From 44d38c3608a3c1953cf5aef094177dcd013b1bc6 Mon Sep 17 00:00:00 2001 From: Sebastian Rakel Date: Mon, 22 Aug 2022 22:26:22 +0200 Subject: [PATCH] Fix wgquick template and extend tests --- spec/defines/interface_spec.rb | 28 ++++++++++++++++++++++++++++ templates/wireguard_conf.epp | 2 +- 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/spec/defines/interface_spec.rb b/spec/defines/interface_spec.rb index 498a4ac..2fcda95 100644 --- a/spec/defines/interface_spec.rb +++ b/spec/defines/interface_spec.rb @@ -366,6 +366,34 @@ class {"systemd": it { is_expected.to contain_file("/etc/systemd/network/#{title}.network").with_content(%r{Address=fe80::ade1/64}) } it { is_expected.not_to contain_ferm__rule("allow_wg_#{title}") } end + + context 'wgquick with required params (public_key) and an address entry with dns also without firewall rules' do + let :params do + { + public_key: 'blabla==', + endpoint: 'wireguard.example.com:1234', + manage_firewall: false, + # we need to set destination_addresses to overwrite the default + # that would configure IPv4+IPv6, but GHA doesn't provide IPv6 for us + destination_addresses: [facts[:networking]['ip'],], + provider: 'wgquick', + addresses: [{ 'Address' => '192.168.218.87/32', 'DNS' => '192.168.218.1' }], + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_class('wireguard') } + it { is_expected.to contain_exec("generate private key #{title}") } + it { is_expected.to contain_exec("generate public key #{title}") } + it { is_expected.to contain_file("/etc/wireguard/#{title}.pub") } + it { is_expected.to contain_file("/etc/wireguard/#{title}") } + it { is_expected.to contain_file("/etc/wireguard/#{title}.conf") } + it { is_expected.to contain_file("/etc/wireguard/#{title}.conf").with_content(%r{[Interface]}) } # rubocop:disable Lint/DuplicateRegexpCharacterClassElement + it { is_expected.to contain_file("/etc/wireguard/#{title}.conf").with_content(%r{Address=192.168.218.87/32}) } + it { is_expected.to contain_file("/etc/wireguard/#{title}.conf").with_content(%r{DNS=192.168.218.1}) } + it { is_expected.not_to contain_ferm__rule("allow_wg_#{title}") } + end + end end end diff --git a/templates/wireguard_conf.epp b/templates/wireguard_conf.epp index 7b721f6..86506cc 100644 --- a/templates/wireguard_conf.epp +++ b/templates/wireguard_conf.epp @@ -6,7 +6,7 @@ | -%> # THIS FILE IS MANAGED BY PUPPET [Interface] -<% $addresses.each |$address| { -%> +<% $addresses.each |$key, $value| { -%> <%= $key %>=<%= $value %> <% } -%> ListenPort = <%= $dport %>