majic-ansible-roles Changeset

Changeset - b598cf22ae50

Parent rev.

Child rev.

[Not reviewed]

0 1 12

Branko Majic (branko) - 7 years ago 2017-07-05 15:29:56
branko@majic.rs

MAR-28: Implemented backup tests for mail_server role:

- Reworked slightly how /etc/hosts is set-up to allow for multiple names to be
associated with the same IP in test playbook.
- Updated LDAP server to behave as backup server as well.
- Enabled backups on server used for testing optional parameters.
- Implemented backup tests.
- Added necessary test data for backups (keys etc).

13 files changed with 151 insertions and 6 deletions:

roles/mail_server/playbook.yml

roles/mail_server/tests/data/gnupg/parameters-optional.asc

roles/mail_server/tests/data/ssh/parameters-optional

roles/mail_server/tests/data/ssh/parameters-optional.pub

roles/mail_server/tests/data/ssh/server_dsa

roles/mail_server/tests/data/ssh/server_dsa.pub

roles/mail_server/tests/data/ssh/server_ecdsa

roles/mail_server/tests/data/ssh/server_ecdsa.pub

roles/mail_server/tests/data/ssh/server_ed25519

roles/mail_server/tests/data/ssh/server_ed25519.pub

roles/mail_server/tests/data/ssh/server_rsa

roles/mail_server/tests/data/ssh/server_rsa.pub

roles/mail_server/tests/test_backup.py

0 comments (0 inline, 0 general)

roles/mail_server/playbook.yml

➞

Show inline comments

@@ @@ -13,13 +13,13 @@ @@
     - name: Set-up /etc/hosts entries
       lineinfile:
         dest: /etc/hosts
-        line: "{{ item.value }} {{ item.key }}"
+        line: "{{ item.key }} {{ item.value }}"
       with_dict:
         ldap-server: 10.31.127.10
         client1: 10.31.127.20
         client2: 10.31.127.21
         parameters-mandatory: 10.31.127.30
         parameters-optional: 10.31.127.31
 .31.127.10: "ldap-server backup-server"
 .31.127.20: "client1"
 .31.127.21: "client2"
 .31.127.30: "parameters-mandatory"
 .31.127.31: "parameters-optional"
 - hosts: client1,client2
   tasks:
@@ @@ -181,6 +181,17 @@ @@
           option: URI
           value: ldapi:///
     - role: backup_server
       backup_host_ssh_private_keys:
         dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"
         rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
         ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
         ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
       backup_clients:
         - server: parameters-optional
           ip: 10.31.127.31
           public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
 - hosts: parameters-mandatory
   roles:
     - role: mail_server
@@ @@ -231,3 +242,14 @@ @@
       # common
       ca_certificates:
         testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
       # backup_client
       enable_backup: yes
       backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
       backup_server: ldap-server
       backup_server_host_ssh_public_keys:
         - "{{ lookup('file', 'tests/data/ssh/server_dsa.pub') }}"
         - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"
         - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"
         - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"
       backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"

roles/mail_server/tests/data/gnupg/parameters-optional.asc

➞

Show inline comments

@@ new file 100644 @@
 -----BEGIN PGP PRIVATE KEY BLOCK-----
 lQHYBFk8WOUBBACx3ucDgYW7KWDO1q1Y00+YpezTqI6X4xZ/JmGGQsb0004RRWha
 lCdhPOyVHLZ+JJtIBxd6nvZcEyS7oN4JVkM6un7vWmI7ZdS5hb2muKUPUVxq9bj+
 aKMpMMhT4nKQFFNQtzCYxMmGnt8ju4+ofbCpfoutjtaBMuHdAy8rfujUvQARAQAB
 AAP8Cg0uIdkWbRK0CUxBZIUgeOBbh0R9tmCbW1kYZsVsR9aPEVPKR2Aa75hJSE3k
 lDFOYx4fegr0ohRk3YOEOKPazaUq9Zd38z5MhJQ3DHDnWmyxzrOhPUlVxeJKYeoB
 HFq2ZvGA2Cr2LN2aIhgVliCamoatfCZI+4KDxHHuyqkaQJMCAMv6tb5VqiLrLYu5
 cd4ZtbKWZBI7l124odKx+Vbv2W7BTx5Ox2QztQxBTuGtbYpn1yGsvTdgxUKlvLbh
 SMD/2zsCAN87oIo2Vo7cfabi4MSTwq9hvEYZWgH14m8J7ov+JM7I8uo4jnG9IKGU
 +FTF+oOHpXKKV97UadHNHboFnD4s4GcB/iU50BziDAiCQHN5VSiPUwBtRN1zsKWM
 XKEIy9l9Q3iDBcDZK3RSYDR+MTJw7XKpCR3Sk1Gc8djYucSzVcVIdc2iiLQTcGFy
 YW1ldGVycy1vcHRpb25hbIjOBBMBCAA4FiEEqnuyHTJ1tDAgpElXxLKun3pPQAoF
 Alk8WOUCGy8FCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQxLKun3pPQAp2dgP/
 cRK3TVbodvQJ9F28UHypufnsiWmqz0mqTE4Vj+4MbBOz7B9wzDsgjhNLOtvP2h1q
 uTDYTGQoOf0rzMvvIHlpzeaTFBLGmeypT3xlMIfZkCoNkeCnMTdGe6g8OkBBAgy
 jVPCbrHMci5LJ3cD618LINi8HvnJX6EAagwiDJ93Cs=
 =NWj6
 -----END PGP PRIVATE KEY BLOCK-----

roles/mail_server/tests/data/ssh/parameters-optional

➞

Show inline comments

@@ new file 100644 @@
 -----BEGIN EC PRIVATE KEY-----
 MHcCAQEEICwzh3hupZa3aKFWFwdRosm8kXS6czUWw/sHIvgKWNEcoAoGCCqGSM49
 AwEHoUQDQgAEPh00CkvI6wEACjGfETwsP1RwyekgFsiQl7IvuJ4Nc20GgdvzRw6n
 gFDn1F4NkfdJl1Fg2UNLMeXWG4murieuBA==
 -----END EC PRIVATE KEY-----
@@ \ No newline at end of file @@

roles/mail_server/tests/data/ssh/parameters-optional.pub

➞

Show inline comments

		new file 100644
		ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBD4dNApLyOsBAAoxnxE8LD9UcMnpIBbIkJeyL7ieDXNtBoHb80cOp4BQ59ReDZH3SZdRYNlDSzHl1huJrq4nrgQ=

roles/mail_server/tests/data/ssh/server_dsa

➞

Show inline comments

@@ new file 100644 @@
 -----BEGIN DSA PRIVATE KEY-----
 MIIBuwIBAAKBgQC3/oHx0JwDDkeDfyIwmZZ4noz3AJHQevxPGMIhtuminkaN8dkN
 m7nRVqiTLW7X3M9PvoVQDti72GJNrlTHtlqFcFkmRkAOH3BlK7OQeAh06Tpf5R7r
 txosTbIQs/vLnkA6rPzWKfwXVHFOMiMb1CCOvt4Qf25Ec/C6XM2CSialZQIVAPrK
 yQB2thxWIW1tNyIYTK0a0G/AoGARVHZiVRTz0HfDcpwQJJPnijFEBUdgnGIA9cP
 wX09FD/OYS/5mF9RGosvlN8pTeoPPkTWpUF9CMpiGDIrF0kTxdYBJVaW7ghfVVeP
 XNN6v/S30aIFdbUaWXhM/SSucWwb4hJyPpCj/KNYr5iIwFZZ+9pZynR/reJ45muQ
 gaRvcyUCgYAYAG/Udg4i/2q8Iemqs5TuP48ge1CxQcyFw4vVl2zr85MPZ24rBf+Z
 PGy1CsEBpJqHQ5agftMYR9CRcxlqAP44JpIPcSq1NsL59HnXDsdCe/IJjO4JmL1H
 L+VIcWkXgj0MxGds8hck+HC5lX7jGAKjZBea8ksBZD/Ma2WvYKXpggIVANDGn68D
 y8jb/9mLaOM8bd9VFfdC
 -----END DSA PRIVATE KEY-----
@@ \ No newline at end of file @@

roles/mail_server/tests/data/ssh/server_dsa.pub

➞

Show inline comments

new file 100644

ssh-dss AAAAB3NzaC1kc3MAAACBALf+gfHQnAMOR4N/IjCZlniejPcAkdB6/E8YwiG26aKeRo3x2Q2budFWqJMtbtfcz0++hVAO2LvYYk2uVMe2WoVwWSZGQA4fcGUrs5B4CHTpOl/lHuu3GixNshCz+8ueQDqs/NYp/BdUcU4yIxvUII6+3hB/bkRz8LpczYJKJqVlAAAAFQD6yuMkAdrYcViFtbTciGEytGtBvwAAAIBFUdmJVFPPQd8NynBAkk+eKMUQFR2CcYgD1w/BfT0UP85hL/mYX1Eaiy+U3ylN6g8+RNalQX0IymIYMisXSRPF1gElVpbuCF9VV49c03q/9LfRogV1tRpZeEz9JK5xbBviEnI+kKP8o1ivmIjAVln72lnKdH+t4njma5CBpG9zJQAAAIAYAG/Udg4i/2q8Iemqs5TuP48ge1CxQcyFw4vVl2zr85MPZ24rBf+ZPGy1CsEBpJqHQ5agftMYR9CRcxlqAP44JpIPcSq1NsL59HnXDsdCe/IJjO4JmL1HL+VIcWkXgj0MxGds8hck+HC5lX7jGAKjZBea8ksBZD/Ma2WvYKXpgg==

roles/mail_server/tests/data/ssh/server_ecdsa

➞

Show inline comments

@@ new file 100644 @@
 -----BEGIN EC PRIVATE KEY-----
 MHcCAQEEICsNfHic+b1E8HsU2kXcQNXozt4SHCb9VQC06GvbTkZuoAoGCCqGSM49
 AwEHoUQDQgAEtplvzFzDk9vNDwmjzHKBxRojrOIYuz5mqwColI4ii72I3TNIo71r
 i6Nt4yAht9lk8HlRZy/ULE16RNni2SsBow==
 -----END EC PRIVATE KEY-----
@@ \ No newline at end of file @@

roles/mail_server/tests/data/ssh/server_ecdsa.pub

➞

Show inline comments

		new file 100644
		ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLaZb8xcw5PbzQ8Jo8xygcUaI6ziGLs+ZqsAqJSOIou9iN0zSKO9a4ujbeMgIbfZZPB5UWcv1CxNekTZ4tkrAaM=

roles/mail_server/tests/data/ssh/server_ed25519

➞

Show inline comments

@@ new file 100644 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
 QyNTUxOQAAACDkMzY9epWd7nCCb8JxWM0f72U90rloiFTzToSuSRpaugAAAJDQ62Z20Otm
 dgAAAAtzc2gtZWQyNTUxOQAAACDkMzY9epWd7nCCb8JxWM0f72U90rloiFTzToSuSRpaug
 AAAEDvdmF74GsQAOmsWcFWmXsbzdcSoHNbLiTkSWaVp0CtV+QzNj16lZ3ucIJvwnFYzR/v
 ZT3SuWiIVPNOhK5JGlq6AAAADGJyYW5rb0BtYXJrcwE=
 -----END OPENSSH PRIVATE KEY-----
@@ \ No newline at end of file @@

roles/mail_server/tests/data/ssh/server_ed25519.pub

➞

Show inline comments

		new file 100644
		ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQzNj16lZ3ucIJvwnFYzR/vZT3SuWiIVPNOhK5JGlq6

roles/mail_server/tests/data/ssh/server_rsa

➞

Show inline comments

@@ new file 100644 @@
 -----BEGIN RSA PRIVATE KEY-----
 MIIEpAIBAAKCAQEAtkqm8GTWp4UzDPMC9YhrTTke52G13AkDW1OuXK1zeN1tbc+B
 l6MpbhxBF7NMHu45mWcqMNfV/PVXucPDgy+NikQ7TV6DfMI6C8GdZe4hrKzdaFFy
 T+4uovZR/9Bfn7nRQd05ud4nga9DBDHcQEAaZPjAouuBtIrr2XhNLChuSX0pMvNm
 WdupuRHITkSbooijmwdexLFBpdPdUvHoi1yCIkEL4OHffd96AKjQi3tLsWzXyXGz
 CQHa/pva2MclaD18HlJtW3m/+v72UMwH9By+fiHP5my7t8+IbbQodHSJQqo0Xv/J
 ZahdtabCJTfA/IWZM2OlhKO/7/cBwBhUxRRZSQIDAQABAoIBAG/EObKuwQWZH4HT
 BX9xkwiX+yC2wgAU7p/yILfmCSST7uIjFjvY6DAA1tAnOIbGXT53CGFGFIeyDYVy
 R8+JOmkKCKoZRtkZZOmMXmr+pFrw6hdpyILFcIauK/yCz/5ouap+b0RMt0BGKvrJ
 b1dddlFuSv4ZEz+U5aJCpl5qs6QONO5Niz69eYM+b+Pz9uRYL1W/hZoQrDUQR8oD
 QBUUhnaSACawe8KBGjFp19K3NrEwtWKYQrdENdc7wb+ho3wBQY0CXgjgA3gTMGbk
 VLBBqcDlTMbHlOaWT8iUeq+8nJ6ikJTC9LkUjDHZlhM90dHKs3ZOXyAsgm/u5ybM
 yTSEgWECgYEA8C2oDFRHrAZrSCLyAdzDZ/tiOksQ/wYZVQirE3p8cAqcpd9Y3T6Z
 kK64aCIV+bOunvK0gewmPsc9HN/XfVtr4PlBHDtfERWmSQFwCmnu+a4V/pkfTBWf
 SwhUKTExEMdzlPZ+WnHXiiBaPHdOmq2tZr8gEzCyFyQiuplzYBIQHF0CgYEAwkzM
 r6I2EWR3NTFTODr6OqFSUs7HenyVQawG4SSsKZ6xIsmUt0EJ6uJRmJx40cC88bRd
 AbclJm68mzdP8Nj3fau50tGMogaf1pFykmnwcP35dVriGWuBM0XtDlXOw6A1asz6
 ul9JXuOjZdTtb9uAGn4j3D2sWgJrlSJP/fRVgd0CgYEAsX0b9diGiqLHvyxL6YJq
 STplcaytp7irGcLpIeDferDs6EtwUTeEpn3nutSNptTZE49KQ8Tu0m/MQr1MctAP
 nda0/hcF/wsfsk3ErX1xY8P5bwdbMI++AuXpw/MdTkgGqyupXk9IuEOGS67jQL1e
 KlLNckEHKsDChWEG+RUAIOUCgYAnq9CbB66sbGveg3yvXXNb5zZMzAV0n91FtF8P
 NxKjyM/3/1qK9A+XUrBATappgUXSv/XBdOhz6WY+9tMupM4bbaWaQsjJCDs4bygK
 dvDt0R1O9ch2UjnmAx/8rk5yKNLfRIzo4q2zXx0snIYCMbn9LsYZoMoA8r+Oipv0
 iR+wTQKBgQCpVCOigFz1pxUxWdbjQicEwug8k7dOtXkWepNqmXXFQTXUQnhsJ4iP
 DlDGllPBJasoReRLAnI4OTkbuU1qECnUilVvFnqnuuox3vJ4IWeTdAxcmUAK7+WD
 EYQgHFDybzjEhxXtXGaMSfndAEVwPMRitZMUXaBjnufFW/j/8mrYg==
 -----END RSA PRIVATE KEY-----
@@ \ No newline at end of file @@

roles/mail_server/tests/data/ssh/server_rsa.pub

➞

Show inline comments

new file 100644

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2SqbwZNanhTMM8wL1iGtNOR7nYbXcCQNbU65crXN43W1tz4GXoyluHEEXs0we7jmZZyow19X89Ve5w8ODL42KRDtNXoN8wjoLwZ1l7iGsrN1oUXJP7i6i9lH/0F+fudFB3Tm53ieBr0MEMdxAQBpk+MCi64G0iuvZeE0sKG5JfSky82ZZ26m5EchORJuiiKObB17EsUGl091S8eiLXIIiQQvg4d9933oAqNCLe0uxbNfJcbMJAdr+m9rYxyVoPXweUm1beb/6/vZQzAf0HL5+Ic/mbLu3z4httCh0dIlCqjRe/8llqF21psIlN8D8hZkzY6WEo7/v9wHAGFTFFFlJ

roles/mail_server/tests/test_backup.py

➞

Show inline comments

@@ new file 100644 @@
 import testinfra.utils.ansible_runner
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     '.molecule/ansible_inventory').get_hosts('parameters-optional')
 def test_backup(Command, File, Sudo):
     """
     Tests if mail directory is correctly backed-up.
     """
     # Deliver two mails in order to make sure the directory structure is
     # created.
     send = Command('swaks --suppress-data --to john.doe@domain1 --server localhost')
     assert send.rc == 0
     send = Command('swaks --suppress-data --to jane.doe@domain2 --server localhost')
     assert send.rc == 0
     with Sudo():
         # Remove restore directory in order to make sure restore has worked
         # correctly.
         Command("rm -rf /root/restore")
         backup_run = Command('duply main backup')
         assert backup_run.rc == 0
         restore_run = Command('duply main restore /root/restore')
         assert restore_run.rc == 0
         for directory_path in ["/root/restore/var/virtmail/domain1",
                                "/root/restore/var/virtmail/domain1/john.doe",
                                "/root/restore/var/virtmail/domain1/john.doe/Maildir",
                                "/root/restore/var/virtmail/domain2",
                                "/root/restore/var/virtmail/domain2/jane.doe",
                                "/root/restore/var/virtmail/domain2/jane.doe/Maildir"]:
             directory = File(directory_path)
             assert directory.is_directory
             assert directory.user == "virtmail"
             assert directory.group == "virtmail"
             assert directory.mode == 0o700

0 comments (0 inline, 0 general)