summaryrefslogtreecommitdiff
path: root/tests/example-provider
diff options
context:
space:
mode:
Diffstat (limited to 'tests/example-provider')
-rw-r--r--tests/example-provider/README.md8
-rw-r--r--tests/example-provider/Vagrantfile58
-rw-r--r--tests/example-provider/hiera.yaml6
-rwxr-xr-xtests/example-provider/vagrant/add-pixelated.sh32
-rwxr-xr-xtests/example-provider/vagrant/configure-leap.sh92
-rwxr-xr-xtests/example-provider/vagrant/install-platform.pp15
-rw-r--r--tests/example-provider/vagrant/vagrant.config23
7 files changed, 234 insertions, 0 deletions
diff --git a/tests/example-provider/README.md b/tests/example-provider/README.md
new file mode 100644
index 00000000..80cb3ae9
--- /dev/null
+++ b/tests/example-provider/README.md
@@ -0,0 +1,8 @@
+Here lies a script to generate a pre-configured provider using Vagrant virtual
+machines. This virtual provider includes only a single node.
+
+All you have to do is this:
+
+ cd leap_platform/tests/example-provider
+ vagrant up
+
diff --git a/tests/example-provider/Vagrantfile b/tests/example-provider/Vagrantfile
new file mode 100644
index 00000000..1e410f5e
--- /dev/null
+++ b/tests/example-provider/Vagrantfile
@@ -0,0 +1,58 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant.configure("2") do |config|
+
+ # shared config for all boxes
+
+ # make the leap_platform directory available as /srv/leap_platform
+ # inside the virtual machine.
+ config.vm.synced_folder "../..", "/srv/leap_platform"
+
+ # Please verify the sha512 sum of the downloaded box before importing it into vagrant !
+ # see https://leap.se/en/docs/platform/details/development#Verify.vagrantbox.download
+ # for details
+ config.vm.box = "LEAP/jessie"
+
+ config.vm.provider "virtualbox" do |v|
+ v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
+ v.name = "jessie"
+ v.memory = 1536
+ end
+
+ config.vm.provider "libvirt" do |v|
+ v.memory = 1536
+ end
+
+ # Fix annoying 'stdin: is not a tty' warning
+ # see http://foo-o-rama.com/vagrant--stdin-is-not-a-tty--fix.html
+ config.vm.provision "shell" do |s|
+ s.privileged = false
+ s.inline = "sudo sed -i '/tty/!s/mesg n/tty -s \\&\\& mesg n/' /root/.profile"
+ end
+
+ config.vm.provision "puppet" do |puppet|
+ puppet.manifests_path = "./vagrant"
+ puppet.module_path = "../../puppet/modules"
+ puppet.manifest_file = "install-platform.pp"
+ puppet.options = "--verbose"
+ puppet.hiera_config_path = "./hiera.yaml"
+ end
+ config.vm.provision "shell", path: "vagrant/configure-leap.sh"
+
+ config.ssh.username = "vagrant"
+
+ # forward leap_web ports
+ config.vm.network "forwarded_port", guest: 443, host:4443
+ # forward pixelated ports
+ config.vm.network "forwarded_port", guest: 8080, host:8080
+ config.vm.network "forwarded_port", guest: 4430, host:4430
+
+ config.vm.define :"leap_platform", primary: true do |leap_vagrant|
+ end
+
+ config.vm.define :"pixelated", autostart: false do |pixelated_vagrant|
+ pixelated_vagrant.vm.provision "shell", path: "vagrant/add-pixelated.sh"
+ end
+
+end
diff --git a/tests/example-provider/hiera.yaml b/tests/example-provider/hiera.yaml
new file mode 100644
index 00000000..3ff857b8
--- /dev/null
+++ b/tests/example-provider/hiera.yaml
@@ -0,0 +1,6 @@
+---
+:backends: yaml
+:yaml:
+ :datadir: /var/lib/hiera
+:hierarchy: common
+:logger: console
diff --git a/tests/example-provider/vagrant/add-pixelated.sh b/tests/example-provider/vagrant/add-pixelated.sh
new file mode 100755
index 00000000..f9908947
--- /dev/null
+++ b/tests/example-provider/vagrant/add-pixelated.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+#
+# adds pixelated-server to the node
+
+. /vagrant/vagrant/vagrant.config
+
+cd "$PROVIDERDIR"
+
+if ! git submodule status files/puppet/modules/pixelated > /dev/null 2>&1; then
+ git submodule add https://github.com/pixelated/puppet-pixelated.git files/puppet/modules/pixelated
+fi
+
+echo '{}' > services/pixelated.json
+[ -d files/puppet/modules/custom/manifests ] || mkdir -p files/puppet/modules/custom/manifests
+echo 'class custom { include ::pixelated}' > files/puppet/modules/custom/manifests/init.pp
+
+$LEAP $OPTS -v 2 deploy
+
+echo '==============================================='
+echo 'testing the platform'
+echo '==============================================='
+
+$LEAP $OPTS -v 2 test --continue
+
+
+echo -e '\n===========================================================================================================\n\n'
+echo -e 'You are now ready to use your vagrant Pixelated provider.\n'
+
+echo -e 'The LEAP webapp is available at https://localhost:4443. Use it to register an account before using the Pixelated Useragent.\n'
+echo -e 'The Pixelated Useragent is available at https://localhost:8080\n'
+
+echo -e 'Please add an exception for both sites in your browser dialog to allow the self-signed certificate.\n'
diff --git a/tests/example-provider/vagrant/configure-leap.sh b/tests/example-provider/vagrant/configure-leap.sh
new file mode 100755
index 00000000..fd34d7ea
--- /dev/null
+++ b/tests/example-provider/vagrant/configure-leap.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+
+
+. /vagrant/vagrant/vagrant.config
+
+echo '==============================================='
+echo 'configuring leap'
+echo '==============================================='
+
+# purge $PROVIDERDIR so this script can be run multiple times
+[ -e $PROVIDERDIR ] && rm -rf $PROVIDERDIR
+
+mkdir -p $PROVIDERDIR
+chown ${USER}:${USER} ${PROVIDERDIR}
+cd $PROVIDERDIR
+
+$LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform="$PLATFORMDIR" .
+echo -e '\n@log = "./deploy.log"' >> Leapfile
+
+if [ ! -e /home/${USER}/.ssh/id_rsa ]; then
+ $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P ''
+ [ -d /root/.ssh ] || mkdir /root/.ssh
+ cat /home/${USER}/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
+fi
+
+$SUDO mkdir -p ${PROVIDERDIR}/files/nodes/${NODE}
+sh -c "cat /etc/ssh/ssh_host_rsa_key.pub | cut -d' ' -f1,2 >> $PROVIDERDIR/files/nodes/$NODE/${NODE}_ssh.pub"
+chown ${USER}:${USER} ${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub
+
+$LEAP $OPTS add-user --self
+$LEAP $OPTS cert ca
+$LEAP $OPTS cert csr
+$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" couch.mode:plain services:"$services" tags:production
+echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json
+
+$LEAP $OPTS compile
+
+$GIT init
+$GIT add .
+$GIT commit -m'configured provider'
+
+$LEAP $OPTS node init $NODE
+if [ $? -eq 1 ]; then
+ echo 'node init failed'
+ exit 1
+fi
+
+# couchrest gem does currently not install on jessie
+# https://leap.se/code/issues/7754
+# workaround is to install rake as gem
+gem install rake
+
+$LEAP $OPTS -v 2 deploy
+
+$GIT add .
+$GIT commit -m'initialized and deployed provider'
+
+# Vagrant: leap_mx fails to start on jessie
+# https://leap.se/code/issues/7755
+# Workaround: we stop and start leap-mx after deploy and
+# before testing
+
+service leap-mx stop
+service leap-mx start
+
+
+
+echo '==============================================='
+echo 'testing the platform'
+echo '==============================================='
+
+$LEAP $OPTS -v 2 test --continue
+
+echo '==============================================='
+echo 'setting node to demo-mode'
+echo '==============================================='
+postconf -e default_transport='error: in demo mode'
+
+# add users: testadmin and testuser with passwords "hallo123"
+curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testuser&user%5Bpassword_salt%5D=7d4880237a038e0e&user%5Bpassword_verifier%5D=b98dc393afcd16e5a40fb57ce9cddfa6a978b84be326196627c111d426cada898cdaf3a6427e98b27daf4b0ed61d278bc856515aeceb2312e50c8f816659fcaa4460d839a1e2d7ffb867d32ac869962061368141c7571a53443d58dc84ca1fca34776894414c1090a93e296db6cef12c2cc3f7a991b05d49728ed358fd868286"
+curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testadmin&user%5Bpassword_salt%5D=ece1c457014d8282&user%5Bpassword_verifier%5D=9654d93ab409edf4ff1543d07e08f321107c3fd00de05c646c637866a94f28b3eb263ea9129dacebb7291b3374cc6f0bf88eb3d231eb3a76eed330a0e8fd2a5c477ed2693694efc1cc23ae83c2ae351a21139701983dd595b6c3225a1bebd2a4e6122f83df87606f1a41152d9890e5a11ac3749b3bfcf4407fc83ef60b4ced68"
+
+echo -e '\n===========================================================================================================\n\n'
+echo -e 'You are now ready to use your local LEAP provider.\n'
+echo 'If you want to use the *Bitmask client* with your provider, please update your /etc/hosts with following dns overrides:'
+
+$LEAP list --print ip_address,domain.full,dns.aliases | sed 's/^.* //' | sed 's/, null//g' | tr -d '\]\[",'
+
+echo 'Please see https://leap.se/en/docs/platform/tutorials/vagrant#use-the-bitmask-client-to-do-an-initial-soledad-sync for more details how to use and test your LEAP provider.'
+echo -e "\nIf you don't want to use the Bitmask client, please ignore the above instructions.\n"
+echo -e 'The LEAP webapp is now available at https://localhost:4443\n'
+echo -e 'Please add an exception in your browser dialog to allow the self-signed certificate.\n'
diff --git a/tests/example-provider/vagrant/install-platform.pp b/tests/example-provider/vagrant/install-platform.pp
new file mode 100755
index 00000000..223853c1
--- /dev/null
+++ b/tests/example-provider/vagrant/install-platform.pp
@@ -0,0 +1,15 @@
+class {'apt': }
+Exec['update_apt'] -> Package <||>
+
+# install leap_cli from source, so it will work with the develop
+# branch of leap_platform
+class { '::leap::cli::install':
+ source => true,
+}
+
+file { [ '/srv/leap', '/srv/leap/configuration', '/var/log/leap' ]:
+ ensure => directory
+}
+
+# install prerequisites for configuring the provider
+include ::git
diff --git a/tests/example-provider/vagrant/vagrant.config b/tests/example-provider/vagrant/vagrant.config
new file mode 100644
index 00000000..60d2a52c
--- /dev/null
+++ b/tests/example-provider/vagrant/vagrant.config
@@ -0,0 +1,23 @@
+# provider config values used by vagrant provision scripts
+provider_domain='example.org'
+provider_name='Leap Example Provider'
+contacts="no-reply@$provider_domain"
+
+# serivces that get configured
+# note that the "openvpn" service does currently *not* work
+# in a vagrant setup,
+# see https://leap.se/en/docs/platform/troubleshooting/known-issues#Special.Environments
+# to speed up things, don't deploy monitor service by default
+# services='webapp,mx,couchdb,soledad,monitor'
+services='webapp,mx,couchdb,soledad'
+
+# default vars used by vagrant provision scripts
+OPTS=''
+USER='vagrant'
+NODE='node1'
+SUDO="sudo -u ${USER}"
+PROVIDERDIR="/home/${USER}/leap/configuration"
+PLATFORMDIR="/srv/leap_platform"
+LEAP="$SUDO /usr/local/bin/leap"
+GIT="$SUDO git"
+