From 19020779a000037cd314b04fcdc6f0cf5914648b 2017-06-11 12:17:31 From: Branko Majic Date: 2017-06-11 12:17:31 Subject: [PATCH] MAR-108: Implemented initial boilerplate for backup_client tests: - Fixed backup_client role handling of encryption keys. - Fixed backup server URI (had too many forward slashes). - Added Molecule instance configuration file for backup server, one backup client for testing mandatory parameters, and one backup client for testing optional parameters. - Implemented playbook for setting-up the test instances. - Added test data (SSH, GnuPG keys). - Added dummy (stock) Molecule test file. --- diff --git a/docs/rolereference.rst b/docs/rolereference.rst index fce5326a4a379787da8a88a1d4a10f2b88e33461..430b1eb498f989e0507a66c02cf6a3bc7be6722f 100644 --- a/docs/rolereference.rst +++ b/docs/rolereference.rst @@ -2176,7 +2176,7 @@ Parameters **backup_server** (string, mandatory) Backup server to connect to. -**backup_server_destination** (string, optional, ``//duplicity``) +**backup_server_destination** (string, optional, ``/duplicity``) Target directory on the backup server where the backups are stored. **backup_server_host_ssh_public_keys** (list, mandatory) diff --git a/roles/backup_client/defaults/main.yml b/roles/backup_client/defaults/main.yml index d790dd4bacfb107dd7132eac6a14ad38e13affed..350a361d734f23639f116d51064070e3d7cf0ff9 100644 --- a/roles/backup_client/defaults/main.yml +++ b/roles/backup_client/defaults/main.yml @@ -2,5 +2,5 @@ backup_additional_encryption_keys: [] backup_client_username: "bak-{{ ansible_fqdn | replace('.', '_') }}" -backup_server_destination: //duplicity +backup_server_destination: /duplicity backup_server_port: 2222 diff --git a/roles/backup_client/molecule.yml b/roles/backup_client/molecule.yml new file mode 100644 index 0000000000000000000000000000000000000000..39ecbb1c7c267feecb68512715e1e3ea820b2ef5 --- /dev/null +++ b/roles/backup_client/molecule.yml @@ -0,0 +1,45 @@ +--- + +dependency: {} + +driver: + name: vagrant + +vagrant: + + platforms: + - name: debian-jessie64 + box: debian/contrib-jessie64 + + providers: + - name: virtualbox + type: virtualbox + options: + memory: 512 + cpus: 1 + + instances: + + - name: backup-server + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.10 + auto_config: yes + + - name: parameters-mandatory + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.20 + auto_config: yes + + - name: parameters-optional + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.21 + auto_config: yes + +verifier: + name: testinfra diff --git a/roles/backup_client/playbook.yml b/roles/backup_client/playbook.yml new file mode 100644 index 0000000000000000000000000000000000000000..f6d7d10a65e9f0e4fca5b834ed10ac1a83769af1 --- /dev/null +++ b/roles/backup_client/playbook.yml @@ -0,0 +1,90 @@ +--- + +- hosts: all + tasks: + + - name: Update all caches to avoid errors due to missing remote archives + apt: + update_cache: yes + +- hosts: backup-server + roles: + - role: backup_server + backup_host_ssh_private_keys: + dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}" + rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}" + ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}" + ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}" + backup_clients: + - server: parameters-mandatory + ip: 10.31.127.20 + public_key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory.pub') }}" + - server: parameters-mandatory + uid: 5001 + ip: 10.31.127.21 + public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}" + +# Set-up custom user and port for testing optional parameters. +- hosts: backup-server + tasks: + - name: Set-up backup group + group: + name: backupuser + - name: Set-up backup user + user: + name: backupuser + group: backupuser + - name: Set-up firewall configuration for port forwarding + copy: + content: "domain (ip ip6) table nat chain PREROUTING { proto tcp dport 3333 REDIRECT to-ports 2222; }" + dest: /etc/ferm/conf.d/50-redirect_3333.conf + owner: root + group: root + mode: 0640 + notify: + - Reload firewall + - name: Set-up firewall configuration to accept incoming connections to port 3333 + copy: + content: "domain (ip ip6) table filter chain INPUT { proto tcp dport 3333 ACCEPT; }" + dest: /etc/ferm/conf.d/55-accept_3333.conf + owner: root + group: root + mode: 0640 + notify: + - Reload firewall + handlers: + - name: Reload firewall + service: + name: ferm + state: restarted + +- hosts: parameters-mandatory + roles: + - role: backup_client + backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-mandatory.asc') }}" + backup_server: backup-server + backup_server_host_ssh_public_keys: + - "{{ lookup('file', 'tests/data/ssh/server_dsa') }}" + - "{{ lookup('file', 'tests/data/ssh/server_rsa') }}" + - "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}" + - "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}" + backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory' ) }}" + +- hosts: parameters-optional + roles: + - role: backup_client + backup_additional_encryption_keys: + - "{{ lookup('file', 'tests/data/gnupg/additional_encryption_key_1.asc') }}" + - "{{ lookup('file', 'tests/data/gnupg/additional_encryption_key_2.asc') }}" + - "{{ lookup('file', 'tests/data/gnupg/additional_encryption_key_3.asc') }}" + backup_client_username: backupuser + backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}" + backup_server: backup-server + backup_server_destination: "/home/backupuser" + backup_server_host_ssh_public_keys: + - "{{ lookup('file', 'tests/data/ssh/server_dsa') }}" + - "{{ lookup('file', 'tests/data/ssh/server_rsa') }}" + - "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}" + - "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}" + backup_server_port: 3333 + backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}" diff --git a/roles/backup_client/tasks/main.yml b/roles/backup_client/tasks/main.yml index 33d6fb3517ee99c9f0929ff1e5ef75a455b512ca..1d0311f261be624db5000a9ca4dcffc8c64d0ba5 100644 --- a/roles/backup_client/tasks/main.yml +++ b/roles/backup_client/tasks/main.yml @@ -48,7 +48,7 @@ failed_when: backup_encryption_key_id.stdout == "" - name: Extract additional encryption keys identifiers (Duplicty requires key ID in hexadecimal format) - shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/public_keys.asc | grep keyid: | head -n1 | sed -e 's/.*: //' | sort -u | sed -re 's/^.{{gnupg_key_cutoff}}//' | tr '\n' ',' | sed -e 's/,$//'" + shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/public_keys.asc | grep keyid: | sed -e 's/.*: //' | sort -u | sed -re 's/^.{{gnupg_key_cutoff}}//' | tr '\n' ',' | sed -e 's/,$//'" register: backup_additional_encryption_keys_ids when: backup_additional_encryption_keys changed_when: False diff --git a/roles/backup_client/templates/duply_main_conf.j2 b/roles/backup_client/templates/duply_main_conf.j2 index 4df0b4eb23eaa282bdf4e03cc79fc03b22997dfe..ccd7f5d79829c425fff9b32d4735d851263511c5 100644 --- a/roles/backup_client/templates/duply_main_conf.j2 +++ b/roles/backup_client/templates/duply_main_conf.j2 @@ -10,9 +10,9 @@ GPG_OPTS="--homedir /etc/duply/main/gnupg/ --trust-model always" # Destination where the backups are stored at. {% if ansible_distribution == 'Debian' and ansible_distribution_release == 'stretch' %} -TARGET='pexpect+sftp://{{ backup_client_username }}@{{ backup_server }}:{{ backup_server_port }}//{{ backup_server_destination }}' +TARGET='pexpect+sftp://{{ backup_client_username }}@{{ backup_server }}:{{ backup_server_port }}/{{ backup_server_destination }}' {% else %} -TARGET='sftp://{{ backup_client_username }}@{{ backup_server }}:{{ backup_server_port }}//{{ backup_server_destination }}' +TARGET='sftp://{{ backup_client_username }}@{{ backup_server }}:{{ backup_server_port }}/{{ backup_server_destination }}' {% endif %} # Base directory to backup (root). File selection is done via include/exclude diff --git a/roles/backup_client/tests/data/gnupg/additional_encryption_key_1.asc b/roles/backup_client/tests/data/gnupg/additional_encryption_key_1.asc new file mode 100644 index 0000000000000000000000000000000000000000..c75cf6bd9bf98173ad720635ccb04d762983ef78 --- /dev/null +++ b/roles/backup_client/tests/data/gnupg/additional_encryption_key_1.asc @@ -0,0 +1,12 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mI0EWTxY5QEEANZXec05iQvMbDqopOa8AiZZynuUmHc+liTnv7i/Dr8VoHRH3asB +r3RsQUKFlJ1/ssWpKT8O9ecO8esnhsR2qmzDnxCBMEcTZDQf5DHJxaBm9JC1KCW5 +O/6Mi428QUfrnb0ZKap9Enlv9ingAesNSh0BX0JLeUEgRIjZqxJ5numHABEBAAG0 +G2FkZGl0aW9uYWxfZW5jcnlwdGlvbl9rZXlfMYjOBBMBCAA4FiEEqU8Fa0N762iq +TJ5AhoFv2SgGOz8FAlk8WOUCGy8FCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ +hoFv2SgGOz8NJwQAzRl0gK/YGJo9BvzXC2L1qjnr7o65jS7tz58zRGII+7zFK1zt +T6Bncbv0Rx/PyfeolzIxHCaJAOHP2SRQeBZYS0zcawKSGwn+p+gPuDFWx5ZAoPd4 +vqx6cwjiQ6uPe6KXzwMIBch4XW0jVoOT/ep9qOXmHhZSjDSw2sPMjM+nPdk= +=N33/ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/roles/backup_client/tests/data/gnupg/additional_encryption_key_2.asc b/roles/backup_client/tests/data/gnupg/additional_encryption_key_2.asc new file mode 100644 index 0000000000000000000000000000000000000000..4ecfbecf74f949fad61868c1f40bac28c95c10fd --- /dev/null +++ b/roles/backup_client/tests/data/gnupg/additional_encryption_key_2.asc @@ -0,0 +1,12 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mI0EWTxZCQEEAJzst8zKdLQ8qlQHKyK4kqmAaTa/1oJKfShjwS+fDtyu3pWuWvBn +d/DuT8uEZxRFRfPXuZ7AiT5cYLF281n2pqkZhX3rw9zrbYhlIg8HowCog6/rHLYt +ePI4gWZaNNNxfBKozpOgxUO12KtWb9bfTomXCiuWaPaAb+/FphNif3SfABEBAAG0 +G2FkZGl0aW9uYWxfZW5jcnlwdGlvbl9rZXlfMojOBBMBCAA4FiEEDD5n+EA8zYwd +QW+SMJPJG8OpREsFAlk8WQkCGy8FCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ +MJPJG8OpREs9HAP/RIU8xc9P8vFPQH2T9r7ow9u4uswVgprryOiV3Noz+TKWLnw7 +Y91yBNjtcw6LxaCkvsItNzda0D+RKH0M/M8MSCKhEUhQoOOVSQvA66quIjiHqH3t +2/Sv0lpxJLvnFwN5kyIRtuZnPiaiWLzdrJa2gGgocW/4X3N16+Zq9CqvY5I= +=euIe +-----END PGP PUBLIC KEY BLOCK----- diff --git a/roles/backup_client/tests/data/gnupg/additional_encryption_key_3.asc b/roles/backup_client/tests/data/gnupg/additional_encryption_key_3.asc new file mode 100644 index 0000000000000000000000000000000000000000..bf056300a8cd5ff0aec94c5a49fc3f79b0138367 --- /dev/null +++ b/roles/backup_client/tests/data/gnupg/additional_encryption_key_3.asc @@ -0,0 +1,12 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mI0EWTxZbgEEAMpxezXdHpJ+xJX/wehwd/SrPZTWdIX+tGZOFvDqIX0cqQALCrC/ +70nIHr/M1nuUN+/CJ8nRlb+5acVRtxy5cTGeuMOw40Grh0GMkJiqvbV+RDw9sRXL +oZxd4tsZ96Bqn3U21oDZrMbhSlaPI9mmEOA7go0xi5rH+z4A06yj9+URABEBAAG0 +G2FkZGl0aW9uYWxfZW5jcnlwdGlvbl9rZXlfM4jOBBMBCAA4FiEE5Pe7mUbeVQur +2W2AihTNbHEiO3IFAlk8WW4CGy8FCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ +ihTNbHEiO3K4BwP+I1qRTMNeWxhTh0YiaaMG6YmhA2A6FKbL7VfpdQB6/uBgspR1 +q6GegBfrT607APaZjTMj2WGpL1UUm28ly3WEMZv8xoDiu40K3zoIBPA2I7gdHknk +Wbq3coG6OSgyaekPJ9q9xSviEAQubFTfPOk+CnQt0/xvr4ItxtYogjPiqQU= +=t6nF +-----END PGP PUBLIC KEY BLOCK----- diff --git a/roles/backup_client/tests/data/gnupg/parameters-mandatory.asc b/roles/backup_client/tests/data/gnupg/parameters-mandatory.asc new file mode 100644 index 0000000000000000000000000000000000000000..974a97fb3f8a0835b71e404762701e0bed09cc95 --- /dev/null +++ b/roles/backup_client/tests/data/gnupg/parameters-mandatory.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQHYBFk8WNsBBADDuqGCU+ZnCytbeCVGloE8UVq9myYyemT8uP3+wuQEQNAncFb4 +k0+55GtDdfnNywqp+N+Q/wNV9jq7pOs8ybgipCptcAH33ZjmyWNf2xk1dzvMbI5X +1q2qTSFp0mrWO/O5r6RwXNCvvjALpK4pkS+tACDEucis1+jW4l6+M9qajwARAQAB +AAP/SBPEQkAvSqb8UnTOFU57TQEQj15BFLmp0r81GcofOcm8Xamq/WMSKvyI25Do +avZoeOtjOPwP+GnyewNidUI7gjFVAvnFHuolCxdtZwcA0OxPZgbt5J2dQhOkTw/j +9rZA6PwlBbVBPjQQn63OKnBZjvogAOoFV6nITPKdqWasSaECANqTyeKaoaL3j26U ++aS7Keej55ODbVq8Vvem1ujbyXklOtBDhaN8oeW6w/q+EySKcMfRUYWDF/0fp5v3 +QSoRJOkCAOU9Z+NHzeOFukDly2HA4tZtKeCo3Zc58oVV4sjFWoLedQ9jRfdZvtPT +Etr9AT8Y3Q2odOavrjHJ2xWqzZZseLcB/A2ckW9Ik4+MNroXOhcYl9/VYwKX4aeH +tK83VOo0tonY9WbNzb5lKJK1Vd7wDseRScg7t0kwnuhA1qDuAmDODtOqErQUcGFy +YW1ldGVycy1tYW5kYXRvcnmIzgQTAQgAOBYhBGcrWwWy3Nqb7On2uVnCbwMaEpxU +BQJZPFjbAhsvBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEFnCbwMaEpxUomoD +/idxt2FGBi1xMWC6om2fk8JBST6Ond5lYd9V3M8bjQvmvKn0yrmV6W89ElmmIH4G +DHB8ZbX9TwqDcQFsW5aDQDzK8BL88UgTPcZ3W5ERp9pqao8FefCK/knI5OQmmNOT +iZ+LxY0FzwSoLyPNjUWdTwsCx2m70ZVHfT9m7nRn6zW5 +=Lkrt +-----END PGP PRIVATE KEY BLOCK----- diff --git a/roles/backup_client/tests/data/gnupg/parameters-optional.asc b/roles/backup_client/tests/data/gnupg/parameters-optional.asc new file mode 100644 index 0000000000000000000000000000000000000000..36dc4cef758b4b7f10c8056350bdefc01b2987d9 --- /dev/null +++ b/roles/backup_client/tests/data/gnupg/parameters-optional.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQHYBFk8WOUBBACx3ucDgYW7KWDO1q1Y00+YpezTqI6X4xZ/JmGGQsb0004RRWha +lCdhPOyVHLZ+JJtIBxd6nvZcEyS7oN4JVkM6un7vWmI7ZdS5hb2muKUPUVxq9bj+ +aKMpMMhT4nKQFFNQtzCYxMmGnt8ju4+ofbCpfoutjtaBMuHdAy8rfujUvQARAQAB +AAP8Cg0uIdkWbRK0CUxBZIUgeOBbh0R9tmCbW1kYZsVsR9aPEVPKR2Aa75hJSE3k +lDFOYx4fegr0ohRk3YOEOKPazaUq9Zd38z5MhJQ3DHDnWmyxzrOhPUlVxeJKYeoB +HFq2ZvGA2Cr2LN2aIhgVliCamoatfCZI+4KDxHHuyqkaQJMCAMv6tb5VqiLrLYu5 +cd4ZtbKWZBI7l124odKx+Vbv2W7BTx5Ox2QztQxBTuGtbYpn1yGsvTdgxUKlvLbh +SMD/2zsCAN87oIo2Vo7cfabi4MSTwq9hvEYZWgH14m8J7ov+JM7I8uo4jnG9IKGU ++FTF+oOHpXKKV97UadHNHboFnD4s4GcB/iU50BziDAiCQHN5VSiPUwBtRN1zsKWM +XKEIy9l9Q3iDBcDZK3RSYDR+MTJw7XKpCR3Sk1Gc8djYucSzVcVIdc2iiLQTcGFy +YW1ldGVycy1vcHRpb25hbIjOBBMBCAA4FiEEqnuyHTJ1tDAgpElXxLKun3pPQAoF +Alk8WOUCGy8FCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQxLKun3pPQAp2dgP/ +cRK3TVbodvQJ9F28UHypufnsiWmqz0mqTE4Vj+4MbBOz7B9wzDsgjhNLOtvP2h1q +0uTDYTGQoOf0rzMvvIHlpzeaTFBLGmeypT3xlMIfZkCoNkeCnMTdGe6g8OkBBAgy +1jVPCbrHMci5LJ3cD618LINi8HvnJX6EAagwiDJ93Cs= +=NWj6 +-----END PGP PRIVATE KEY BLOCK----- diff --git a/roles/backup_client/tests/data/gnupg/private-additional_encryption_key_1.asc b/roles/backup_client/tests/data/gnupg/private-additional_encryption_key_1.asc new file mode 100644 index 0000000000000000000000000000000000000000..02708d09525a32ffaf1e7a5c8194839c114d4555 --- /dev/null +++ b/roles/backup_client/tests/data/gnupg/private-additional_encryption_key_1.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQHYBFk8WOUBBADWV3nNOYkLzGw6qKTmvAImWcp7lJh3PpYk57+4vw6/FaB0R92r +Aa90bEFChZSdf7LFqSk/DvXnDvHrJ4bEdqpsw58QgTBHE2Q0H+QxycWgZvSQtSgl +uTv+jIuNvEFH6529GSmqfRJ5b/Yp4AHrDUodAV9CS3lBIESI2asSeZ7phwARAQAB +AAP8Cp4pt/teKRn20I8TICT3HEw9ZhLN3LZafLiIPFAmnFunZ6s5tWNvfB5yuydf +3c96HSWMmAWXM9t/K215VRklxwdEN+BR+kCzNKPd6RQg+KR+uyHu1Wl1fSWsQDKZ +IOtgi0xeAXdM4wtijc8zxULAnD23kvN5zxvaZ9LEaltAdVUCANqNrrdyHEG1Dr6b +yiLbdGEuBpoKy+rT/HIj/fvkT/nlHkyP9Hw8nXt20nuVZG8CvyC53IzScXIwwMZK +WxG5LFUCAPsRDikCm16PdZGn5s0dmleYwSwwchwV341hxqVUc23rWWAIoekmvIKf +0F+vtmbu7qrXu4i7+hc6Z/pw6USV2msCALK3vh27l57YSRjSaWACJX7yKvJeGtzf +Pq3VLTVI1Noj4vvwv6c6EYlv5pYaXXHJcFzUEjhquQYRlwW4YWpkmCOe5bQbYWRk +aXRpb25hbF9lbmNyeXB0aW9uX2tleV8xiM4EEwEIADgWIQSpTwVrQ3vraKpMnkCG +gW/ZKAY7PwUCWTxY5QIbLwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRCGgW/Z +KAY7Pw0nBADNGXSAr9gYmj0G/NcLYvWqOevujrmNLu3PnzNEYgj7vMUrXO1PoGdx +u/RHH8/J96iXMjEcJokA4c/ZJFB4FlhLTNxrApIbCf6n6A+4MVbHlkCg93i+rHpz +COJDq497opfPAwgFyHhdbSNWg5P96n2o5eYeFlKMNLDaw8yMz6c92Q== +=/VyK +-----END PGP PRIVATE KEY BLOCK----- diff --git a/roles/backup_client/tests/data/gnupg/private-additional_encryption_key_2.asc b/roles/backup_client/tests/data/gnupg/private-additional_encryption_key_2.asc new file mode 100644 index 0000000000000000000000000000000000000000..a42787b425ac26a375b0a8243fa7a05dc126141e --- /dev/null +++ b/roles/backup_client/tests/data/gnupg/private-additional_encryption_key_2.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQHYBFk8WQkBBACc7LfMynS0PKpUBysiuJKpgGk2v9aCSn0oY8Evnw7crt6Vrlrw +Z3fw7k/LhGcURUXz17mewIk+XGCxdvNZ9qapGYV968Pc622IZSIPB6MAqIOv6xy2 +LXjyOIFmWjTTcXwSqM6ToMVDtdirVm/W306Jlworlmj2gG/vxaYTYn90nwARAQAB +AAP8DpaRBahCjijfmr0p3On0tG48GbteyTD8jp8ra+5o9soI5jhVuuibhVnaMCzI +WmGQPbltx5zVhWcYFBdfSxs7ZfK1UxNO0Dfgj+O0ntxaYL9/UggMCo1jVzl3UBLo +KqpJOlOjOm5PTHdq9d2vgunYiXt7odL9CNV52DxS8Lykm80CAMZMH2SV5gWG9Kv+ +UZZr0OHl8Q52JfB4EuYdQg1Z0+9NvoqhpvQzWzoE5+ZahMcxjoAKiICD/s6OyQXi +bl/vz4sCAMqWmOL+1tRjV0SOzSMtLpACgW+WbIvV1x2CRIT7ieZRAquA8DkdCsMS +wkFSSTEzV5KSP79yTjYVmmDAjbphEb0CAL6xLdcyWw3QiqsDR+uWFMyRs5ks8buy +/xpWA9onBg0ZrxC0QQnZJe/Us+BuMlU+EITnovolK0tDDdzTKaFTRtygXrQbYWRk +aXRpb25hbF9lbmNyeXB0aW9uX2tleV8yiM4EEwEIADgWIQQMPmf4QDzNjB1Bb5Iw +k8kbw6lESwUCWTxZCQIbLwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRAwk8kb +w6lESz0cA/9EhTzFz0/y8U9AfZP2vujD27i6zBWCmuvI6JXc2jP5MpYufDtj3XIE +2O1zDovFoKS+wi03N1rQP5EofQz8zwxIIqERSFCg45VJC8Drqq4iOIeofe3b9K/S +WnEku+cXA3mTIhG25mc+JqJYvN2slraAaChxb/hfc3Xr5mr0Kq9jkg== +=ZbNL +-----END PGP PRIVATE KEY BLOCK----- diff --git a/roles/backup_client/tests/data/gnupg/private-additional_encryption_key_3.asc b/roles/backup_client/tests/data/gnupg/private-additional_encryption_key_3.asc new file mode 100644 index 0000000000000000000000000000000000000000..44a2336585ea972b2a08f75dc6e51dc8f61534e3 --- /dev/null +++ b/roles/backup_client/tests/data/gnupg/private-additional_encryption_key_3.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQHYBFk8WW4BBADKcXs13R6SfsSV/8HocHf0qz2U1nSF/rRmThbw6iF9HKkACwqw +v+9JyB6/zNZ7lDfvwifJ0ZW/uWnFUbccuXExnrjDsONBq4dBjJCYqr21fkQ8PbEV +y6GcXeLbGfegap91NtaA2azG4UpWjyPZphDgO4KNMYuax/s+ANOso/flEQARAQAB +AAP8CTktH8W+pTZDGuHrid1o67PrEvdH2QyDF9emNiz2oGKARSUbpDSkcHA+jWbF +3VzCBSmLgkeLGvB1xBSOYw/EW0VnMrnqa0U/4bvr0fHan973N+crJrPCO6v/zG7h ++8owDWxqNXIcgVAs3qWydfLnigq2ilmAFYS5+SgNhCqaw4ECAMyixCtSDRq7ZKbv +qHBdgLGOn19Be3Kedgff5BKbUOajsxRkeG+lSFn2zKoc/KiD4ZotiaqfI0yNK/b+ +Kiax50ECAP1B1K+0iNHmignQ1YGK1JWSp29ZKWAfkRn8zDWBRRg0P97lD57sKU0g +msoxTR/js2gQPJIg9+O60KwkDCa02dEB/3MY31pKSfXEnQw4K1mjEmFLw9Gtyd3+ +ao+GAIe6jeXlaETZUK82eYAfBXkXtK0clyf9omlGL6OqxKClQL3NjQ2kG7QbYWRk +aXRpb25hbF9lbmNyeXB0aW9uX2tleV8ziM4EEwEIADgWIQTk97uZRt5VC6vZbYCK +FM1scSI7cgUCWTxZbgIbLwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRCKFM1s +cSI7crgHA/4jWpFMw15bGFOHRiJpowbpiaEDYDoUpsvtV+l1AHr+4GCylHWroZ6A +F+tPrTsA9pmNMyPZYakvVRSbbyXLdYQxm/zGgOK7jQrfOggE8DYjuB0eSeRZurdy +gbo5KDJp6Q8n2r3FK+IQBC5sVN886T4KdC3T/G+vgi3G1iiCM+KpBQ== +=bKmt +-----END PGP PRIVATE KEY BLOCK----- diff --git a/roles/backup_client/tests/data/ssh/parameters-mandatory b/roles/backup_client/tests/data/ssh/parameters-mandatory new file mode 100644 index 0000000000000000000000000000000000000000..f479da587f71e5feec43afb3a1cdb670a975b558 --- /dev/null +++ b/roles/backup_client/tests/data/ssh/parameters-mandatory @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEINHLWDWSpuuGgHT5cGpzkPMdnmT493/zqrBSyMOGPPrqoAoGCCqGSM49 +AwEHoUQDQgAE1gEshzmIJDC93lAg7kdjUWeFrI8I26Mvi7IAM37SBfU2a08KMDWR +QvLygMvp6rixo4QRpkUp5lDcl24fybh6xQ== +-----END EC PRIVATE KEY----- \ No newline at end of file diff --git a/roles/backup_client/tests/data/ssh/parameters-mandatory.pub b/roles/backup_client/tests/data/ssh/parameters-mandatory.pub new file mode 100644 index 0000000000000000000000000000000000000000..4d0979f270ea12c19894a57f112729d6a4439a3b --- /dev/null +++ b/roles/backup_client/tests/data/ssh/parameters-mandatory.pub @@ -0,0 +1 @@ +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNYBLIc5iCQwvd5QIO5HY1FnhayPCNujL4uyADN+0gX1NmtPCjA1kULy8oDL6eq4saOEEaZFKeZQ3JduH8m4esU= root@parameters-mandatory diff --git a/roles/backup_client/tests/data/ssh/parameters-optional b/roles/backup_client/tests/data/ssh/parameters-optional new file mode 100644 index 0000000000000000000000000000000000000000..2ccdeaae319790751cdaef141a29864581c282ca --- /dev/null +++ b/roles/backup_client/tests/data/ssh/parameters-optional @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEICwzh3hupZa3aKFWFwdRosm8kXS6czUWw/sHIvgKWNEcoAoGCCqGSM49 +AwEHoUQDQgAEPh00CkvI6wEACjGfETwsP1RwyekgFsiQl7IvuJ4Nc20GgdvzRw6n +gFDn1F4NkfdJl1Fg2UNLMeXWG4murieuBA== +-----END EC PRIVATE KEY----- \ No newline at end of file diff --git a/roles/backup_client/tests/data/ssh/parameters-optional.pub b/roles/backup_client/tests/data/ssh/parameters-optional.pub new file mode 100644 index 0000000000000000000000000000000000000000..2f4cbae5d51d1c2193c99547007da0aa768e3ade --- /dev/null +++ b/roles/backup_client/tests/data/ssh/parameters-optional.pub @@ -0,0 +1 @@ +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBD4dNApLyOsBAAoxnxE8LD9UcMnpIBbIkJeyL7ieDXNtBoHb80cOp4BQ59ReDZH3SZdRYNlDSzHl1huJrq4nrgQ= root@parameters-optional diff --git a/roles/backup_client/tests/data/ssh/server_dsa b/roles/backup_client/tests/data/ssh/server_dsa new file mode 100644 index 0000000000000000000000000000000000000000..d02624d4fff39fd17fcc134898aa8cd340699e88 --- /dev/null +++ b/roles/backup_client/tests/data/ssh/server_dsa @@ -0,0 +1,12 @@ +-----BEGIN DSA PRIVATE KEY----- +MIIBuwIBAAKBgQC3/oHx0JwDDkeDfyIwmZZ4noz3AJHQevxPGMIhtuminkaN8dkN +m7nRVqiTLW7X3M9PvoVQDti72GJNrlTHtlqFcFkmRkAOH3BlK7OQeAh06Tpf5R7r +txosTbIQs/vLnkA6rPzWKfwXVHFOMiMb1CCOvt4Qf25Ec/C6XM2CSialZQIVAPrK +4yQB2thxWIW1tNyIYTK0a0G/AoGARVHZiVRTz0HfDcpwQJJPnijFEBUdgnGIA9cP +wX09FD/OYS/5mF9RGosvlN8pTeoPPkTWpUF9CMpiGDIrF0kTxdYBJVaW7ghfVVeP +XNN6v/S30aIFdbUaWXhM/SSucWwb4hJyPpCj/KNYr5iIwFZZ+9pZynR/reJ45muQ +gaRvcyUCgYAYAG/Udg4i/2q8Iemqs5TuP48ge1CxQcyFw4vVl2zr85MPZ24rBf+Z +PGy1CsEBpJqHQ5agftMYR9CRcxlqAP44JpIPcSq1NsL59HnXDsdCe/IJjO4JmL1H +L+VIcWkXgj0MxGds8hck+HC5lX7jGAKjZBea8ksBZD/Ma2WvYKXpggIVANDGn68D +y8jb/9mLaOM8bd9VFfdC +-----END DSA PRIVATE KEY----- \ No newline at end of file diff --git a/roles/backup_client/tests/data/ssh/server_ecdsa b/roles/backup_client/tests/data/ssh/server_ecdsa new file mode 100644 index 0000000000000000000000000000000000000000..22e62fcf5773fee0cb7b086581dbe53ca0e73345 --- /dev/null +++ b/roles/backup_client/tests/data/ssh/server_ecdsa @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEICsNfHic+b1E8HsU2kXcQNXozt4SHCb9VQC06GvbTkZuoAoGCCqGSM49 +AwEHoUQDQgAEtplvzFzDk9vNDwmjzHKBxRojrOIYuz5mqwColI4ii72I3TNIo71r +i6Nt4yAht9lk8HlRZy/ULE16RNni2SsBow== +-----END EC PRIVATE KEY----- \ No newline at end of file diff --git a/roles/backup_client/tests/data/ssh/server_ed25519 b/roles/backup_client/tests/data/ssh/server_ed25519 new file mode 100644 index 0000000000000000000000000000000000000000..757290a024ee2567a2452e0542b6ac9f9521c134 --- /dev/null +++ b/roles/backup_client/tests/data/ssh/server_ed25519 @@ -0,0 +1,7 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACDkMzY9epWd7nCCb8JxWM0f72U90rloiFTzToSuSRpaugAAAJDQ62Z20Otm +dgAAAAtzc2gtZWQyNTUxOQAAACDkMzY9epWd7nCCb8JxWM0f72U90rloiFTzToSuSRpaug +AAAEDvdmF74GsQAOmsWcFWmXsbzdcSoHNbLiTkSWaVp0CtV+QzNj16lZ3ucIJvwnFYzR/v +ZT3SuWiIVPNOhK5JGlq6AAAADGJyYW5rb0BtYXJrcwE= +-----END OPENSSH PRIVATE KEY----- \ No newline at end of file diff --git a/roles/backup_client/tests/data/ssh/server_rsa b/roles/backup_client/tests/data/ssh/server_rsa new file mode 100644 index 0000000000000000000000000000000000000000..a8b3b7720aa6a7af27da156374ac3c483687c4eb --- /dev/null +++ b/roles/backup_client/tests/data/ssh/server_rsa @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAtkqm8GTWp4UzDPMC9YhrTTke52G13AkDW1OuXK1zeN1tbc+B +l6MpbhxBF7NMHu45mWcqMNfV/PVXucPDgy+NikQ7TV6DfMI6C8GdZe4hrKzdaFFy +T+4uovZR/9Bfn7nRQd05ud4nga9DBDHcQEAaZPjAouuBtIrr2XhNLChuSX0pMvNm +WdupuRHITkSbooijmwdexLFBpdPdUvHoi1yCIkEL4OHffd96AKjQi3tLsWzXyXGz +CQHa/pva2MclaD18HlJtW3m/+v72UMwH9By+fiHP5my7t8+IbbQodHSJQqo0Xv/J +ZahdtabCJTfA/IWZM2OlhKO/7/cBwBhUxRRZSQIDAQABAoIBAG/EObKuwQWZH4HT +BX9xkwiX+yC2wgAU7p/yILfmCSST7uIjFjvY6DAA1tAnOIbGXT53CGFGFIeyDYVy +R8+JOmkKCKoZRtkZZOmMXmr+pFrw6hdpyILFcIauK/yCz/5ouap+b0RMt0BGKvrJ +b1dddlFuSv4ZEz+U5aJCpl5qs6QONO5Niz69eYM+b+Pz9uRYL1W/hZoQrDUQR8oD +QBUUhnaSACawe8KBGjFp19K3NrEwtWKYQrdENdc7wb+ho3wBQY0CXgjgA3gTMGbk +VLBBqcDlTMbHlOaWT8iUeq+8nJ6ikJTC9LkUjDHZlhM90dHKs3ZOXyAsgm/u5ybM +yTSEgWECgYEA8C2oDFRHrAZrSCLyAdzDZ/tiOksQ/wYZVQirE3p8cAqcpd9Y3T6Z +kK64aCIV+bOunvK0gewmPsc9HN/XfVtr4PlBHDtfERWmSQFwCmnu+a4V/pkfTBWf +SwhUKTExEMdzlPZ+WnHXiiBaPHdOmq2tZr8gEzCyFyQiuplzYBIQHF0CgYEAwkzM +r6I2EWR3NTFTODr6OqFSUs7HenyVQawG4SSsKZ6xIsmUt0EJ6uJRmJx40cC88bRd +AbclJm68mzdP8Nj3fau50tGMogaf1pFykmnwcP35dVriGWuBM0XtDlXOw6A1asz6 +ul9JXuOjZdTtb9uAGn4j3D2sWgJrlSJP/fRVgd0CgYEAsX0b9diGiqLHvyxL6YJq +STplcaytp7irGcLpIeDferDs6EtwUTeEpn3nutSNptTZE49KQ8Tu0m/MQr1MctAP +nda0/hcF/wsfsk3ErX1xY8P5bwdbMI++AuXpw/MdTkgGqyupXk9IuEOGS67jQL1e +KlLNckEHKsDChWEG+RUAIOUCgYAnq9CbB66sbGveg3yvXXNb5zZMzAV0n91FtF8P +NxKjyM/3/1qK9A+XUrBATappgUXSv/XBdOhz6WY+9tMupM4bbaWaQsjJCDs4bygK +dvDt0R1O9ch2UjnmAx/8rk5yKNLfRIzo4q2zXx0snIYCMbn9LsYZoMoA8r+Oipv0 +iR+wTQKBgQCpVCOigFz1pxUxWdbjQicEwug8k7dOtXkWepNqmXXFQTXUQnhsJ4iP +DlDGllPBJasoReRLAnI4OTkbuU1qECnUilVvFnqnuuox3vJ4IWeTdAxcmUAK7+WD +7EYQgHFDybzjEhxXtXGaMSfndAEVwPMRitZMUXaBjnufFW/j/8mrYg== +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/roles/backup_client/tests/test_default.py b/roles/backup_client/tests/test_default.py new file mode 100644 index 0000000000000000000000000000000000000000..ef04a32b8c6dc6cc2738e21edb2cf11d1c0c55c9 --- /dev/null +++ b/roles/backup_client/tests/test_default.py @@ -0,0 +1,12 @@ +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + '.molecule/ansible_inventory').get_hosts('all') + + +def test_hosts_file(File): + f = File('/etc/hosts') + + assert f.exists + assert f.user == 'root' + assert f.group == 'root'