ1tDAgpElXxLKun3pPQAoF +Alk8WOUCGy8FCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQxLKun3pPQAp2dgP/ +cRK3TVbodvQJ9F28UHypufnsiWmqz0mqTE4Vj+4MbBOz7B9wzDsgjhNLOtvP2h1q +0uTDYTGQoOf0rzMvvIHlpzeaTFBLGmeypT3xlMIfZkCoNkeCnMTdGe6g8OkBBAgy +1jVPCbrHMci5LJ3cD618LINi8HvnJX6EAagwiDJ93Cs= +=NWj6 +-----END PGP PRIVATE KEY BLOCK----- diff --git a/roles/backup/tests/data/ssh/parameters-mandatory b/roles/backup/tests/data/ssh/parameters-mandatory new file mode 100644 index 0000000000000000000000000000000000000000..f479da587f71e5feec43afb3a1cdb670a975b558 --- /dev/null +++ b/roles/backup/tests/data/ssh/parameters-mandatory @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEINHLWDWSpuuGgHT5cGpzkPMdnmT493/zqrBSyMOGPPrqoAoGCCqGSM49 +AwEHoUQDQgAE1gEshzmIJDC93lAg7kdjUWeFrI8I26Mvi7IAM37SBfU2a08KMDWR +QvLygMvp6rixo4QRpkUp5lDcl24fybh6xQ== +-----END EC PRIVATE KEY----- \ No newline at end of file diff --git a/roles/backup/tests/data/ssh/parameters-optional b/roles/backup/tests/data/ssh/parameters-optional new file mode 100644 index 0000000000000000000000000000000000000000..2ccdeaae319790751cdaef141a29864581c282ca --- /dev/null +++ b/roles/backup/tests/data/ssh/parameters-optional @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEICwzh3hupZa3aKFWFwdRosm8kXS6czUWw/sHIvgKWNEcoAoGCCqGSM49 +AwEHoUQDQgAEPh00CkvI6wEACjGfETwsP1RwyekgFsiQl7IvuJ4Nc20GgdvzRw6n +gFDn1F4NkfdJl1Fg2UNLMeXWG4murieuBA== +-----END EC PRIVATE KEY----- \ No newline at end of file diff --git a/roles/backup/tests/data/ssh/server_dsa.pub b/roles/backup/tests/data/ssh/server_dsa.pub new file mode 100644 index 0000000000000000000000000000000000000000..edccdf329b89854629222b2a5f6b7b5740cdb88f --- /dev/null +++ b/roles/backup/tests/data/ssh/server_dsa.pub @@ -0,0 +1 @@ +ssh-dss AAAAB3NzaC1kc3MAAACBALf+gfHQnAMOR4N/IjCZlniejPcAkdB6/E8YwiG26aKeRo3x2Q2budFWqJMtbtfcz0++hVAO2LvYYk2uVMe2WoVwWSZGQA4fcGUrs5B4CHTpOl/lHuu3GixNshCz+8ueQDqs/NYp/BdUcU4yIxvUII6+3hB/bkRz8LpczYJKJqVlAAAAFQD6yuMkAdrYcViFtbTciGEytGtBvwAAAIBFUdmJVFPPQd8NynBAkk+eKMUQFR2CcYgD1w/BfT0UP85hL/mYX1Eaiy+U3ylN6g8+RNalQX0IymIYMisXSRPF1gElVpbuCF9VV49c03q/9LfRogV1tRpZeEz9JK5xbBviEnI+kKP8o1ivmIjAVln72lnKdH+t4njma5CBpG9zJQAAAIAYAG/Udg4i/2q8Iemqs5TuP48ge1CxQcyFw4vVl2zr85MPZ24rBf+ZPGy1CsEBpJqHQ5agftMYR9CRcxlqAP44JpIPcSq1NsL59HnXDsdCe/IJjO4JmL1HL+VIcWkXgj0MxGds8hck+HC5lX7jGAKjZBea8ksBZD/Ma2WvYKXpgg== diff --git a/roles/backup/tests/data/ssh/server_ecdsa.pub b/roles/backup/tests/data/ssh/server_ecdsa.pub new file mode 100644 index 0000000000000000000000000000000000000000..cb8b45c7164d6af3659281f9c7b06ed2a6ac0344 --- /dev/null +++ b/roles/backup/tests/data/ssh/server_ecdsa.pub @@ -0,0 +1 @@ +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLaZb8xcw5PbzQ8Jo8xygcUaI6ziGLs+ZqsAqJSOIou9iN0zSKO9a4ujbeMgIbfZZPB5UWcv1CxNekTZ4tkrAaM= diff --git a/roles/backup/tests/data/ssh/server_ed25519.pub b/roles/backup/tests/data/ssh/server_ed25519.pub new file mode 100644 index 0000000000000000000000000000000000000000..28478f2c8fe9008595d1ca3b8652dcda2fd4762e --- /dev/null +++ b/roles/backup/tests/data/ssh/server_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQzNj16lZ3ucIJvwnFYzR/vZT3SuWiIVPNOhK5JGlq6 diff --git a/roles/backup/tests/data/ssh/server_rsa.pub b/roles/backup/tests/data/ssh/server_rsa.pub new file mode 100644 index 0000000000000000000000000000000000000000..b2b4d8750eedff8cfa91ae676d573db4f16aa250 --- /dev/null +++ b/roles/backup/tests/data/ssh/server_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2SqbwZNanhTMM8wL1iGtNOR7nYbXcCQNbU65crXN43W1tz4GXoyluHEEXs0we7jmZZyow19X89Ve5w8ODL42KRDtNXoN8wjoLwZ1l7iGsrN1oUXJP7i6i9lH/0F+fudFB3Tm53ieBr0MEMdxAQBpk+MCi64G0iuvZeE0sKG5JfSky82ZZ26m5EchORJuiiKObB17EsUGl091S8eiLXIIiQQvg4d9933oAqNCLe0uxbNfJcbMJAdr+m9rYxyVoPXweUm1beb/6/vZQzAf0HL5+Ic/mbLu3z4httCh0dIlCqjRe/8llqF21psIlN8D8hZkzY6WEo7/v9wHAGFTFFFlJ diff --git a/roles/backup/tests/test_default.py b/roles/backup/tests/test_default.py new file mode 100644 index 0000000000000000000000000000000000000000..ef04a32b8c6dc6cc2738e21edb2cf11d1c0c55c9 --- /dev/null +++ b/roles/backup/tests/test_default.py @@ -0,0 +1,12 @@ +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + '.molecule/ansible_inventory').get_hosts('all') + + +def test_hosts_file(File): + f = File('/etc/hosts') + + assert f.exists + assert f.user == 'root' + assert f.group == 'root'