41 lines
1.1 KiB
Python
41 lines
1.1 KiB
Python
|
import testinfra.utils.ansible_runner
|
||
|
|
||
|
def test_packages(host):
|
||
|
package = host.package('strongswan')
|
||
|
assert package.is_installed
|
||
|
|
||
|
def test_config_file(host):
|
||
|
config = host.file('/etc/ipsec.conf')
|
||
|
assert config.exists
|
||
|
assert config.is_file
|
||
|
assert config.user == 'root'
|
||
|
assert config.group == 'root'
|
||
|
assert config.mode == 0o644
|
||
|
assert config.contains('aggressive=no')
|
||
|
assert config.contains('ikelifetime=10800s')
|
||
|
assert config.contains('conn test-ipsec')
|
||
|
assert config.contains('right=192.168.0.2')
|
||
|
|
||
|
def test_secret_file(host):
|
||
|
config = host.file('/etc/ipsec.secrets')
|
||
|
assert config.exists
|
||
|
assert config.is_file
|
||
|
assert config.user == 'root'
|
||
|
assert config.group == 'root'
|
||
|
assert config.mode == 0o600
|
||
|
assert config.contains(' 192.168.0.2 : PSK "secret"')
|
||
|
|
||
|
def test_service(host):
|
||
|
service = host.service('ipsec')
|
||
|
assert service.is_running
|
||
|
assert service.is_enabled
|
||
|
|
||
|
def test_socket(host):
|
||
|
socket = host.socket('udp://0.0.0.0:500')
|
||
|
assert socket.is_listening
|
||
|
|
||
|
def test_ipsec(host):
|
||
|
cmd = host.run('ipsec status test-ipsec')
|
||
|
assert cmd.succeeded
|
||
|
assert 'no match' not in cmd.stdout
|