radityo
/
ansible-nginx
mirror of https://github.com/HanXHX/ansible-nginx.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Tests with uri module (closes #25)

pull/35/head
Emilien Mantel 2017-10-27 15:27:16 +02:00
parent 10bd837f54
commit 8675d683ec
1 changed files with 121 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

206
tests/test.yml
View File

@ -16,6 +16,12 @@
copy: copy:
src: "file/test.key" src: "file/test.key"
dest: "{{ int_ansible_ssl_dir }}/test.key" dest: "{{ int_ansible_ssl_dir }}/test.key"
- name: LINEINFILE | Add all hosts in /etc/hosts
lineinfile:
line: "127.0.2.1\t{% for s in nginx_sites %}{% if s.name is string %}{{ s.name }}{% else %}{% for n in s.name %}{{ n }} {% endfor %}{% endif %} {% if s.redirect_from is defined %}{% for rf in s.redirect_from %}{{ rf }} {% endfor %}{% endif %}{% endfor %}"
regexp: '^127\.0\.2'
dest: "/etc/hosts"
unsafe_writes: yes
vars: vars:
# Internal vars # Internal vars
@ -284,85 +290,93 @@
# Simple sites tests # Simple sites tests
# -------------------------------- # --------------------------------
- name: -- VERIFY SITES -- - name: -- VERIFY SITES --
command: "curl -H 'Host: {{ item.name if item.name is string else item.name[0] }}' http://127.0.0.1{% if item.listen is defined %}:{{ item.listen[0] }}{% endif %}/" uri:
url: "http://{{ item | nginx_site_name }}{% if item.listen is defined %}:{{ item.listen[0] }}{% endif %}/"
status_code: '200,301,302,401,403'
follow_redirects: none
with_items: "{{ nginx_sites }}" with_items: "{{ nginx_sites }}"
when: item.state is undefined or item.state != "absent" when: item.state is undefined or item.state != "absent"
changed_when: false changed_when: false
- name: -- VERIFY FORBIDDEN -- - name: -- VERIFY FORBIDDEN --
command: "curl -H 'Host: test-php-index.local' http://127.0.0.1/phpinfo.php" uri:
register: f url: "http://test-php-index.local/phpinfo.php"
failed_when: f.stdout.find('403 Forbidden') == -1 status_code: 403
changed_when: false
- name: -- VERIFY REDIRECT SITES -- - name: -- VERIFY REDIRECT SITES --
command: "curl -H 'Host: {{ item.redirect_from[0] }}' http://127.0.0.1/" uri:
url: "http://{{ item.redirect_from[0] }}/"
status_code: 301
follow_redirects: none
with_items: "{{ nginx_sites }}" with_items: "{{ nginx_sites }}"
when: item.redirect_from is defined and (item.state is undefined or item.state != "absent") when: item.redirect_from is defined and (item.state is undefined or item.state != "absent")
changed_when: false changed_when: false
register: r
failed_when: r.stdout.find('301 Moved Permanently') == -1
# -------------------------------- # --------------------------------
# PHP # PHP
# -------------------------------- # --------------------------------
- name: -- VERIFY PHP SITES -- - name: -- VERIFY PHP SITES --
command: "curl -H 'Host: {{ item.name }}' http://127.0.0.1/" uri:
url: "http://{{ item.name}}/"
return_content: yes
register: p register: p
with_items: "{{ nginx_sites }}" with_items: "{{ nginx_sites }}"
when: > when: >
item.template is defined and item.template is defined and
(item.template == '_php' or item.template == '_php_index') (item.template == '_php' or item.template == '_php_index')
changed_when: false failed_when: p.content.find('PHP Version ' + item.php_version if 'php_version' in item else nginx_php.0.version) == -1
failed_when: p.stdout.find('PHP Version ' + item.php_version if 'php_version' in item else nginx_php.0.version) == -1
# -------------------------------- # --------------------------------
# Basic Auth # Basic Auth
# -------------------------------- # --------------------------------
- name: -- VERIFY AUTH BASIC NONE --
uri:
url: "http://test-htpasswd.local/hello/"
status_code: 401
- block: - name: -- VERIFY AUTH BASIC FAIL --
uri:
url: "http://test-htpasswd.local/hello/"
status_code: 401
user: "fail"
password: "fail"
force_basic_auth: yes
- name: -- VERIFY AUTH BASIC NONE -- - name: -- VERIFY AUTH BASIC OK --
command: "curl -H 'Host: test-htpasswd.local' http://127.0.0.1/hello/" uri:
changed_when: false url: "http://test-htpasswd.local/hello/"
register: authnone user: "hanx"
failed_when: authnone.stdout.find('401 Authorization Required') == -1 password: "qwerty"
force_basic_auth: yes
- name: -- VERIFY AUTH BASIC FAIL -- - name: -- VERIFY AUTH BASIC FAIL GLOBAL --
command: "curl -u fail:fail -H 'Host: test-htpasswd.local' http://127.0.0.1/hello/" uri:
changed_when: false url: "http://test-htpasswd-all.local/"
register: authfail status_code: 401
failed_when: authfail.stdout.find('401 Authorization Required') == -1 user: "fail"
password: "fail"
force_basic_auth: yes
- name: -- VERIFY AUTH BASIC OK -- - name: -- VERIFY AUTH BASIC OK GLOBAL --
command: "curl -u hanx:qwerty -H 'Host: test-htpasswd.local' http://127.0.0.1/hello/" uri:
changed_when: false url: "http://test-htpasswd-all.local/"
register: authok user: "hanx"
failed_when: authok.stdout.find('hello') == -1 password: "qwerty"
force_basic_auth: yes
- name: -- VERIFY AUTH BASIC FAIL GLOBAL --
command: "curl -u fail:fail -H 'Host: test-htpasswd-all.local' http://127.0.0.1/"
changed_when: false
register: authgfail
failed_when: authgfail.stdout.find('401 Authorization Required') == -1
- name: -- VERIFY AUTH BASIC OK --
command: "curl -u hanx:qwerty -H 'Host: test-htpasswd-all.local' http://127.0.0.1/"
changed_when: false
register: authgok
failed_when: authgok.stdout.find('401 Authorization Required') != -1
when: nginx_htpasswd | length > 0
# -------------------------------- # --------------------------------
# BackupPC # BackupPC
# -------------------------------- # --------------------------------
- name: -- VERIFY BACKUPPC -- - name: -- VERIFY BACKUPPC --
command: "curl -u hanx:qwerty -H 'Host: backuppc.local' http://127.0.0.1/" uri:
changed_when: false url: "http://backuppc.local/"
user: "hanx"
password: "qwerty"
force_basic_auth: yes
return_content: yes
register: authbpc register: authbpc
failed_when: authbpc.stdout.find('BackupPC Server Status') == -1
when: ansible_distribution != 'FreeBSD' when: ansible_distribution != 'FreeBSD'
failed_when: authbpc.content.find('BackupPC Server Status') == -1
# -------------------------------- # --------------------------------
# Nagios (not avaiblable on Debian >= 9) # Nagios (not avaiblable on Debian >= 9)
@ -370,19 +384,28 @@
- block: - block:
- name: -- VERIFY NAGIOS3 PHP -- - name: -- VERIFY NAGIOS3 PHP --
command: "curl -u nagiosadmin:nagios -H 'Host: nagios3.local' http://127.0.0.1/side.php" uri:
changed_when: false url: "http://nagios3.local/side.php"
user: "nagiosadmin"
password: "nagios"
force_basic_auth: yes
return_content: yes
register: nagios_php register: nagios_php
failed_when: nagios_php.stdout.find('Nagios Core') == -1 failed_when: nagios_php.content.find('Nagios Core') == -1
- name: -- VERIFY NAGIOS3 CGI -- - name: -- VERIFY NAGIOS3 CGI --
command: "curl -u nagiosadmin:nagios -H 'Host: nagios3.local' http://127.0.0.1/cgi-bin{% if ansible_distribution == 'Debian' %}/nagios3{% endif %}/summary.cgi" uri:
changed_when: false url: "http://nagios3.local/cgi-bin{% if ansible_distribution == 'Debian' %}/nagios3{% endif %}/summary.cgi"
user: "nagiosadmin"
password: "nagios"
force_basic_auth: yes
return_content: yes
register: nagios_cgi register: nagios_cgi
failed_when: nagios_cgi.stdout.find('Nagios Event Summary') == -1 failed_when: nagios_cgi.content.find('Nagios Event Summary') == -1
when: ansible_distribution_major_version | version_compare('9', 'lt') when: ansible_distribution_major_version | version_compare('9', 'lt')
# -------------------------------- # --------------------------------
# Owncloud # Owncloud
# -------------------------------- # --------------------------------
@ -408,19 +431,25 @@
# SSL # SSL
# -------------------------------- # --------------------------------
- name: -- VERIFY SSL -- - name: -- VERIFY SSL --
command: "curl --insecure -H 'Host: {{ item }}' https://127.0.0.1/" uri:
changed_when: false url: "https://{{ item }}/"
return_content: yes
validate_certs: no
register: sslok register: sslok
failed_when: sslok.stdout.find('Index HTML test OK') == -1 failed_when: sslok.content.find('Index HTML test OK') == -1
with_items: with_items:
- 'test-ssl-predeployed.local' - 'test-ssl-predeployed.local'
- 'test-ssl.local' - 'test-ssl.local'
- name: -- VERIFY SSL REDIRECT -- - name: -- VERIFY SSL REDIRECT --
command: "curl -v -H 'Host: {{ item.name }}' http://127.0.0.1/" uri:
changed_when: false url: "http://{{ item.name }}/"
validate_certs: no
status_code: 301
return_content: yes
follow_redirects: none
register: sslredirok register: sslredirok
failed_when: '"< Location:" + " https://%s%s" % (item.name, ":" + item.port if item.port is defined else "") not in sslredirok.stderr' failed_when: '"https://%s%s" % (item.name, ":" + item.port if item.port is defined else "") not in sslredirok.location'
with_items: with_items:
- name: 'test-ssl-redirect.local' - name: 'test-ssl-redirect.local'
- name: 'test-ssl-redirect-many.local' - name: 'test-ssl-redirect-many.local'
@ -432,40 +461,47 @@
# Default sites # Default sites
# -------------------------------- # --------------------------------
- name: -- VERIFY DEFAULT SITE -- - name: -- VERIFY DEFAULT SITE --
command: "curl -v http://127.0.0.1/" uri:
changed_when: false url: 'http://127.0.0.1/'
return_content: yes
register: vdefault register: vdefault
failed_when: > failed_when: >
vdefault.stdout.find('Index HTML test OK') == -1 or vdefault.content.find('Index HTML test OK') == -1 or
vdefault.stderr.lower().find('x-ansible-default') == -1 vdefault.x_ansible_default is not defined
- name: -- VERIFY DEFAULT SSL SITE -- - name: -- VERIFY DEFAULT SITE + STUB STATUS--
command: "curl --insecure -v https://127.0.0.1/" uri:
changed_when: false url: 'http://127.0.0.1/status'
register: defaultssl return_content: yes
failed_when: >
defaultssl.stdout.find('Index HTML test OK') == -1 or
defaultssl.stderr.lower().find('x-ansible-default') == -1
- name: -- VERIFY NOT DEFAULT SITE --
command: "curl -v -H 'Host: test-php.local' http://127.0.0.1/"
changed_when: false
register: vphp
failed_when: vphp.stderr.lower().find('x-ansible-default') != -1
- name: -- VERIFY NOT DEFAULT SSL SITE --
command: "curl --insecure -v -H 'Host: test-ssl.local' https://127.0.0.1/"
changed_when: false
register: notdefaultssl
failed_when: notdefaultssl.stderr.lower().find('x-ansible-default') != -1
- name: -- VERIFY DEFAULT SITE + STUB_STATUS --
command: "curl -v http://127.0.0.1/status"
changed_when: false
register: vdefault_status register: vdefault_status
failed_when: > failed_when: >
vdefault_status.stderr.lower().find('x-ansible-default') == -1 or vdefault_status.content.find('Active connections') == -1 or
vdefault_status.stdout.find('Active connections') == -1 vdefault_status.x_ansible_default is not defined
- name: -- VERIFY DEFAULT SSL SITE --
uri:
url: 'https://127.0.0.1/'
return_content: yes
validate_certs: no
register: vdefault
failed_when: >
vdefault.content.find('Index HTML test OK') == -1 or
vdefault.x_ansible_default is not defined
- name: -- VERIFY NOT DEFAULT SITE --
uri:
url: 'http://test-php.local/'
return_content: yes
register: vphp
failed_when: vphp.x_ansible_default is defined
- name: -- VERIFY NOT DEFAULT SSL SITE --
uri:
url: 'https://test-ssl.local/'
return_content: yes
validate_certs: no
register: notdefaultssl
failed_when: notdefaultssl.x_ansible_default is defined
# -------------------------------- # --------------------------------
# Check HTTP2 # Check HTTP2