Skip to content

Commit

Permalink
Merge pull request #64 from sebastianrakel/fix-wgquick-template
Browse files Browse the repository at this point in the history
Fix wgquick template and extend tests
  • Loading branch information
bastelfreak authored Aug 22, 2022
2 parents 631a325 + 4fa9921 commit d40d8e1
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 1 deletion.
27 changes: 27 additions & 0 deletions spec/defines/interface_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -366,6 +366,33 @@ class {"systemd":
it { is_expected.to contain_file("/etc/systemd/network/#{title}.network").with_content(%r{Address=fe80::ade1/64}) }
it { is_expected.not_to contain_ferm__rule("allow_wg_#{title}") }
end

context 'wgquick with required params (public_key) and an address entry with dns also without firewall rules' do
let :params do
{
public_key: 'blabla==',
endpoint: 'wireguard.example.com:1234',
manage_firewall: false,
# we need to set destination_addresses to overwrite the default
# that would configure IPv4+IPv6, but GHA doesn't provide IPv6 for us
destination_addresses: [facts[:networking]['ip'],],
provider: 'wgquick',
addresses: [{ 'Address' => '192.168.218.87/32', 'DNS' => '192.168.218.1' }],
}
end

it { is_expected.to compile.with_all_deps }
it { is_expected.to contain_class('wireguard') }
it { is_expected.to contain_exec("generate private key #{title}") }
it { is_expected.to contain_exec("generate public key #{title}") }
it { is_expected.to contain_file("/etc/wireguard/#{title}.pub") }
it { is_expected.to contain_file("/etc/wireguard/#{title}") }
it { is_expected.to contain_file("/etc/wireguard/#{title}.conf") }
it { is_expected.to contain_file("/etc/wireguard/#{title}.conf").with_content(%r{[Interface]}) } # rubocop:disable Lint/DuplicateRegexpCharacterClassElement
it { is_expected.to contain_file("/etc/wireguard/#{title}.conf").with_content(%r{Address=192.168.218.87/32}) }
it { is_expected.to contain_file("/etc/wireguard/#{title}.conf").with_content(%r{DNS=192.168.218.1}) }
it { is_expected.not_to contain_ferm__rule("allow_wg_#{title}") }
end
end
end
end
5 changes: 4 additions & 1 deletion templates/wireguard_conf.epp
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,13 @@
Array[Hash] $addresses,
| -%>
# THIS FILE IS MANAGED BY PUPPET
[Interface]
<% $addresses.each |$address| { -%>

[Interface]
<% $address.each |$key, $value| { -%>
<%= $key %>=<%= $value %>
<% } -%>
<% } -%>
ListenPort = <%= $dport %>
PostUp = wg set %i private-key /etc/wireguard/<%= $interface %>
<% $peers.each |$peer| { -%>
Expand Down

0 comments on commit d40d8e1

Please sign in to comment.