From 914df896d915cea5acade2732526d3bbc75b176d Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Tue, 1 Nov 2016 21:29:31 +0100
Subject: make it possible to also add pregenerated private keys for onion
 services or even let them pregenerate on the fly

---
 spec/defines/daemon_hidden_service_spec.rb | 122 +++++++++++++++++++++++++++++
 spec/tmp/.keep                             |   0
 2 files changed, 122 insertions(+)
 create mode 100644 spec/defines/daemon_hidden_service_spec.rb
 create mode 100644 spec/tmp/.keep

(limited to 'spec')

diff --git a/spec/defines/daemon_hidden_service_spec.rb b/spec/defines/daemon_hidden_service_spec.rb
new file mode 100644
index 0000000..7a3aae6
--- /dev/null
+++ b/spec/defines/daemon_hidden_service_spec.rb
@@ -0,0 +1,122 @@
+require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper'))
+require 'openssl'
+
+describe 'tor::daemon::hidden_service', :type => 'define' do
+  let(:default_facts) {
+    {
+      :osfamily        => 'RedHat',
+      :operatingsystem => 'CentOS',
+    }
+  }
+  let(:title){ 'test_os' }
+  let(:facts){ default_facts }
+  let(:pre_condition){'Exec{path => "/bin"}
+                      include tor::daemon' }
+  describe 'with standard' do
+    it { is_expected.to compile.with_all_deps }
+
+    it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with(
+      :ensure  => 'present',
+      :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/,
+      :order   => '05',
+      :target  => '/etc/tor/torrc',
+    )}
+    it { is_expected.to_not contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort/) }
+    it { is_expected.to_not contain_file('/var/lib/tor/test_os') }
+    context 'on Debian' do
+      let(:facts) {
+        {
+          :osfamily        => 'Debian',
+          :operatingsystem => 'Debian',
+        }
+      }
+      it { is_expected.to compile.with_all_deps }
+      it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with(
+        :ensure  => 'present',
+        :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/,
+        :order   => '05',
+        :target  => '/etc/tor/torrc',
+      )}
+      it { is_expected.to_not contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort/) }
+      it { is_expected.to_not contain_file('/var/lib/tor/test_os') }
+    end
+    context 'with differt port params' do
+      let(:params){
+        {
+          :ports => ['25','443 192.168.0.1:8443']
+        }
+      }
+      it { is_expected.to compile.with_all_deps }
+      it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 25 127.0.0.1:25/) }
+      it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 443 192.168.0.1:8443/) }
+      it { is_expected.to_not contain_file('/var/lib/tor/test_os') }
+    end
+    context 'with private_key' do
+      let(:params){
+        {
+          :ports       => ['80'],
+          :private_key => OpenSSL::PKey::RSA.generate(1024).to_s,
+        }
+      }
+      it { is_expected.to compile.with_all_deps }
+      it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) }
+      it { is_expected.to contain_file('/var/lib/tor/test_os').with(
+        :ensure  => 'directory',
+        :purge   => true,
+        :force   => true,
+        :recurse => true,
+        :owner   => 'toranon',
+        :group   => 'toranon',
+        :mode    => '0750',
+        :require => 'Package[tor]',
+      )}
+      it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with(
+        :content => /^[a-z2-7]{16}\.onion\n/,
+        :owner   => 'toranon',
+        :group   => 'toranon',
+        :mode    => '0600',
+        :notify  => 'Service[tor]',
+      )}
+      it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with(
+        :owner   => 'toranon',
+        :group   => 'toranon',
+        :mode    => '0600',
+        :notify  => 'Service[tor]',
+      )}
+    end
+    context 'with private key to generate' do
+      let(:params){
+        {
+          :ports                  => ['80'],
+          :private_key_name       => 'test_os',
+          :private_key_store_path => File.expand_path(File.join(File.dirname(__FILE__),'..','tmp')),
+        }
+      }
+      it { is_expected.to compile.with_all_deps }
+      it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) }
+      it { is_expected.to contain_file('/var/lib/tor/test_os').with(
+        :ensure  => 'directory',
+        :purge   => true,
+        :force   => true,
+        :recurse => true,
+        :owner   => 'toranon',
+        :group   => 'toranon',
+        :mode    => '0750',
+        :require => 'Package[tor]',
+      )}
+      it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with(
+        :content => /^[a-z2-7]{16}\.onion\n/,
+        :owner   => 'toranon',
+        :group   => 'toranon',
+        :mode    => '0600',
+        :notify  => 'Service[tor]',
+      )}
+      it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with(
+        :owner   => 'toranon',
+        :group   => 'toranon',
+        :mode    => '0600',
+        :notify  => 'Service[tor]',
+      )}
+    end
+  end
+end
diff --git a/spec/tmp/.keep b/spec/tmp/.keep
new file mode 100644
index 0000000..e69de29
-- 
cgit v1.2.3