jimeh/ansible-adguardhome
1
0
Fork 0
mirror of https://github.com/jimeh/ansible-adguardhome.git synced 2026-02-19 07:06:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

test: Add with-config and change-to-non-root-user test scenarios

Browse Source 
Also run test scenarios in parallel on GitHub Actions.
This commit is contained in:
Jim Myhrberg
2020-01-18 02:13:55 +00:00
parent 0ba86ec5f5
commit 8f1ed8aa02
14 changed files with 599 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.github/workflows/ci.yml vendored
View File

@@ -8,7 +8,11 @@ jobs:
strategy:
max-parallel: 4
matrix:
python-version: [2.7, 3.6, 3.7]
python-version: [3.6, 3.7]
scenario:
- default
- with-config
- change-to-non-root-user
steps:
- uses: actions/checkout@v1
- name: Set up Python ${{ matrix.python-version }}
@@ -17,9 +21,9 @@ jobs:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
sudo apt install docker
sudo apt-get install -y docker
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Test with molecule
run: |
molecule test --all
molecule test -s ${{ matrix.scenario }}

41
molecule/change-to-non-root-user/Dockerfile.j2 Normal file
View File

@@ -0,0 +1,41 @@
# Molecule managed
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then \
apt-get update && \
apt-get install -y python3 python3-pip sudo bash ca-certificates \
net-tools && \
pip3 install --upgrade pip && \
apt-get clean; \
elif [ $(command -v dnf) ]; then \
dnf makecache && \
dnf --assumeyes install \
sudo python3 python3-pip *python-devel python*-dnf bash \
net-tools && \
pip3 install --upgrade pip && \
dnf clean all; \
elif [ $(command -v yum) ]; then \
yum makecache fast && \
yum install -y epel-release && \
yum update -y && \
yum install -y python python-pip python-setuptools sudo \
yum-plugin-ovl bash net-tools && \
sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && \
yum clean all; \
elif [ $(command -v zypper) ]; then \
zypper refresh && \
zypper install -y python sudo bash python-xml && \
zypper clean -a; \
elif [ $(command -v apk) ]; then \
apk update && \
apk add --no-cache python sudo bash ca-certificates; \
elif [ $(command -v xbps-install) ]; then \
xbps-install -Syu && \
xbps-install -y python sudo bash ca-certificates && \
xbps-remove -O; \
fi

22
molecule/change-to-non-root-user/INSTALL.rst Normal file
View File

@@ -0,0 +1,22 @@
*******
Docker driver installation guide
*******
Requirements
============
* Docker Engine
Install
=======
Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
.. code-block:: bash
$ pip install 'molecule[docker]'

50
molecule/change-to-non-root-user/molecule.yml Normal file
View File

@@ -0,0 +1,50 @@
---
dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
platforms:
- name: centos-7
image: centos:7
command: /sbin/init
tmpfs:
- /run
- /tmp
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: centos-8
image: centos:8
command: /sbin/init
tmpfs:
- /run
- /tmp
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: ubuntu-16.04
image: jrei/systemd-ubuntu:16.04
command: /sbin/init
privileged: true
tmpfs:
- /run
- /tmp
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: ubuntu-18.04
image: jrei/systemd-ubuntu:18.04
command: /sbin/init
privileged: true
tmpfs:
- /run
- /tmp
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
provisioner:
name: ansible
lint:
name: ansible-lint
verifier:
name: testinfra
lint:
name: flake8

7
molecule/change-to-non-root-user/playbook.yml Normal file
View File

@@ -0,0 +1,7 @@
---
- name: Converge
hosts: all
roles:
- role: ansible-adguardhome
vars:
adguardhome_user: adguard

113
molecule/change-to-non-root-user/prepare.yml Normal file
View File

@@ -0,0 +1,113 @@
---
- name: Prepare
hosts: all
tasks:
- name: Create config directory
file:
path: /opt/adguardhome/config
state: directory
mode: "0755"
owner: root
group: root
- name: Create default config file
copy:
dest: /opt/adguardhome/config/AdGuardHome.yml
mode: "0644"
owner: root
group: root
content: |
bind_host: 0.0.0.0
bind_port: 80
users:
- name: admin
password: $2a$10$jPInhu056/kjOPSURiPGiumIimDmLKj4d95z4serf97K.KdAthFI.
language: ""
rlimit_nofile: 0
web_session_ttl: 720
dns:
bind_host: 0.0.0.0
port: 53
statistics_interval: 1
querylog_enabled: true
querylog_interval: 90
querylog_memsize: 0
protection_enabled: true
blocking_mode: null_ip
blocking_ipv4: ""
blocking_ipv6: ""
blocked_response_ttl: 10
ratelimit: 20
ratelimit_whitelist: []
refuse_any: true
bootstrap_dns:
- 9.9.9.9
- 149.112.112.112
all_servers: false
edns_client_subnet: false
allowed_clients: []
disallowed_clients: []
blocked_hosts: []
parental_block_host: family-block.dns.adguard.com
safebrowsing_block_host: standard-block.dns.adguard.com
cache_size: 4194304
upstream_dns:
- https://dns.quad9.net/dns-query
filtering_enabled: true
filters_update_interval: 24
parental_sensitivity: 0
parental_enabled: false
safesearch_enabled: false
safebrowsing_enabled: false
safebrowsing_cache_size: 1048576
safesearch_cache_size: 1048576
parental_cache_size: 1048576
cache_time: 30
rewrites: []
blocked_services: []
tls:
enabled: false
server_name: ""
force_https: false
port_https: 443
port_dns_over_tls: 853
allow_unencrypted_doh: false
certificate_chain: ""
private_key: ""
certificate_path: ""
private_key_path: ""
filters:
- enabled: true
url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
name: AdGuard Simplified Domain Names filter
id: 1
- enabled: false
url: https://adaway.org/hosts.txt
name: AdAway
id: 2
- enabled: false
url: https://hosts-file.net/ad_servers.txt
name: hpHosts - Ad and Tracking servers only
id: 3
- enabled: false
url: https://www.malwaredomainlist.com/hostslist/hosts.txt
name: MalwareDomainList.com Hosts List
id: 4
user_rules: []
dhcp:
enabled: false
interface_name: ""
gateway_ip: ""
subnet_mask: ""
range_start: ""
range_end: ""
lease_duration: 86400
icmp_timeout_msec: 1000
clients: []
log_file: ""
verbose: false
schema_version: 6
- name: Install and setup AdGuardHome for root user
include_role:
name: ansible-adguardhome
vars:
adguardhome_user: root

65
molecule/change-to-non-root-user/tests/test_default.py Normal file
View File

@@ -0,0 +1,65 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_adguardhome_config_dir(host):
d = host.file('/opt/adguardhome/config')
assert d.exists
assert d.is_directory
assert d.mode == 0o755
assert d.user == 'adguard'
assert d.group == 'adguard'
def test_adguardhome_config_file(host):
f = host.file('/opt/adguardhome/config/AdGuardHome.yml')
assert f.exists
assert f.is_file
assert f.mode == 0o644
assert f.user == 'adguard'
assert f.group == 'adguard'
def test_adguardhome_data_dir(host):
d = host.file('/opt/adguardhome')
assert d.exists
assert d.is_directory
assert d.mode == 0o755
assert d.user == 'adguard'
assert d.group == 'adguard'
def test_adguardhome_binary(host):
f = host.file("/opt/adguardhome/bin/AdGuardHome")
assert f.exists
assert f.is_file
assert f.mode == 0o755
assert f.user == 'adguard'
assert f.group == 'adguard'
def test_adguardhome_service(host):
s = host.service('adguardhome')
assert s.is_enabled
assert s.is_running
def test_adguardhome_http_service(host):
socket = host.socket('tcp://127.0.0.1:80')
assert socket.is_listening
def test_adguardhome_dns_service(host):
socket = host.socket('tcp://127.0.0.1:53')
assert socket.is_listening

4
molecule/default/Dockerfile.j2
View File

@@ -8,14 +8,16 @@ FROM {{ item.image }}
RUN if [ $(command -v apt-get) ]; then \
apt-get update && \
apt-get install -y python python-pip sudo bash ca-certificates \
apt-get install -y python3 python3-pip sudo bash ca-certificates \
net-tools && \
pip3 install --upgrade pip && \
apt-get clean; \
elif [ $(command -v dnf) ]; then \
dnf makecache && \
dnf --assumeyes install \
sudo python3 python3-pip *python-devel python*-dnf bash \
net-tools && \
pip3 install --upgrade pip && \
dnf clean all; \
elif [ $(command -v yum) ]; then \
yum makecache fast && \

41
molecule/with-config/Dockerfile.j2 Normal file
View File

@@ -0,0 +1,41 @@
# Molecule managed
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then \
apt-get update && \
apt-get install -y python3 python3-pip sudo bash ca-certificates \
net-tools && \
pip3 install --upgrade pip && \
apt-get clean; \
elif [ $(command -v dnf) ]; then \
dnf makecache && \
dnf --assumeyes install \
sudo python3 python3-pip *python-devel python*-dnf bash \
net-tools && \
pip3 install --upgrade pip && \
dnf clean all; \
elif [ $(command -v yum) ]; then \
yum makecache fast && \
yum install -y epel-release && \
yum update -y && \
yum install -y python python-pip python-setuptools sudo \
yum-plugin-ovl bash net-tools && \
sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && \
yum clean all; \
elif [ $(command -v zypper) ]; then \
zypper refresh && \
zypper install -y python sudo bash python-xml && \
zypper clean -a; \
elif [ $(command -v apk) ]; then \
apk update && \
apk add --no-cache python sudo bash ca-certificates; \
elif [ $(command -v xbps-install) ]; then \
xbps-install -Syu && \
xbps-install -y python sudo bash ca-certificates && \
xbps-remove -O; \
fi

22
molecule/with-config/INSTALL.rst Normal file
View File

@@ -0,0 +1,22 @@
*******
Docker driver installation guide
*******
Requirements
============
* Docker Engine
Install
=======
Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
.. code-block:: bash
$ pip install 'molecule[docker]'

50
molecule/with-config/molecule.yml Normal file
View File

@@ -0,0 +1,50 @@
---
dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
platforms:
- name: centos-7
image: centos:7
command: /sbin/init
tmpfs:
- /run
- /tmp
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: centos-8
image: centos:8
command: /sbin/init
tmpfs:
- /run
- /tmp
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: ubuntu-16.04
image: jrei/systemd-ubuntu:16.04
command: /sbin/init
privileged: true
tmpfs:
- /run
- /tmp
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: ubuntu-18.04
image: jrei/systemd-ubuntu:18.04
command: /sbin/init
privileged: true
tmpfs:
- /run
- /tmp
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
provisioner:
name: ansible
lint:
name: ansible-lint
verifier:
name: testinfra
lint:
name: flake8

5
molecule/with-config/playbook.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- name: Converge
hosts: all
roles:
- role: ansible-adguardhome

108
molecule/with-config/prepare.yml Normal file
View File

@@ -0,0 +1,108 @@
---
- name: Prepare
hosts: all
tasks:
- name: Create config directory
file:
path: /opt/adguardhome/config
state: directory
mode: "0755"
owner: root
group: root
- name: Create default config file
copy:
dest: /opt/adguardhome/config/AdGuardHome.yml
mode: "0644"
owner: root
group: root
content: |
bind_host: 0.0.0.0
bind_port: 80
users:
- name: admin
password: $2a$10$jPInhu056/kjOPSURiPGiumIimDmLKj4d95z4serf97K.KdAthFI.
language: ""
rlimit_nofile: 0
web_session_ttl: 720
dns:
bind_host: 0.0.0.0
port: 53
statistics_interval: 1
querylog_enabled: true
querylog_interval: 90
querylog_memsize: 0
protection_enabled: true
blocking_mode: null_ip
blocking_ipv4: ""
blocking_ipv6: ""
blocked_response_ttl: 10
ratelimit: 20
ratelimit_whitelist: []
refuse_any: true
bootstrap_dns:
- 9.9.9.9
- 149.112.112.112
all_servers: false
edns_client_subnet: false
allowed_clients: []
disallowed_clients: []
blocked_hosts: []
parental_block_host: family-block.dns.adguard.com
safebrowsing_block_host: standard-block.dns.adguard.com
cache_size: 4194304
upstream_dns:
- https://dns.quad9.net/dns-query
filtering_enabled: true
filters_update_interval: 24
parental_sensitivity: 0
parental_enabled: false
safesearch_enabled: false
safebrowsing_enabled: false
safebrowsing_cache_size: 1048576
safesearch_cache_size: 1048576
parental_cache_size: 1048576
cache_time: 30
rewrites: []
blocked_services: []
tls:
enabled: false
server_name: ""
force_https: false
port_https: 443
port_dns_over_tls: 853
allow_unencrypted_doh: false
certificate_chain: ""
private_key: ""
certificate_path: ""
private_key_path: ""
filters:
- enabled: true
url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
name: AdGuard Simplified Domain Names filter
id: 1
- enabled: false
url: https://adaway.org/hosts.txt
name: AdAway
id: 2
- enabled: false
url: https://hosts-file.net/ad_servers.txt
name: hpHosts - Ad and Tracking servers only
id: 3
- enabled: false
url: https://www.malwaredomainlist.com/hostslist/hosts.txt
name: MalwareDomainList.com Hosts List
id: 4
user_rules: []
dhcp:
enabled: false
interface_name: ""
gateway_ip: ""
subnet_mask: ""
range_start: ""
range_end: ""
lease_duration: 86400
icmp_timeout_msec: 1000
clients: []
log_file: ""
verbose: false
schema_version: 6

65
molecule/with-config/tests/test_default.py Normal file
View File

@@ -0,0 +1,65 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_adguardhome_config_dir(host):
d = host.file('/opt/adguardhome/config')
assert d.exists
assert d.is_directory
assert d.mode == 0o755
assert d.user == 'root'
assert d.group == 'root'
def test_adguardhome_config_file(host):
f = host.file('/opt/adguardhome/config/AdGuardHome.yml')
assert f.exists
assert f.is_file
assert f.mode == 0o644
assert f.user == 'root'
assert f.group == 'root'
def test_adguardhome_data_dir(host):
d = host.file('/opt/adguardhome')
assert d.exists
assert d.is_directory
assert d.mode == 0o755
assert d.user == 'root'
assert d.group == 'root'
def test_adguardhome_binary(host):
f = host.file("/opt/adguardhome/bin/AdGuardHome")
assert f.exists
assert f.is_file
assert f.mode == 0o755
assert f.user == 'root'
assert f.group == 'root'
def test_adguardhome_service(host):
s = host.service('adguardhome')
assert s.is_enabled
assert s.is_running
def test_adguardhome_http_service(host):
socket = host.socket('tcp://127.0.0.1:80')
assert socket.is_listening
def test_adguardhome_dns_service(host):
socket = host.socket('tcp://127.0.0.1:53')
assert socket.is_listening