Adds Debian support

asm0dey · Aug 11, 2018 · b01a2de · b01a2de
1 parent 094c790
commit b01a2de
Show file tree

Hide file tree

Showing 13 changed files with 278 additions and 40 deletions.
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -11,12 +11,6 @@
     state: restarted
   listen: "reload service"
 
-- name: restart iptables
-  service:
-    name: iptables
-    state: restarted
-  listen: update iptables
-
 - name: restart firewalld
   service:
     name: firewalld

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -6,8 +6,6 @@ driver:
 lint:
   name: yamllint
 platforms:
-  - name: centos6
-    image: chrisshort/docker-centos6-ansible
   - name: ubuntu
     image: solita/ubuntu-systemd:latest
     command: /sbin/init
@@ -57,6 +55,7 @@ provisioner:
 scenario:
   name: default
 verifier:
-  name: testinfra
+  name: goss
   lint:
-    name: flake8
+    name: yamllint
+    enabled: false
diff --git a/molecule/default/tests/test_basic.yml b/molecule/default/tests/test_basic.yml
@@ -0,0 +1,20 @@
+---
+port:
+  tcp:1080:
+    listening: true
+  tcp:3128:
+    listening: true
+service:
+  3proxy:
+    enabled: true
+    running: true
+file:
+{{if .Env.OS | regexMatch "([Dd]ebian|[Uu]buntu)"}}
+  /etc/3proxy/3proxy.cfg:
+{{else}}
+  /etc/3proxy.cfg:
+{{end}}
+    exists: true
+    contains:
+     - "!users"
+     - "!auth strong"
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml
@@ -0,0 +1,53 @@
+---
+# This is an example playbook to execute goss tests.
+# Tests need distributed to the appropriate ansible host/groups
+# prior to execution by `goss validate`.
+
+- name: Verify
+  hosts: all
+  become: true
+  vars:
+    goss_version: v0.3.6
+    goss_arch: amd64
+    goss_dst: /usr/local/bin/goss
+    goss_url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}"
+    goss_test_directory: /tmp
+    goss_format: documentation
+  tasks:
+    - name: Download and install Goss
+      get_url:
+        url: "{{ goss_url }}"
+        dest: "{{ goss_dst }}"
+        mode: 0755
+      register: download_goss
+      until: download_goss is succeeded
+      retries: 3
+
+    - name: Copy Goss tests to remote
+      copy:
+        src: "{{ item }}"
+        dest: "{{ goss_test_directory }}/{{ item | basename }}"
+      with_fileglob:
+        - "{{ lookup('env', 'MOLECULE_VERIFIER_TEST_DIRECTORY') }}/test_*.yml"
+
+    - name: Register test files
+      shell: "ls {{ goss_test_directory }}/test_*.yml"
+      register: test_files
+
+    - name: Execute Goss tests
+      command: "{{ goss_dst }} -g {{ item }} validate --format {{ goss_format }}"
+      register: test_results
+      with_items: "{{ test_files.stdout_lines }}"
+      environment:
+        OS: "{{ ansible_distribution }}"
+
+    - name: Display details about the Goss results
+      debug:
+        msg: "{{ item.stdout_lines }}"
+      with_items: "{{ test_results.results }}"
+
+    - name: Fail when tests fail
+      fail:
+        msg: "Goss failed to validate"
+      when: item.rc != 0
+      with_items: "{{ test_results.results }}"
diff --git a/molecule/unusual/INSTALL.rst b/molecule/unusual/INSTALL.rst
@@ -0,0 +1,17 @@
+*******
+Vagrant driver installation guide
+*******
+
+Requirements
+============
+
+* Vagrant
+* Virtualbox, Parallels, VMware Fusion, VMware Workstation or VMware Desktop
+* python-vagrant
+
+Install
+=======
+
+.. code-block:: bash
+
+    $ sudo pip install python-vagrant
diff --git a/molecule/unusual/molecule.yml b/molecule/unusual/molecule.yml
@@ -0,0 +1,28 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: vagrant
+  provider:
+    name: virtualbox
+lint:
+  name: yamllint
+platforms:
+  - name: debian9
+    box: debian/stretch64
+  - name: debian8
+    box: debian/jessie64
+  - name: centos6
+    box: bento/centos-6.10
+    box_version: 201807.12.0
+provisioner:
+  name: ansible
+  lint:
+    name: ansible-lint
+scenario:
+  name: unusual
+verifier:
+  name: goss
+  lint:
+    name: yamllint
+    enabled: false
diff --git a/molecule/unusual/playbook.yml b/molecule/unusual/playbook.yml
@@ -0,0 +1,6 @@
+---
+- name: Converge
+  hosts: all
+  become: true
+  roles:
+    - role: 3proxy
diff --git a/molecule/unusual/prepare.yml b/molecule/unusual/prepare.yml
@@ -0,0 +1,9 @@
+---
+- name: Prepare
+  hosts: all
+  gather_facts: false
+  tasks:
+    - name: Install python for Ansible
+      raw: (command -v apt && (test -e /usr/bin/python || (apt -y update && apt install -y python-minimal))) || (command -v yum && (command -v python || (yum -y update && yum install -y python)))
+      become: true
+      changed_when: false
diff --git a/molecule/unusual/tests/test_default.yml b/molecule/unusual/tests/test_default.yml
@@ -0,0 +1,20 @@
+---
+port:
+  tcp:1080:
+    listening: true
+  tcp:3128:
+    listening: true
+service:
+  3proxy:
+    enabled: true
+    running: true
+file:
+{{if .Env.OS | regexMatch "([Dd]ebian|[Uu]buntu)"}}
+  /etc/3proxy/3proxy.cfg:
+{{else}}
+  /etc/3proxy.cfg:
+{{end}}
+    exists: true
+    contains:
+     - "!users"
+     - "!auth strong"
diff --git a/molecule/unusual/verify.yml b/molecule/unusual/verify.yml
@@ -0,0 +1,65 @@
+---
+# This is an example playbook to execute goss tests.
+# Tests need distributed to the appropriate ansible host/groups
+# prior to execution by `goss validate`.
+
+- name: Verify
+  hosts: all
+  become: true
+  vars:
+    goss_version: v0.3.2
+    goss_arch: amd64
+    goss_dst: /usr/local/bin/goss
+    goss_sha256sum: 2f6727375db2ea0f81bee36e2c5be78ab5ab8d5981f632f761b25e4003e190ec
+    goss_url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}"
+    goss_test_directory: /tmp
+    goss_format: documentation
+  tasks:
+    - name: Check if goss is downloaded
+      command: "which {{ goss_dst }}"
+      register: goss_exists
+      check_mode: false
+      changed_when: false  # Never report as changed
+      ignore_errors: true
+
+    - name: Download and install Goss
+      command: "wget {{ goss_url }} -O {{ goss_dst }}"
+      register: download_goss
+      until: download_goss is succeeded
+      retries: 3
+      when: goss_exists.rc != 0
+
+    - name: Chmod
+      file:
+        path: "{{ goss_dst }}"
+        state: file
+        mode: 0755
+
+    - name: Copy Goss tests to remote
+      copy:
+        src: "{{ item }}"
+        dest: "{{ goss_test_directory }}/{{ item | basename }}"
+      with_fileglob:
+        - "{{ lookup('env', 'MOLECULE_VERIFIER_TEST_DIRECTORY') }}/test_*.yml"
+
+    - name: Register test files
+      shell: "ls {{ goss_test_directory }}/test_*.yml"
+      register: test_files
+
+    - name: Execute Goss tests
+      command: "{{ goss_dst }} -g {{ item }} validate --format {{ goss_format }}"
+      register: test_results
+      with_items: "{{ test_files.stdout_lines }}"
+      environment:
+        OS: "{{ ansible_distribution }}"
+
+    - name: Display details about the Goss results
+      debug:
+        msg: "{{ item.stdout_lines }}"
+      with_items: "{{ test_results.results }}"
+
+    - name: Fail when tests fail
+      fail:
+        msg: "Goss failed to validate"
+      when: item.rc != 0
+      with_items: "{{ test_results.results }}"
diff --git a/tasks/Debian.yml b/tasks/Debian.yml
@@ -0,0 +1,57 @@
+---
+- name: Ensures gpg is installed
+  package:
+    name: gnupg
+
+- name: Ensures iptables-persistent is installed
+  package:
+    name: iptables-persistent
+  when: manage_firewall
+
+- name: Ensures 3proxy repository key is installed
+  apt_key:
+    keyserver: keyserver.ubuntu.com
+    id: D8BAAED4A75968C1
+
+- name: Ensures 3proxy repository is added
+  apt_repository:
+    repo: deb http://ppa.launchpad.net/artyom.h31/3proxy/ubuntu xenial main
+    state: present
+    update_cache: true
+    mode: 0644
+    filename: artyom_h31-ubuntu-3proxy-xenial.list
+
+- name: Ensures 3proxy is installed
+  package:
+    name: 3proxy
+
+- name: Ensures 3proxy log dir exists
+  file:
+    name: /var/log/3proxy
+    state: directory
+    owner: nobody
+    group: nogroup
+
+- name: Configures 3proxy
+  template:
+    src: 3proxy.cfg.j2
+    dest: /etc/3proxy/3proxy.cfg
+    owner: nobody
+    group: nogroup
+  notify: "reload service"
+
+- name: get info about 3proxy service
+  systemd:
+    name: 3proxy.service
+    enabled: true
+  when: ansible_service_mgr == 'systemd'
+  register: proxy_info
+
+- name: Set log directory writable for 3proxy if needed
+  ini_file:
+    path: "{{ proxy_info.status.FragmentPath }}"
+    section: Service
+    option: Type
+    value: forking
+  when: ansible_service_mgr == 'systemd'
+  notify: reload service
diff --git a/tasks/iptables.yml b/tasks/iptables.yml
@@ -6,5 +6,4 @@
   with_nested:
     - [ { value: "{{ proxy_socks_port }}", if: "{{ proxy_socks }}" }, { value: "{{ proxy_http_port }}", if: "{{ proxy_http }}" } ]
     - [ { ctstate: "NEW,ESTABLISHED", chain: "INPUT", }, { ctstate: "ESTABLISHED", chain: "OUTPUT" } ]
-  notify: update iptables
   when: item[0].if