From 7ce3190986cf8e5fe037a7ccd4c1076505b117f4 Mon Sep 17 00:00:00 2001 From: Micah Date: Tue, 12 Jul 2016 16:41:59 -0400 Subject: remove submodules in preparation for move to subrepos Change-Id: Ia7655153b556337f676e3d909559c4a7306bedd6 --- puppet/modules/openvpn | 1 - 1 file changed, 1 deletion(-) delete mode 160000 puppet/modules/openvpn (limited to 'puppet/modules/openvpn/spec') diff --git a/puppet/modules/openvpn b/puppet/modules/openvpn deleted file mode 160000 index 25f1fe8d..00000000 --- a/puppet/modules/openvpn +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 25f1fe8d813f6128068d890a40f5e24be78fb47c -- cgit v1.2.3 From da37dd95c39f3f100020164473eed53a317fb53f Mon Sep 17 00:00:00 2001 From: Micah Date: Tue, 12 Jul 2016 16:45:26 -0400 Subject: git subrepo clone https://leap.se/git/puppet_openvpn puppet/modules/openvpn subrepo: subdir: "puppet/modules/openvpn" merged: "26d4edc" upstream: origin: "https://leap.se/git/puppet_openvpn" branch: "master" commit: "26d4edc" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "1e79595" Change-Id: I596766ccfb806b3ca2d1c755c4e24c5ad3d997f9 --- .../openvpn/spec/classes/openvpn_config_spec.rb | 15 ++ .../openvpn/spec/classes/openvpn_init_spec.rb | 9 ++ .../openvpn/spec/classes/openvpn_install_spec.rb | 11 ++ .../openvpn/spec/classes/openvpn_service_spec.rb | 13 ++ .../openvpn/spec/defines/openvpn_client_spec.rb | 88 +++++++++++ .../defines/openvpn_client_specific_config_spec.rb | 40 +++++ .../openvpn/spec/defines/openvpn_server_spec.rb | 165 +++++++++++++++++++++ puppet/modules/openvpn/spec/spec_helper.rb | 2 + 8 files changed, 343 insertions(+) create mode 100644 puppet/modules/openvpn/spec/classes/openvpn_config_spec.rb create mode 100644 puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb create mode 100644 puppet/modules/openvpn/spec/classes/openvpn_install_spec.rb create mode 100644 puppet/modules/openvpn/spec/classes/openvpn_service_spec.rb create mode 100644 puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb create mode 100644 puppet/modules/openvpn/spec/defines/openvpn_client_specific_config_spec.rb create mode 100644 puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb create mode 100644 puppet/modules/openvpn/spec/spec_helper.rb (limited to 'puppet/modules/openvpn/spec') diff --git a/puppet/modules/openvpn/spec/classes/openvpn_config_spec.rb b/puppet/modules/openvpn/spec/classes/openvpn_config_spec.rb new file mode 100644 index 00000000..bbb63a77 --- /dev/null +++ b/puppet/modules/openvpn/spec/classes/openvpn_config_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe 'openvpn::config', :type => :class do + + it { should create_class('openvpn::config') } + + context "on Debian based machines" do + let (:facts) { { :osfamily => 'Debian', :concat_basedir => '/var/lib/puppet/concat' } } + + it { should contain_class('concat::setup') } + it { should contain_concat('/etc/default/openvpn') } + it { should contain_concat__fragment('openvpn.default.header') } + end + +end diff --git a/puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb b/puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb new file mode 100644 index 00000000..45dcc9bf --- /dev/null +++ b/puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb @@ -0,0 +1,9 @@ +require 'spec_helper' + +describe 'openvpn', :type => :class do + + let (:facts) { { :concat_basedir => '/var/lib/puppet/concat' } } + + it { should create_class('openvpn') } + +end diff --git a/puppet/modules/openvpn/spec/classes/openvpn_install_spec.rb b/puppet/modules/openvpn/spec/classes/openvpn_install_spec.rb new file mode 100644 index 00000000..cdb31358 --- /dev/null +++ b/puppet/modules/openvpn/spec/classes/openvpn_install_spec.rb @@ -0,0 +1,11 @@ +require 'spec_helper' + +describe 'openvpn::install', :type => :class do + + it { should create_class('openvpn::install') } + it { should contain_package('openvpn') } + + it { should contain_file('/etc/openvpn').with('ensure' => 'directory') } + it { should contain_file('/etc/openvpn/keys').with('ensure' => 'directory') } + +end diff --git a/puppet/modules/openvpn/spec/classes/openvpn_service_spec.rb b/puppet/modules/openvpn/spec/classes/openvpn_service_spec.rb new file mode 100644 index 00000000..f427e7f1 --- /dev/null +++ b/puppet/modules/openvpn/spec/classes/openvpn_service_spec.rb @@ -0,0 +1,13 @@ +require 'spec_helper' + +describe 'openvpn::service', :type => :class do + + let (:facts) { { :concat_basedir => '/var/lib/puppet/concat' } } + + it { should create_class('openvpn::service') } + it { should contain_service('openvpn').with( + 'ensure' => 'running', + 'enable' => true + ) } + +end diff --git a/puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb b/puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb new file mode 100644 index 00000000..a4b580e8 --- /dev/null +++ b/puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb @@ -0,0 +1,88 @@ +require 'spec_helper' + +describe 'openvpn::client', :type => :define do + let(:title) { 'test_client' } + let(:params) { { 'server' => 'test_server' } } + let(:facts) { { :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat' } } + let(:pre_condition) do + 'openvpn::server { "test_server": + country => "CO", + province => "ST", + city => "Some City", + organization => "example.org", + email => "testemail@example.org" + }' + end + + it { should contain_exec('generate certificate for test_client in context of test_server') } + + [ 'test_client', 'test_client/keys'].each do |directory| + it { should contain_file("/etc/openvpn/test_server/download-configs/#{directory}") } + end + + [ 'test_client.crt', 'test_client.key', 'ca.crt' ].each do |file| + it { should contain_file("/etc/openvpn/test_server/download-configs/test_client/keys/#{file}").with( + 'ensure' => 'link', + 'target' => "/etc/openvpn/test_server/easy-rsa/keys/#{file}" + )} + end + + it { should contain_exec('tar the thing test_server with test_client').with( + 'cwd' => '/etc/openvpn/test_server/download-configs/', + 'command' => '/bin/rm test_client.tar.gz; tar --exclude=\*.conf.d -chzvf test_client.tar.gz test_client' + ) } + + context "setting the minimum parameters" do + let(:params) { { 'server' => 'test_server' } } + let(:facts) { { :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat' } } + + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^client$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^ca\s+keys\/ca\.crt$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^cert\s+keys\/test_client.crt$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^key\s+keys\/test_client\.key$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^dev\s+tun$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^proto\s+tcp$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^remote\s+somehost\s+1194$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^comp-lzo$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^resolv-retry\s+infinite$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^nobind$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^persist-key$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^persist-tun$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^mute-replay-warnings$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^ns\-cert\-type\s+server$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^verb\s+3$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^mute\s+20$/)} + end + + context "setting all of the parameters" do + let(:params) { { + 'server' => 'test_server', + 'compression' => 'comp-something', + 'dev' => 'tap', + 'mute' => 10, + 'mute_replay_warnings' => false, + 'nobind' => false, + 'persist_key' => false, + 'persist_tun' => false, + 'port' => '123', + 'proto' => 'udp', + 'remote_host' => 'somewhere', + 'resolv_retry' => '2m', + 'verb' => '1' + } } + let(:facts) { { :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat' } } + + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^client$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^ca\s+keys\/ca\.crt$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^cert\s+keys\/test_client.crt$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^key\s+keys\/test_client\.key$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^dev\s+tap$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^proto\s+udp$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^remote\s+somewhere\s+123$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^comp-something$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^resolv-retry\s+2m$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^verb\s+1$/)} + it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^mute\s+10$/)} + end + +end diff --git a/puppet/modules/openvpn/spec/defines/openvpn_client_specific_config_spec.rb b/puppet/modules/openvpn/spec/defines/openvpn_client_specific_config_spec.rb new file mode 100644 index 00000000..cfdab389 --- /dev/null +++ b/puppet/modules/openvpn/spec/defines/openvpn_client_specific_config_spec.rb @@ -0,0 +1,40 @@ +require 'spec_helper' + +describe 'openvpn::client_specific_config', :type => :define do + let(:title) { 'test_client' } + let(:params) { { 'server' => 'test_server' } } + let(:facts) { { :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat' } } + let(:pre_condition) do + [ + 'openvpn::server { "test_server": + country => "CO", + province => "ST", + city => "Some City", + organization => "example.org", + email => "testemail@example.org" + }', + 'openvpn::client { "test_client": + server => "test_server" + }' + ].join + end + + it { should contain_file('/etc/openvpn/test_server/client-configs/test_client') } + + describe "setting no paramter at all" do + it { should contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(/\A\n\z/) } + end + + describe "setting all parameters" do + let(:params) do + {:server => 'test_server', + :iroute => ['10.0.1.0 255.255.255.0'], + :ifconfig => '10.10.10.2 255.255.255.0', + :dhcp_options => ['DNS 8.8.8.8']} + end + + it { should contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(/^iroute 10.0.1.0 255.255.255.0$/) } + it { should contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(/^ifconfig-push 10.10.10.2 255.255.255.0$/) } + it { should contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(/^push dhcp-option DNS 8.8.8.8$/) } + end +end diff --git a/puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb b/puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb new file mode 100644 index 00000000..467be6aa --- /dev/null +++ b/puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb @@ -0,0 +1,165 @@ +require 'spec_helper' + +describe 'openvpn::server', :type => :define do + + let(:title) { 'test_server' } + + context "creating a server with the minimum parameters" do + let(:params) { { + 'country' => 'CO', + 'province' => 'ST', + 'city' => 'Some City', + 'organization' => 'example.org', + 'email' => 'testemail@example.org' + } } + + let (:facts) { { + :ipaddress_eth0 => '1.2.3.4', + :network_eth0 => '1.2.3.0', + :netmask_eth0 => '255.255.255.0', + :concat_basedir => '/var/lib/puppet/concat', + :osfamily => 'anything_else' + } } + + # Files associated with a server config + it { should contain_file('/etc/openvpn/test_server').with('ensure' => 'directory')} + it { should contain_file('/etc/openvpn/test_server/client-configs').with('ensure' => 'directory')} + it { should contain_file('/etc/openvpn/test_server/download-configs').with('ensure' => 'directory')} + it { should contain_file('/etc/openvpn/test_server/easy-rsa/vars')} + it { should contain_file('/etc/openvpn/test_server/easy-rsa/openssl.cnf')} + it { should contain_file('/etc/openvpn/test_server/keys').with( + 'ensure' => 'link', + 'target' => '/etc/openvpn/test_server/easy-rsa/keys' + )} + + # Execs to working with certificates + it { should contain_exec('copy easy-rsa to openvpn config folder test_server').with( + 'command' => '/bin/cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn/test_server/easy-rsa' + )} + it { should contain_exec('generate dh param test_server') } + it { should contain_exec('initca test_server') } + it { should contain_exec('generate server cert test_server') } + + # VPN server config file itself + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^mode\s+server$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^client\-config\-dir\s+\/etc\/openvpn\/test_server\/client\-configs$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^ca\s+\/etc\/openvpn\/test_server\/keys\/ca.crt$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^cert\s+\/etc\/openvpn\/test_server\/keys\/server.crt$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^key\s+\/etc\/openvpn\/test_server\/keys\/server.key$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^dh\s+\/etc\/openvpn\/test_server\/keys\/dh1024.pem$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^proto\s+tcp-server$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^tls-server$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^port\s+1194$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^comp-lzo$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^group\s+nogroup$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^user\s+nobody$/) } + it { should_not contain_file('/etc/openvpn/test_server.conf').with_content(/^log\-append\s+test_server\/openvpn\.log$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^status\s+test_server\/openvpn\-status\.log$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^dev\s+tun0$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^local\s+1\.2\.3\.4$/) } + it { should_not contain_file('/etc/openvpn/test_server.conf').with_content(/^ifconfig-pool-persist/) } + end + + context "creating a server setting all parameters" do + let(:params) { { + 'country' => 'CO', + 'province' => 'ST', + 'city' => 'Some City', + 'organization' => 'example.org', + 'email' => 'testemail@example.org', + 'compression' => 'fake_compression', + 'port' => '123', + 'proto' => 'udp', + 'group' => 'someone', + 'user' => 'someone', + 'logfile' => '/var/log/openvpn/test_server.log', + 'status_log' => '/var/log/openvpn/test_server_status.log', + 'dev' => 'tun1', + 'local' => '2.3.4.5', + 'ipp' => true, + 'server' => '2.3.4.0 255.255.0.0', + 'push' => [ 'dhcp-option DNS 172.31.0.30', 'route 172.31.0.0 255.255.0.0' ] + } } + + let (:facts) { { + :ipaddress_eth0 => '1.2.3.4', + :network_eth0 => '1.2.3.0', + :netmask_eth0 => '255.255.255.0', + :concat_basedir => '/var/lib/puppet/concat' + } } + + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^mode\s+server$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^client\-config\-dir\s+\/etc\/openvpn\/test_server\/client\-configs$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^ca\s+\/etc\/openvpn\/test_server\/keys\/ca.crt$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^cert\s+\/etc\/openvpn\/test_server\/keys\/server.crt$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^key\s+\/etc\/openvpn\/test_server\/keys\/server.key$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^dh\s+\/etc\/openvpn\/test_server\/keys\/dh1024.pem$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^proto\s+udp$/) } + it { should_not contain_file('/etc/openvpn/test_server.conf').with_content(/^proto\s+tls-server$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^port\s+123$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^fake_compression$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^group\s+someone$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^user\s+someone$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^log\-append\s+\/var\/log\/openvpn\/test_server\.log$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^status\s+\/var\/log\/openvpn\/test_server_status\.log$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^dev\s+tun1$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^local\s+2\.3\.4\.5$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^server\s+2\.3\.4\.0\s+255\.255\.0\.0$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^push\s+dhcp-option\s+DNS\s+172\.31\.0\.30$/) } + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^push\s+route\s+172\.31\.0\.0\s+255\.255\.0\.0$/) } + end + + context "when RedHat based machine" do + let(:params) { { + 'country' => 'CO', + 'province' => 'ST', + 'city' => 'Some City', + 'organization' => 'example.org', + 'email' => 'testemail@example.org' + } } + + let(:facts) { { :osfamily => 'RedHat', :concat_basedir => '/var/lib/puppet/concat' } } + + it { should contain_file('/etc/openvpn/test_server/easy-rsa/openssl.cnf').with( + 'ensure' => 'link', + 'target' => '/etc/openvpn/test_server/easy-rsa/openssl-1.0.0.cnf' + )} + + it { should contain_exec('copy easy-rsa to openvpn config folder test_server').with( + 'command' => '/bin/cp -r /usr/share/doc/openvpn-2.2.2/easy-rsa/2.0 /etc/openvpn/test_server/easy-rsa' + )} + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^group\s+nobody$/) } + + end + + context "when Debian based machine" do + let(:params) { { + 'country' => 'CO', + 'province' => 'ST', + 'city' => 'Some City', + 'organization' => 'example.org', + 'email' => 'testemail@example.org' + } } + + let(:facts) { { :osfamily => 'Debian', :concat_basedir => '/var/lib/puppet/concat' } } + + it { should contain_file('/etc/openvpn/test_server/easy-rsa/openssl.cnf').with( + 'ensure' => 'link', + 'target' => '/etc/openvpn/test_server/easy-rsa/openssl-1.0.0.cnf' + )} + + it { should contain_exec('copy easy-rsa to openvpn config folder test_server').with( + 'command' => '/bin/cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn/test_server/easy-rsa' + )} + + # Configure to start vpn session + it { should contain_concat__fragment('openvpn.default.autostart.test_server').with( + 'content' => "AUTOSTART=\"$AUTOSTART test_server\"\n", + 'target' => '/etc/default/openvpn' + )} + + it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^group\s+nogroup$/) } + + end + +end diff --git a/puppet/modules/openvpn/spec/spec_helper.rb b/puppet/modules/openvpn/spec/spec_helper.rb new file mode 100644 index 00000000..dc7e9f4a --- /dev/null +++ b/puppet/modules/openvpn/spec/spec_helper.rb @@ -0,0 +1,2 @@ +require 'rubygems' +require 'puppetlabs_spec_helper/module_spec_helper' -- cgit v1.2.3 From d6719731dce8ee7e048a16a447a426abcaa44f24 Mon Sep 17 00:00:00 2001 From: elijah Date: Thu, 21 Jul 2016 12:13:24 -0700 Subject: remove openvpn submodule --- .../openvpn/spec/classes/openvpn_config_spec.rb | 15 -- .../openvpn/spec/classes/openvpn_init_spec.rb | 9 -- .../openvpn/spec/classes/openvpn_install_spec.rb | 11 -- .../openvpn/spec/classes/openvpn_service_spec.rb | 13 -- .../openvpn/spec/defines/openvpn_client_spec.rb | 88 ----------- .../defines/openvpn_client_specific_config_spec.rb | 40 ----- .../openvpn/spec/defines/openvpn_server_spec.rb | 165 --------------------- puppet/modules/openvpn/spec/spec_helper.rb | 2 - 8 files changed, 343 deletions(-) delete mode 100644 puppet/modules/openvpn/spec/classes/openvpn_config_spec.rb delete mode 100644 puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb delete mode 100644 puppet/modules/openvpn/spec/classes/openvpn_install_spec.rb delete mode 100644 puppet/modules/openvpn/spec/classes/openvpn_service_spec.rb delete mode 100644 puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb delete mode 100644 puppet/modules/openvpn/spec/defines/openvpn_client_specific_config_spec.rb delete mode 100644 puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb delete mode 100644 puppet/modules/openvpn/spec/spec_helper.rb (limited to 'puppet/modules/openvpn/spec') diff --git a/puppet/modules/openvpn/spec/classes/openvpn_config_spec.rb b/puppet/modules/openvpn/spec/classes/openvpn_config_spec.rb deleted file mode 100644 index bbb63a77..00000000 --- a/puppet/modules/openvpn/spec/classes/openvpn_config_spec.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'spec_helper' - -describe 'openvpn::config', :type => :class do - - it { should create_class('openvpn::config') } - - context "on Debian based machines" do - let (:facts) { { :osfamily => 'Debian', :concat_basedir => '/var/lib/puppet/concat' } } - - it { should contain_class('concat::setup') } - it { should contain_concat('/etc/default/openvpn') } - it { should contain_concat__fragment('openvpn.default.header') } - end - -end diff --git a/puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb b/puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb deleted file mode 100644 index 45dcc9bf..00000000 --- a/puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb +++ /dev/null @@ -1,9 +0,0 @@ -require 'spec_helper' - -describe 'openvpn', :type => :class do - - let (:facts) { { :concat_basedir => '/var/lib/puppet/concat' } } - - it { should create_class('openvpn') } - -end diff --git a/puppet/modules/openvpn/spec/classes/openvpn_install_spec.rb b/puppet/modules/openvpn/spec/classes/openvpn_install_spec.rb deleted file mode 100644 index cdb31358..00000000 --- a/puppet/modules/openvpn/spec/classes/openvpn_install_spec.rb +++ /dev/null @@ -1,11 +0,0 @@ -require 'spec_helper' - -describe 'openvpn::install', :type => :class do - - it { should create_class('openvpn::install') } - it { should contain_package('openvpn') } - - it { should contain_file('/etc/openvpn').with('ensure' => 'directory') } - it { should contain_file('/etc/openvpn/keys').with('ensure' => 'directory') } - -end diff --git a/puppet/modules/openvpn/spec/classes/openvpn_service_spec.rb b/puppet/modules/openvpn/spec/classes/openvpn_service_spec.rb deleted file mode 100644 index f427e7f1..00000000 --- a/puppet/modules/openvpn/spec/classes/openvpn_service_spec.rb +++ /dev/null @@ -1,13 +0,0 @@ -require 'spec_helper' - -describe 'openvpn::service', :type => :class do - - let (:facts) { { :concat_basedir => '/var/lib/puppet/concat' } } - - it { should create_class('openvpn::service') } - it { should contain_service('openvpn').with( - 'ensure' => 'running', - 'enable' => true - ) } - -end diff --git a/puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb b/puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb deleted file mode 100644 index a4b580e8..00000000 --- a/puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb +++ /dev/null @@ -1,88 +0,0 @@ -require 'spec_helper' - -describe 'openvpn::client', :type => :define do - let(:title) { 'test_client' } - let(:params) { { 'server' => 'test_server' } } - let(:facts) { { :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat' } } - let(:pre_condition) do - 'openvpn::server { "test_server": - country => "CO", - province => "ST", - city => "Some City", - organization => "example.org", - email => "testemail@example.org" - }' - end - - it { should contain_exec('generate certificate for test_client in context of test_server') } - - [ 'test_client', 'test_client/keys'].each do |directory| - it { should contain_file("/etc/openvpn/test_server/download-configs/#{directory}") } - end - - [ 'test_client.crt', 'test_client.key', 'ca.crt' ].each do |file| - it { should contain_file("/etc/openvpn/test_server/download-configs/test_client/keys/#{file}").with( - 'ensure' => 'link', - 'target' => "/etc/openvpn/test_server/easy-rsa/keys/#{file}" - )} - end - - it { should contain_exec('tar the thing test_server with test_client').with( - 'cwd' => '/etc/openvpn/test_server/download-configs/', - 'command' => '/bin/rm test_client.tar.gz; tar --exclude=\*.conf.d -chzvf test_client.tar.gz test_client' - ) } - - context "setting the minimum parameters" do - let(:params) { { 'server' => 'test_server' } } - let(:facts) { { :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat' } } - - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^client$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^ca\s+keys\/ca\.crt$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^cert\s+keys\/test_client.crt$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^key\s+keys\/test_client\.key$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^dev\s+tun$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^proto\s+tcp$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^remote\s+somehost\s+1194$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^comp-lzo$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^resolv-retry\s+infinite$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^nobind$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^persist-key$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^persist-tun$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^mute-replay-warnings$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^ns\-cert\-type\s+server$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^verb\s+3$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^mute\s+20$/)} - end - - context "setting all of the parameters" do - let(:params) { { - 'server' => 'test_server', - 'compression' => 'comp-something', - 'dev' => 'tap', - 'mute' => 10, - 'mute_replay_warnings' => false, - 'nobind' => false, - 'persist_key' => false, - 'persist_tun' => false, - 'port' => '123', - 'proto' => 'udp', - 'remote_host' => 'somewhere', - 'resolv_retry' => '2m', - 'verb' => '1' - } } - let(:facts) { { :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat' } } - - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^client$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^ca\s+keys\/ca\.crt$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^cert\s+keys\/test_client.crt$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^key\s+keys\/test_client\.key$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^dev\s+tap$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^proto\s+udp$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^remote\s+somewhere\s+123$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^comp-something$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^resolv-retry\s+2m$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^verb\s+1$/)} - it { should contain_file('/etc/openvpn/test_server/download-configs/test_client/test_client.conf').with_content(/^mute\s+10$/)} - end - -end diff --git a/puppet/modules/openvpn/spec/defines/openvpn_client_specific_config_spec.rb b/puppet/modules/openvpn/spec/defines/openvpn_client_specific_config_spec.rb deleted file mode 100644 index cfdab389..00000000 --- a/puppet/modules/openvpn/spec/defines/openvpn_client_specific_config_spec.rb +++ /dev/null @@ -1,40 +0,0 @@ -require 'spec_helper' - -describe 'openvpn::client_specific_config', :type => :define do - let(:title) { 'test_client' } - let(:params) { { 'server' => 'test_server' } } - let(:facts) { { :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat' } } - let(:pre_condition) do - [ - 'openvpn::server { "test_server": - country => "CO", - province => "ST", - city => "Some City", - organization => "example.org", - email => "testemail@example.org" - }', - 'openvpn::client { "test_client": - server => "test_server" - }' - ].join - end - - it { should contain_file('/etc/openvpn/test_server/client-configs/test_client') } - - describe "setting no paramter at all" do - it { should contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(/\A\n\z/) } - end - - describe "setting all parameters" do - let(:params) do - {:server => 'test_server', - :iroute => ['10.0.1.0 255.255.255.0'], - :ifconfig => '10.10.10.2 255.255.255.0', - :dhcp_options => ['DNS 8.8.8.8']} - end - - it { should contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(/^iroute 10.0.1.0 255.255.255.0$/) } - it { should contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(/^ifconfig-push 10.10.10.2 255.255.255.0$/) } - it { should contain_file('/etc/openvpn/test_server/client-configs/test_client').with_content(/^push dhcp-option DNS 8.8.8.8$/) } - end -end diff --git a/puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb b/puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb deleted file mode 100644 index 467be6aa..00000000 --- a/puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb +++ /dev/null @@ -1,165 +0,0 @@ -require 'spec_helper' - -describe 'openvpn::server', :type => :define do - - let(:title) { 'test_server' } - - context "creating a server with the minimum parameters" do - let(:params) { { - 'country' => 'CO', - 'province' => 'ST', - 'city' => 'Some City', - 'organization' => 'example.org', - 'email' => 'testemail@example.org' - } } - - let (:facts) { { - :ipaddress_eth0 => '1.2.3.4', - :network_eth0 => '1.2.3.0', - :netmask_eth0 => '255.255.255.0', - :concat_basedir => '/var/lib/puppet/concat', - :osfamily => 'anything_else' - } } - - # Files associated with a server config - it { should contain_file('/etc/openvpn/test_server').with('ensure' => 'directory')} - it { should contain_file('/etc/openvpn/test_server/client-configs').with('ensure' => 'directory')} - it { should contain_file('/etc/openvpn/test_server/download-configs').with('ensure' => 'directory')} - it { should contain_file('/etc/openvpn/test_server/easy-rsa/vars')} - it { should contain_file('/etc/openvpn/test_server/easy-rsa/openssl.cnf')} - it { should contain_file('/etc/openvpn/test_server/keys').with( - 'ensure' => 'link', - 'target' => '/etc/openvpn/test_server/easy-rsa/keys' - )} - - # Execs to working with certificates - it { should contain_exec('copy easy-rsa to openvpn config folder test_server').with( - 'command' => '/bin/cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn/test_server/easy-rsa' - )} - it { should contain_exec('generate dh param test_server') } - it { should contain_exec('initca test_server') } - it { should contain_exec('generate server cert test_server') } - - # VPN server config file itself - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^mode\s+server$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^client\-config\-dir\s+\/etc\/openvpn\/test_server\/client\-configs$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^ca\s+\/etc\/openvpn\/test_server\/keys\/ca.crt$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^cert\s+\/etc\/openvpn\/test_server\/keys\/server.crt$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^key\s+\/etc\/openvpn\/test_server\/keys\/server.key$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^dh\s+\/etc\/openvpn\/test_server\/keys\/dh1024.pem$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^proto\s+tcp-server$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^tls-server$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^port\s+1194$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^comp-lzo$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^group\s+nogroup$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^user\s+nobody$/) } - it { should_not contain_file('/etc/openvpn/test_server.conf').with_content(/^log\-append\s+test_server\/openvpn\.log$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^status\s+test_server\/openvpn\-status\.log$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^dev\s+tun0$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^local\s+1\.2\.3\.4$/) } - it { should_not contain_file('/etc/openvpn/test_server.conf').with_content(/^ifconfig-pool-persist/) } - end - - context "creating a server setting all parameters" do - let(:params) { { - 'country' => 'CO', - 'province' => 'ST', - 'city' => 'Some City', - 'organization' => 'example.org', - 'email' => 'testemail@example.org', - 'compression' => 'fake_compression', - 'port' => '123', - 'proto' => 'udp', - 'group' => 'someone', - 'user' => 'someone', - 'logfile' => '/var/log/openvpn/test_server.log', - 'status_log' => '/var/log/openvpn/test_server_status.log', - 'dev' => 'tun1', - 'local' => '2.3.4.5', - 'ipp' => true, - 'server' => '2.3.4.0 255.255.0.0', - 'push' => [ 'dhcp-option DNS 172.31.0.30', 'route 172.31.0.0 255.255.0.0' ] - } } - - let (:facts) { { - :ipaddress_eth0 => '1.2.3.4', - :network_eth0 => '1.2.3.0', - :netmask_eth0 => '255.255.255.0', - :concat_basedir => '/var/lib/puppet/concat' - } } - - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^mode\s+server$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^client\-config\-dir\s+\/etc\/openvpn\/test_server\/client\-configs$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^ca\s+\/etc\/openvpn\/test_server\/keys\/ca.crt$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^cert\s+\/etc\/openvpn\/test_server\/keys\/server.crt$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^key\s+\/etc\/openvpn\/test_server\/keys\/server.key$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^dh\s+\/etc\/openvpn\/test_server\/keys\/dh1024.pem$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^proto\s+udp$/) } - it { should_not contain_file('/etc/openvpn/test_server.conf').with_content(/^proto\s+tls-server$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^port\s+123$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^fake_compression$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^group\s+someone$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^user\s+someone$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^log\-append\s+\/var\/log\/openvpn\/test_server\.log$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^status\s+\/var\/log\/openvpn\/test_server_status\.log$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^dev\s+tun1$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^local\s+2\.3\.4\.5$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^server\s+2\.3\.4\.0\s+255\.255\.0\.0$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^push\s+dhcp-option\s+DNS\s+172\.31\.0\.30$/) } - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^push\s+route\s+172\.31\.0\.0\s+255\.255\.0\.0$/) } - end - - context "when RedHat based machine" do - let(:params) { { - 'country' => 'CO', - 'province' => 'ST', - 'city' => 'Some City', - 'organization' => 'example.org', - 'email' => 'testemail@example.org' - } } - - let(:facts) { { :osfamily => 'RedHat', :concat_basedir => '/var/lib/puppet/concat' } } - - it { should contain_file('/etc/openvpn/test_server/easy-rsa/openssl.cnf').with( - 'ensure' => 'link', - 'target' => '/etc/openvpn/test_server/easy-rsa/openssl-1.0.0.cnf' - )} - - it { should contain_exec('copy easy-rsa to openvpn config folder test_server').with( - 'command' => '/bin/cp -r /usr/share/doc/openvpn-2.2.2/easy-rsa/2.0 /etc/openvpn/test_server/easy-rsa' - )} - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^group\s+nobody$/) } - - end - - context "when Debian based machine" do - let(:params) { { - 'country' => 'CO', - 'province' => 'ST', - 'city' => 'Some City', - 'organization' => 'example.org', - 'email' => 'testemail@example.org' - } } - - let(:facts) { { :osfamily => 'Debian', :concat_basedir => '/var/lib/puppet/concat' } } - - it { should contain_file('/etc/openvpn/test_server/easy-rsa/openssl.cnf').with( - 'ensure' => 'link', - 'target' => '/etc/openvpn/test_server/easy-rsa/openssl-1.0.0.cnf' - )} - - it { should contain_exec('copy easy-rsa to openvpn config folder test_server').with( - 'command' => '/bin/cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn/test_server/easy-rsa' - )} - - # Configure to start vpn session - it { should contain_concat__fragment('openvpn.default.autostart.test_server').with( - 'content' => "AUTOSTART=\"$AUTOSTART test_server\"\n", - 'target' => '/etc/default/openvpn' - )} - - it { should contain_file('/etc/openvpn/test_server.conf').with_content(/^group\s+nogroup$/) } - - end - -end diff --git a/puppet/modules/openvpn/spec/spec_helper.rb b/puppet/modules/openvpn/spec/spec_helper.rb deleted file mode 100644 index dc7e9f4a..00000000 --- a/puppet/modules/openvpn/spec/spec_helper.rb +++ /dev/null @@ -1,2 +0,0 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/module_spec_helper' -- cgit v1.2.3 From 2df23a682b9a1a99502c79d7112dcefeecf63619 Mon Sep 17 00:00:00 2001 From: elijah Date: Thu, 21 Jul 2016 12:13:33 -0700 Subject: git subrepo clone https://leap.se/git/puppet_openvpn puppet/modules/openvpn subrepo: subdir: "puppet/modules/openvpn" merged: "ba7ec7a" upstream: origin: "https://leap.se/git/puppet_openvpn" branch: "master" commit: "ba7ec7a" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo" commit: "cb2995b" --- .../openvpn/spec/classes/openvpn_init_spec.rb | 20 ++++ .../openvpn/spec/defines/openvpn_client_spec.rb | 116 +++++++++++++++++++++ .../openvpn/spec/defines/openvpn_option_spec.rb | 42 ++++++++ .../openvpn/spec/defines/openvpn_server_spec.rb | 109 +++++++++++++++++++ puppet/modules/openvpn/spec/spec_helper.rb | 2 + 5 files changed, 289 insertions(+) create mode 100644 puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb create mode 100644 puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb create mode 100644 puppet/modules/openvpn/spec/defines/openvpn_option_spec.rb create mode 100644 puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb create mode 100644 puppet/modules/openvpn/spec/spec_helper.rb (limited to 'puppet/modules/openvpn/spec') diff --git a/puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb b/puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb new file mode 100644 index 00000000..cdfdea19 --- /dev/null +++ b/puppet/modules/openvpn/spec/classes/openvpn_init_spec.rb @@ -0,0 +1,20 @@ +require 'spec_helper' + +describe 'openvpn', :type => :class do + + let (:facts) { { :concat_basedir => '/var/lib/puppet/concat' } } + + it { should create_class('openvpn') } + it { should contain_class('concat::setup') } + it { should contain_package('openvpn') } + it { should contain_service('openvpn').with( + 'ensure' => 'running', + 'enable' => true + ) } + + it { should contain_file('/etc/openvpn').with('ensure' => 'directory') } + it { should contain_file('/etc/openvpn/keys').with('ensure' => 'directory') } + + it { should contain_concat__fragment('openvpn.default.header') } + +end diff --git a/puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb b/puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb new file mode 100644 index 00000000..da71d63d --- /dev/null +++ b/puppet/modules/openvpn/spec/defines/openvpn_client_spec.rb @@ -0,0 +1,116 @@ +require 'spec_helper' + +describe 'openvpn::client', :type => :define do + let(:title) { 'test_client' } + let(:params) { { 'server' => 'test_server' } } + let(:facts) { { :fqdn => 'somehost', :concat_basedir => '/var/lib/puppet/concat' } } + + it { should contain_exec('generate certificate for test_client in context of test_server') } + + [ 'test_client', 'test_client/keys'].each do |directory| + it { should contain_file("/etc/openvpn/test_server/download-configs/#{directory}") } + end + + [ 'test_client.crt', 'test_client.key', 'ca.crt' ].each do |file| + it { should contain_file("/etc/openvpn/test_server/download-configs/test_client/keys/#{file}").with( + 'ensure' => 'link', + 'target' => "/etc/openvpn/test_server/easy-rsa/keys/#{file}" + )} + end + + it { should contain_exec('tar the thing test_server with test_client').with( + 'cwd' => '/etc/openvpn/test_server/download-configs/', + 'command' => '/bin/rm test_client.tar.gz; tar --exclude=\*.conf.d -chzvf test_client.tar.gz test_client' + ) } + + it { should contain_openvpn__option('ca test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'ca', + 'value' => 'keys/ca.crt' + )} + it { should contain_openvpn__option('cert test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'cert', + 'value' => 'keys/test_client.crt' + )} + it { should contain_openvpn__option('key test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'key', + 'value' => 'keys/test_client.key' + )} + it { should contain_openvpn__option('client test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'client' + )} + it { should contain_openvpn__option('dev test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'dev', + 'value' => 'tun' + )} + it { should contain_openvpn__option('proto test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'proto', + 'value' => 'tcp' + )} + it { should contain_openvpn__option('remote test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'remote', + 'value' => 'somehost 1194' + )} + it { should contain_openvpn__option('resolv-retry test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'resolv-retry', + 'value' => 'infinite' + )} + it { should contain_openvpn__option('nobind test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'nobind' + )} + it { should contain_openvpn__option('persist-key test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'persist-key' + )} + it { should contain_openvpn__option('persist-tun test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'persist-tun' + )} + it { should contain_openvpn__option('mute-replay-warnings test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'mute-replay-warnings' + )} + it { should contain_openvpn__option('ns-cert-type test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'ns-cert-type', + 'value' => 'server' + )} + it { should contain_openvpn__option('comp-lzo test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'comp-lzo' + )} + it { should contain_openvpn__option('verb test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'verb', + 'value' => '3' + )} + it { should contain_openvpn__option('mute test_server with test_client').with( + 'server' => 'test_server', + 'client' => 'test_client', + 'key' => 'mute', + 'value' => '20' + )} +end diff --git a/puppet/modules/openvpn/spec/defines/openvpn_option_spec.rb b/puppet/modules/openvpn/spec/defines/openvpn_option_spec.rb new file mode 100644 index 00000000..a2d1661d --- /dev/null +++ b/puppet/modules/openvpn/spec/defines/openvpn_option_spec.rb @@ -0,0 +1,42 @@ +require 'spec_helper' + +describe 'openvpn::option', :type => :define do + + let(:title) { 'test_param' } + + context "when key => 'test_key', server => 'test_server'" do + let(:params) { { 'key' => 'test_key', 'server' => 'test_server' } } + + it { should contain_concat__fragment('openvpn.test_server..test_param').with( + 'target' => '/etc/openvpn/test_server.conf', + 'content' => "test_key\n" + ) } + end + + context "when key => 'test_key', value => 'test_value', server => 'test_server'" do + let(:params) { { 'key' => 'test_key', 'value' => 'test_value', 'server' => 'test_server' } } + + it { should contain_concat__fragment('openvpn.test_server..test_param').with( + 'target' => '/etc/openvpn/test_server.conf', + 'content' => "test_key test_value\n" + ) } + end + + context "when key => 'test_key', server => 'test_server', client => 'test_client'" do + let(:params) { { 'key' => 'test_key', 'server' => 'test_server', 'client' => 'test_client' } } + + it { should contain_concat__fragment('openvpn.test_server.test_client.test_param').with( + 'target' => '/etc/openvpn/test_server/download-configs/test_client/test_client.conf', + 'content' => "test_key\n" + ) } + end + + context "when key => 'test_key', server => 'test_server', client => 'test_client', csc => true" do + let(:params) { { 'key' => 'test_key', 'server' => 'test_server', 'client' => 'test_client', 'csc' => 'true' } } + + it { should contain_concat__fragment('openvpn.test_server.test_client.test_param').with( + 'target' => '/etc/openvpn/test_server/client-configs/test_client', + 'content' => "test_key\n" + ) } + end +end diff --git a/puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb b/puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb new file mode 100644 index 00000000..1032302e --- /dev/null +++ b/puppet/modules/openvpn/spec/defines/openvpn_server_spec.rb @@ -0,0 +1,109 @@ +require 'spec_helper' + +describe 'openvpn::server', :type => :define do + + let(:title) { 'test_server' } + let(:params) { { + 'country' => 'CO', + 'province' => 'ST', + 'city' => 'Some City', + 'organization' => 'example.org', + 'email' => 'testemail@example.org' + } } + + let (:facts) { { :concat_basedir => '/var/lib/puppet/concat' } } + + # Files associated with a server config + it { should contain_file('/etc/openvpn/test_server').with('ensure' => 'directory')} + it { should contain_file('/etc/openvpn/test_server/client-configs').with('ensure' => 'directory')} + it { should contain_file('/etc/openvpn/test_server/download-configs').with('ensure' => 'directory')} + it { should contain_file('/etc/openvpn/test_server/easy-rsa/vars')} + it { should contain_file('/etc/openvpn/test_server/easy-rsa/openssl.cnf')} + it { should contain_file('/etc/openvpn/test_server/keys').with( + 'ensure' => 'link', + 'target' => '/etc/openvpn/test_server/easy-rsa/keys' + )} + + it { should contain_concat__fragment('openvpn.default.autostart.test_server').with( + 'content' => "AUTOSTART=\"$AUTOSTART test_server\"\n", + 'target' => '/etc/default/openvpn' + )} + + # Execs to working with certificates + it { should contain_exec('copy easy-rsa to openvpn config folder test_server').with( + 'command' => '/bin/cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn/test_server/easy-rsa' + )} + it { should contain_exec('generate dh param test_server') } + it { should contain_exec('initca test_server') } + it { should contain_exec('generate server cert test_server') } + + # Options that should be set + it { should contain_openvpn__option('client-config-dir test_server').with( + 'server' => 'test_server', + 'key' => 'client-config-dir', + 'value' => '/etc/openvpn/test_server/client-configs' + )} + it { should contain_openvpn__option('mode test_server').with( + 'server' => 'test_server', + 'key' => 'mode', + 'value' => 'server' + )} + it { should contain_openvpn__option('ca test_server').with( + 'server' => 'test_server', + 'key' => 'ca', + 'value' => '/etc/openvpn/test_server/keys/ca.crt' + )} + it { should contain_openvpn__option('cert test_server').with( + 'server' => 'test_server', + 'key' => 'cert', + 'value' => '/etc/openvpn/test_server/keys/server.crt' + )} + it { should contain_openvpn__option('key test_server').with( + 'server' => 'test_server', + 'key' => 'key', + 'value' => '/etc/openvpn/test_server/keys/server.key' + )} + it { should contain_openvpn__option('dh test_server').with( + 'server' => 'test_server', + 'key' => 'dh', + 'value' => '/etc/openvpn/test_server/keys/dh1024.pem' + )} + it { should contain_openvpn__option('proto test_server').with( + 'server' => 'test_server', + 'key' => 'proto', + 'value' => 'tcp' + )} + it { should contain_openvpn__option('comp-lzo test_server').with( + 'server' => 'test_server', + 'key' => 'comp-lzo' + )} + + context "when RedHat based machine" do + let(:facts) { { :osfamily => 'RedHat', :concat_basedir => '/var/lib/puppet/concat' } } + + it { should contain_file('/etc/openvpn/test_server/easy-rsa/openssl.cnf').with( + 'ensure' => 'link', + 'target' => '/etc/openvpn/test_server/easy-rsa/openssl-1.0.0.cnf' + )} + + it { should contain_exec('copy easy-rsa to openvpn config folder test_server').with( + 'command' => '/bin/cp -r /usr/share/doc/openvpn-2.2.2/easy-rsa/2.0 /etc/openvpn/test_server/easy-rsa' + )} + + end + + context "when Debian based machine" do + let(:facts) { { :osfamily => 'Debian', :concat_basedir => '/var/lib/puppet/concat' } } + + it { should contain_file('/etc/openvpn/test_server/easy-rsa/openssl.cnf').with( + 'ensure' => 'link', + 'target' => '/etc/openvpn/test_server/easy-rsa/openssl-1.0.0.cnf' + )} + + it { should contain_exec('copy easy-rsa to openvpn config folder test_server').with( + 'command' => '/bin/cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn/test_server/easy-rsa' + )} + + end + +end diff --git a/puppet/modules/openvpn/spec/spec_helper.rb b/puppet/modules/openvpn/spec/spec_helper.rb new file mode 100644 index 00000000..dc7e9f4a --- /dev/null +++ b/puppet/modules/openvpn/spec/spec_helper.rb @@ -0,0 +1,2 @@ +require 'rubygems' +require 'puppetlabs_spec_helper/module_spec_helper' -- cgit v1.2.3