예제 #1
0
def varnish():
    env.platform_family = detect.detect()

    varnish_config = "/etc/varnish/default.vcl"

    assert package.installed("varnish")
    assert process.is_up("varnishd")
    assert service.is_enabled("varnish")
    assert port.is_listening(80)
    assert file.has_line(varnish_config, "backend master")
    assert file.has_line(varnish_config, "backend local")
예제 #2
0
def varnish():
    env.platform_family = detect.detect()

    varnish_config = "/etc/varnish/default.vcl"

    assert package.installed("varnish")
    assert process.is_up("varnishd")
    assert service.is_enabled("varnish")
    assert port.is_listening(80)
    assert file.has_line(varnish_config, "backend master")
    assert file.has_line(varnish_config, "backend local")
예제 #3
0
 def add_password(self, ip, password):
     config = { "ip_address": ip,
                "password":password,
                "type":"vmpassword"
              }
     self.update_config(config)
     assert file.has_line("/var/cache/cloud/passwords", "%s=%s" % (ip, password))
예제 #4
0
def check():
    env.platform_family = detect.detect()
    # file
    assert file.exists("/etc/hosts")
    assert file.is_file("/etc/hosts")
    assert file.is_dir("/tmp/")
    assert file.dir_exists("/tmp/")
    assert file.has_line("/etc/passwd", "sshd")
    assert file.owner_is("/bin/sh", "root")
    if env.platform_family == "freebsd":
        assert file.is_link("/compat")
        assert file.group_is("/bin/sh", "wheel")
        assert file.mode_is("/bin/sh", "555")
    else:
        assert file.is_link("/usr/tmp")
        assert file.group_is("/bin/sh", "root")
        assert file.mode_is("/bin/sh", "777")

    assert package.installed("wget.x86_64")

    assert user.exists("sshd")
    assert user.is_belonging_group("worker", "users")

    assert group.is_exists("wheel")

    assert port.is_listening(22)
    assert cron.has_entry('shirou', 'python')

    if env.platform_family == "freebsd":
        assert service.is_enabled("apache22")
        assert process.is_up("httpd")
    else:
        assert service.is_enabled("http")
        assert process.is_up("http") is False
예제 #5
0
def apache2():
    assert package.installed("apache2")

    assert service.is_enabled("apache2")
    assert service.is_up("apache2")

    assert port.is_listening(80)

    assert file.is_file("/etc/apache2/httpd.conf")
    assert file.has_line("/etc/apache2/httpd.conf", "ServerName localhost")
예제 #6
0
def apache():
    env.platform_family = detect.detect()

    apache_config = "/etc/apache2/sites-enabled/wordpress.conf"

    assert package.installed("apache2")
    assert process.is_up("apache2")
    assert service.is_enabled("apache2")
    assert port.is_listening(8080)
    assert file.has_line(apache_config, "VirtualHost *:8080")
예제 #7
0
def apache():
    env.platform_family = detect.detect()

    apache_config = "/etc/apache2/sites-enabled/wordpress.conf"

    assert package.installed("apache2")
    assert process.is_up("apache2")
    assert service.is_enabled("apache2")
    assert port.is_listening(8080)
    assert file.has_line(apache_config, "VirtualHost *:8080")
예제 #8
0
def apache():
    env.platform_family = detect.detect()

    apache_config = "/etc/apache2/sites-enabled/wordpress.conf"
    web_user = "******"
    www_dir = "/var/www/vhosts/example.com"

    assert package.installed("apache2")
    assert process.is_up("apache2")
    assert service.is_enabled("apache2")
    assert port.is_listening(8080)
    assert file.has_line(apache_config, "VirtualHost *:8080")
    assert file.owner_is(www_dir, web_user)
예제 #9
0
def apache():
    env.platform_family = detect.detect()

    apache_config = "/etc/apache2/sites-enabled/wordpress.conf"
    web_user = "******"
    www_dir = "/var/www/vhosts/example.com"

    assert package.installed("apache2")
    assert process.is_up("apache2")
    assert service.is_enabled("apache2")
    assert port.is_listening(8080)
    assert file.has_line(apache_config, "VirtualHost *:8080")
    assert file.owner_is(www_dir, web_user)
예제 #10
0
    def guest_network(self,config):
        vpn_config = {
            "local_public_ip": config['router_guest_ip'],
            "local_guest_cidr":"%s/%s" % (config['router_guest_gateway'], config['cidr']),
            "local_public_gateway":"172.16.1.1",
            "peer_gateway_ip":"10.200.200.1",
            "peer_guest_cidr_list":"10.0.0.0/24",
            "esp_policy":"3des-md5",
            "ike_policy":"3des-md5",
            "ipsec_psk":"vpnblabla",
            "ike_lifetime":86400,
            "esp_lifetime":3600,
            "create":True,
            "dpd":False,
            "passive":False,
            "type":"site2sitevpn"
        }
        octets = config['router_guest_ip'].split('.')
        configs = []

        # This should fail because the network does not yet exist
        self.update_config(vpn_config)
        assert not file.exists("/etc/ipsec.d/ipsec.vpn-%s.conf" % vpn_config['peer_gateway_ip'])

        self.update_config(config)
        self.update_config(vpn_config)
        assert ip.has_ip("%s/%s" % (config['router_guest_ip'], config['cidr']), config['device'])
        assert process.is_up("apache2"), "Apache2 should be running after adding a guest network"
        assert process.is_up("dnsmasq"), "Dnsmasq should be running after adding a guest network"

        assert file.exists("/etc/ipsec.d/ipsec.vpn-%s.conf" % vpn_config['peer_gateway_ip'])
        assert file.mode_is("/etc/ipsec.d/ipsec.vpn-%s.secrets" % vpn_config['peer_gateway_ip'], "400")
        result = run("/usr/sbin/ipsec setup status", timeout=600, warn_only=True)
        assert result.succeeded, 'ipsec returned non zero status %s' % config['router_guest_ip']
		# Add a host to the dhcp server
		# This must happen in order for dnsmasq to be listening
        for n in range(3,13):
            ipb = ".".join(octets[0:3])
            ipa = "%s.%s" % (ipb, n)
            gw = "%s.1" % ipb
            self.basic_dhcp_entry['ipv4_adress'] =  ipa
            self.basic_dhcp_entry['default_gateway'] =  gw
            self.basic_dhcp_entry['host_name'] =  "host_%s" % (ipa)
            self.update_config(self.basic_dhcp_entry)
            configs.append(copy.deepcopy(self.basic_dhcp_entry))
        assert port.is_listening(80)
        assert port.is_listening(53)
        assert port.is_listening(53)
        assert port.is_listening(67)
        for o in configs:
            line = "%s,%s,%s,infinite" % (o['mac_address'], o['ipv4_adress'], o['host_name'])
            assert file.has_line("/etc/dhcphosts.txt", line)
        config['add'] = False
        self.update_config(config)
        assert not ip.has_ip("%s/%s" % (config['router_guest_ip'], config['cidr']), config['device'])
        # Now setup what we have redundant
        self.redundant("-e")
        self.configure()
        assert process.is_up("keepalived"), "Keepalived should be running after enabling redundancy"
        assert process.is_up("conntrackd"), "Conntrackd should be running after enabling redundancy"
        self.redundant("-d")
        self.configure()
        assert not process.is_up("keepalived"), "Keepalived should be not running after disabling redundancy"
        assert not process.is_up("conntrackd"), "Conntrackd should be not running after disabling redundancy"
        for o in configs:
            o['add'] = False
            self.update_config(o)
        for o in configs:
            line = "%s,%s,%s,infinite" % (o['mac_address'], o['ipv4_adress'], o['host_name'])
            assert file.has_line("/etc/dhcphosts.txt", line) is False
        # If the network gets deleted so should the vpn
        assert not file.exists("/etc/ipsec.d/ipsec.vpn-%s.conf" % vpn_config['peer_gateway_ip'])
예제 #11
0
 def check_password(self,passw):
     for val in passw:
         self.add_password(val, passw[val])
     for val in passw:
         assert file.has_line("/var/cache/cloud/passwords", "%s=%s" % (val, passw[val]))