test: add support debian12
This commit is contained in:
parent
d383c722c1
commit
aa1958992b
6 changed files with 18 additions and 13 deletions
|
@ -9,6 +9,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
|
||||||
|
|
||||||
- feat: add certbot_port variable
|
- feat: add certbot_port variable
|
||||||
- feat: add hook scripts
|
- feat: add hook scripts
|
||||||
|
- test: add support debian 12
|
||||||
|
|
||||||
## v2.2.0 - 2021-08-24
|
## v2.2.0 - 2021-08-24
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,7 @@ Generate certificate SSL with certbot.
|
||||||
* Ansible >= 2.10
|
* Ansible >= 2.10
|
||||||
* Debian
|
* Debian
|
||||||
* Bullseye
|
* Bullseye
|
||||||
|
* Bookworm
|
||||||
|
|
||||||
## Role variables
|
## Role variables
|
||||||
|
|
||||||
|
@ -41,7 +42,7 @@ Generate certificate SSL with certbot.
|
||||||
|
|
||||||
* install [docker](https://docs.docker.com/engine/installation/)
|
* install [docker](https://docs.docker.com/engine/installation/)
|
||||||
* install `python3` and `python3-pip`
|
* install `python3` and `python3-pip`
|
||||||
* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
|
* install molecule and dependencies `pip3 install molecule molecule-plugins[docker] docker ansible-lint pytest-testinfra yamllint`
|
||||||
* run `molecule test`
|
* run `molecule test`
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
|
@ -6,11 +6,12 @@ galaxy_info:
|
||||||
company: Adrien Waksberg
|
company: Adrien Waksberg
|
||||||
description: Generate certificate SSL with certbot
|
description: Generate certificate SSL with certbot
|
||||||
license: Apache2
|
license: Apache2
|
||||||
min_ansible_version: 2.10
|
min_ansible_version: "2.10"
|
||||||
platforms:
|
platforms:
|
||||||
- name: Debian
|
- name: Debian
|
||||||
versions:
|
versions:
|
||||||
- bullseye
|
- bullseye
|
||||||
|
- bookworm
|
||||||
|
|
||||||
galaxy_tags:
|
galaxy_tags:
|
||||||
- certbot
|
- certbot
|
||||||
|
|
|
@ -2,11 +2,12 @@
|
||||||
driver:
|
driver:
|
||||||
name: docker
|
name: docker
|
||||||
platforms:
|
platforms:
|
||||||
- name: debian10
|
- name: debian12
|
||||||
image: nishiki/debian10:molecule
|
image: nishiki/debian12:molecule
|
||||||
privileged: true
|
privileged: true
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||||
|
cgroupns_mode: host
|
||||||
command: /bin/systemd
|
command: /bin/systemd
|
||||||
capabilities:
|
capabilities:
|
||||||
- SYS_ADMIN
|
- SYS_ADMIN
|
||||||
|
@ -14,7 +15,8 @@ platforms:
|
||||||
image: nishiki/debian11:molecule
|
image: nishiki/debian11:molecule
|
||||||
privileged: true
|
privileged: true
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||||
|
cgroupns_mode: host
|
||||||
command: /bin/systemd
|
command: /bin/systemd
|
||||||
capabilities:
|
capabilities:
|
||||||
- SYS_ADMIN
|
- SYS_ADMIN
|
||||||
|
|
|
@ -23,19 +23,19 @@ def test_cron_file(host):
|
||||||
assert path.user == 'root'
|
assert path.user == 'root'
|
||||||
assert path.group == 'crontab'
|
assert path.group == 'crontab'
|
||||||
assert path.mode == 0o600
|
assert path.mode == 0o600
|
||||||
assert path.contains('--renew-hook /usr/local/bin/certbot-renew')
|
assert path.contains('perl -e \'sleep int(rand(3600))\' && certbot -q renew')
|
||||||
|
|
||||||
def test_config_file(host):
|
def test_config_file(host):
|
||||||
path = host.file('/etc/letsencrypt/renew.cfg')
|
path = host.file('/etc/letsencrypt/hook-test.local')
|
||||||
assert path.exists
|
assert path.exists
|
||||||
assert path.is_file
|
assert path.is_file
|
||||||
assert path.user == 'root'
|
assert path.user == 'root'
|
||||||
assert path.group == 'root'
|
assert path.group == 'root'
|
||||||
assert path.mode == 0o644
|
assert path.mode == 0o700
|
||||||
assert path.contains('test.local = echo OK > /tmp/test.txt')
|
assert path.contains('echo OK > /tmp/test.txt')
|
||||||
|
|
||||||
def test_renew(host):
|
def test_renew(host):
|
||||||
cmd = host.run('RENEWED_DOMAINS=test.local /usr/local/bin/certbot-renew')
|
cmd = host.run('/etc/letsencrypt/hook-test.local')
|
||||||
assert cmd.succeeded
|
assert cmd.succeeded
|
||||||
|
|
||||||
path = host.file('/tmp/test.txt')
|
path = host.file('/tmp/test.txt')
|
||||||
|
|
|
@ -25,7 +25,7 @@
|
||||||
loop: '{{ st.results }}'
|
loop: '{{ st.results }}'
|
||||||
loop_control:
|
loop_control:
|
||||||
label: '{{ item.item.key }}'
|
label: '{{ item.item.key }}'
|
||||||
when: (certbot_role == 'master' or item.item.name == ansible_fqdn) and not item.stat.exists and not web.failed
|
when: (certbot_role == 'master' or item.item.key == ansible_fqdn) and not item.stat.exists and not web.failed
|
||||||
tags: certbot
|
tags: certbot
|
||||||
|
|
||||||
- name: create a new certificate (standalone)
|
- name: create a new certificate (standalone)
|
||||||
|
@ -36,5 +36,5 @@
|
||||||
loop: '{{ st.results }}'
|
loop: '{{ st.results }}'
|
||||||
loop_control:
|
loop_control:
|
||||||
label: '{{ item.item.key }}'
|
label: '{{ item.item.key }}'
|
||||||
when: (certbot_role == 'master' or item.item.name == ansible_fqdn) and not item.stat.exists and web.failed
|
when: (certbot_role == 'master' or item.item.key == ansible_fqdn) and not item.stat.exists and web.failed
|
||||||
tags: certbot
|
tags: certbot
|
||||||
|
|
Loading…
Reference in a new issue