2013-11-22 04:10:53 +01:00
require 'spec_helper'
describe 'nginx::resource::mailhost' do
let :title do
'www.rspec.example.com'
end
let :facts do
{
:ipaddress6 = > '::' ,
}
end
let :default_params do
{
:listen_port = > 25 ,
:ipv6_enable = > true ,
}
end
let :pre_condition do
[
'include ::nginx::config' ,
]
end
describe 'os-independent items' do
describe 'basic assumptions' do
let :params do default_params end
2014-07-18 04:28:38 +02:00
it { is_expected . to contain_class ( " nginx::config " ) }
it { is_expected . to contain_concat ( " /etc/nginx/conf.mail.d/ #{ title } .conf " ) . with ( {
2013-12-01 01:49:41 +01:00
'owner' = > 'root' ,
'group' = > 'root' ,
'mode' = > '0644' ,
} ) }
2014-07-18 04:28:38 +02:00
it { is_expected . to contain_concat__fragment ( " #{ title } -header " ) }
it { is_expected . not_to contain_concat__fragment ( " #{ title } -ssl " ) }
2013-11-22 04:10:53 +01:00
end
describe " mailhost template content " do
[
{
:title = > 'should set the IPv4 listen IP' ,
:attr = > 'listen_ip' ,
:value = > '127.0.0.1' ,
2013-11-22 05:04:39 +01:00
:match = > ' listen 127.0.0.1:25;' ,
2013-11-22 04:10:53 +01:00
} ,
{
:title = > 'should set the IPv4 listen port' ,
:attr = > 'listen_port' ,
2014-01-06 20:20:07 +01:00
:value = > 45 ,
2013-11-22 05:04:39 +01:00
:match = > ' listen *:45;' ,
2013-11-22 04:10:53 +01:00
} ,
{
:title = > 'should set the IPv4 listen options' ,
:attr = > 'listen_options' ,
:value = > 'spdy default' ,
:match = > ' listen *:25 spdy default;' ,
} ,
{
:title = > 'should enable IPv6' ,
:attr = > 'ipv6_enable' ,
:value = > true ,
:match = > ' listen [::]:80 default ipv6only=on;' ,
} ,
{
:title = > 'should not enable IPv6' ,
:attr = > 'ipv6_enable' ,
:value = > false ,
2013-12-06 17:36:28 +01:00
:notmatch = > / listen \ [:: \ ]:80 default ipv6only=on; / ,
2013-11-22 04:10:53 +01:00
} ,
{
:title = > 'should set the IPv6 listen IP' ,
:attr = > 'ipv6_listen_ip' ,
:value = > '2001:0db8:85a3:0000:0000:8a2e:0370:7334' ,
:match = > ' listen [2001:0db8:85a3:0000:0000:8a2e:0370:7334]:80 default ipv6only=on;' ,
} ,
{
:title = > 'should set the IPv6 listen port' ,
:attr = > 'ipv6_listen_port' ,
2014-01-06 20:20:07 +01:00
:value = > 45 ,
2013-11-22 04:10:53 +01:00
:match = > ' listen [::]:45 default ipv6only=on;' ,
} ,
{
:title = > 'should set the IPv6 listen options' ,
:attr = > 'ipv6_listen_options' ,
:value = > 'spdy' ,
2014-02-03 13:11:47 +01:00
:match = > ' listen [::]:80 spdy;' ,
2013-11-22 04:10:53 +01:00
} ,
{
:title = > 'should set servername(s)' ,
:attr = > 'server_name' ,
:value = > [ 'name1' , 'name2' ] ,
:match = > ' server_name name1 name2;' ,
} ,
{
:title = > 'should set protocol' ,
:attr = > 'protocol' ,
:value = > 'test-protocol' ,
:match = > ' protocol test-protocol;' ,
} ,
{
:title = > 'should set xclient' ,
:attr = > 'xclient' ,
:value = > 'test-xclient' ,
:match = > ' xclient test-xclient;' ,
} ,
{
:title = > 'should set auth_http' ,
:attr = > 'auth_http' ,
:value = > 'test-auth_http' ,
:match = > ' auth_http test-auth_http;' ,
} ,
{
:title = > 'should set starttls' ,
:attr = > 'starttls' ,
2014-01-06 20:20:07 +01:00
:value = > 'on' ,
:match = > ' starttls on;' ,
} ,
{
:title = > 'should set starttls' ,
:attr = > 'starttls' ,
:value = > 'only' ,
:match = > ' starttls only;' ,
} ,
{
:title = > 'should not enable SSL' ,
:attr = > 'starttls' ,
:value = > 'off' ,
:notmatch = > / ssl_session_timeout 5m; / ,
2013-11-22 04:10:53 +01:00
} ,
] . each do | param |
context " when #{ param [ :attr ] } is #{ param [ :value ] } " do
2014-01-06 20:20:07 +01:00
let :default_params do {
:listen_port = > 25 ,
:ipv6_enable = > true ,
:ssl_cert = > 'dummy.crt' ,
:ssl_key = > 'dummy.key' ,
} end
2013-11-22 04:10:53 +01:00
let :params do default_params . merge ( { param [ :attr ] . to_sym = > param [ :value ] } ) end
2014-07-18 04:28:38 +02:00
it { is_expected . to contain_concat__fragment ( " #{ title } -header " ) }
2013-11-22 04:10:53 +01:00
it param [ :title ] do
2014-12-03 05:07:20 +01:00
lines = catalogue . resource ( 'concat::fragment' , " #{ title } -header " ) . send ( :parameters ) [ :content ] . split ( " \n " )
2014-07-18 04:28:38 +02:00
expect ( lines & Array ( param [ :match ] ) ) . to eq ( Array ( param [ :match ] ) )
2013-12-06 17:36:28 +01:00
Array ( param [ :notmatch ] ) . each do | item |
2014-07-18 04:28:38 +02:00
is_expected . to contain_concat__fragment ( " #{ title } -header " ) . without_content ( item )
2013-12-06 17:36:28 +01:00
end
2013-11-22 04:10:53 +01:00
end
end
end
end
describe " mailhost template content (SSL enabled) " do
[
{
:title = > 'should enable SSL' ,
:attr = > 'starttls' ,
:value = > 'on' ,
:match = > ' ssl_session_timeout 5m;' ,
} ,
{
:title = > 'should enable SSL' ,
:attr = > 'starttls' ,
:value = > 'only' ,
:match = > ' ssl_session_timeout 5m;' ,
} ,
{
:title = > 'should not enable SSL' ,
:attr = > 'starttls' ,
2014-01-06 20:20:07 +01:00
:value = > 'off' ,
2013-12-06 17:36:28 +01:00
:notmatch = > / ssl_session_timeout 5m; / ,
2013-11-22 04:10:53 +01:00
} ,
{
:title = > 'should set ssl_certificate' ,
:attr = > 'ssl_cert' ,
:value = > 'test-ssl-cert' ,
:match = > ' ssl_certificate test-ssl-cert;' ,
} ,
{
:title = > 'should set ssl_certificate_key' ,
:attr = > 'ssl_key' ,
:value = > 'test-ssl-cert-key' ,
:match = > ' ssl_certificate_key test-ssl-cert-key;' ,
} ,
] . each do | param |
context " when #{ param [ :attr ] } is #{ param [ :value ] } " do
let :default_params do {
:listen_port = > 25 ,
:starttls = > 'on' ,
:ssl_cert = > 'dummy.crt' ,
:ssl_key = > 'dummy.key' ,
} end
let :params do default_params . merge ( { param [ :attr ] . to_sym = > param [ :value ] } ) end
2014-07-18 04:28:38 +02:00
it { is_expected . to contain_concat__fragment ( " #{ title } -header " ) }
2013-11-22 04:10:53 +01:00
it param [ :title ] do
2014-12-03 05:07:20 +01:00
lines = catalogue . resource ( 'concat::fragment' , " #{ title } -header " ) . send ( :parameters ) [ :content ] . split ( " \n " )
2014-07-18 04:28:38 +02:00
expect ( lines & Array ( param [ :match ] ) ) . to eq ( Array ( param [ :match ] ) )
2013-12-06 17:36:28 +01:00
Array ( param [ :notmatch ] ) . each do | item |
2014-07-18 04:28:38 +02:00
is_expected . to contain_concat__fragment ( " #{ title } -header " ) . without_content ( item )
2013-12-06 17:36:28 +01:00
end
2013-11-22 04:10:53 +01:00
end
end
end
end
describe " mailhost_ssl template content " do
[
{
:title = > 'should set the IPv4 SSL listen port' ,
:attr = > 'ssl_port' ,
:value = > '45' ,
2015-01-13 17:30:00 +01:00
:match = > ' listen *:45;' ,
2013-11-22 04:10:53 +01:00
} ,
{
:title = > 'should enable IPv6' ,
:attr = > 'ipv6_enable' ,
:value = > true ,
2015-01-13 17:30:00 +01:00
:match = > ' listen [::]:587 default ipv6only=on;' ,
2013-11-22 04:10:53 +01:00
} ,
{
:title = > 'should not enable IPv6' ,
:attr = > 'ipv6_enable' ,
:value = > false ,
2015-01-13 17:30:00 +01:00
:notmatch = > / listen \ [:: \ ]:587 default ipv6only=on; / ,
2013-11-22 04:10:53 +01:00
} ,
{
:title = > 'should set the IPv6 listen IP' ,
:attr = > 'ipv6_listen_ip' ,
:value = > '2001:0db8:85a3:0000:0000:8a2e:0370:7334' ,
2015-01-13 17:30:00 +01:00
:match = > ' listen [2001:0db8:85a3:0000:0000:8a2e:0370:7334]:587 default ipv6only=on;' ,
2013-11-22 04:10:53 +01:00
} ,
{
2015-01-13 17:30:00 +01:00
:title = > 'should set the IPv6 ssl port' ,
:attr = > 'ssl_port' ,
2014-01-06 20:20:07 +01:00
:value = > 45 ,
2013-11-22 04:10:53 +01:00
:match = > ' listen [::]:45 default ipv6only=on;' ,
} ,
{
:title = > 'should set the IPv6 listen options' ,
:attr = > 'ipv6_listen_options' ,
:value = > 'spdy' ,
2015-01-13 17:30:00 +01:00
:match = > ' listen [::]:587 spdy;' ,
2013-11-22 04:10:53 +01:00
} ,
{
:title = > 'should set servername(s)' ,
:attr = > 'server_name' ,
:value = > [ 'name1' , 'name2' ] ,
:match = > ' server_name name1 name2;' ,
} ,
{
:title = > 'should set protocol' ,
:attr = > 'protocol' ,
:value = > 'test-protocol' ,
:match = > ' protocol test-protocol;' ,
} ,
{
:title = > 'should set xclient' ,
:attr = > 'xclient' ,
:value = > 'test-xclient' ,
:match = > ' xclient test-xclient;' ,
} ,
{
:title = > 'should set auth_http' ,
:attr = > 'auth_http' ,
:value = > 'test-auth_http' ,
:match = > ' auth_http test-auth_http;' ,
} ,
{
:title = > 'should set ssl_certificate' ,
:attr = > 'ssl_cert' ,
:value = > 'test-ssl-cert' ,
:match = > ' ssl_certificate test-ssl-cert;' ,
} ,
{
:title = > 'should set ssl_certificate_key' ,
:attr = > 'ssl_key' ,
:value = > 'test-ssl-cert-key' ,
:match = > ' ssl_certificate_key test-ssl-cert-key;' ,
} ,
] . each do | param |
context " when #{ param [ :attr ] } is #{ param [ :value ] } " do
let :default_params do {
:listen_port = > 25 ,
2015-01-13 17:30:00 +01:00
:ssl_port = > 587 ,
2013-11-22 04:10:53 +01:00
:ipv6_enable = > true ,
:ssl = > true ,
:ssl_cert = > 'dummy.crt' ,
:ssl_key = > 'dummy.key' ,
} end
let :params do default_params . merge ( { param [ :attr ] . to_sym = > param [ :value ] } ) end
2014-07-18 04:28:38 +02:00
it { is_expected . to contain_concat__fragment ( " #{ title } -ssl " ) }
2013-11-22 04:10:53 +01:00
it param [ :title ] do
2014-12-03 05:07:20 +01:00
lines = catalogue . resource ( 'concat::fragment' , " #{ title } -ssl " ) . send ( :parameters ) [ :content ] . split ( " \n " )
2014-07-18 04:28:38 +02:00
expect ( lines & Array ( param [ :match ] ) ) . to eq ( Array ( param [ :match ] ) )
2013-12-06 17:36:28 +01:00
Array ( param [ :notmatch ] ) . each do | item |
2014-07-18 04:28:38 +02:00
is_expected . to contain_concat__fragment ( " #{ title } -ssl " ) . without_content ( item )
2013-12-06 17:36:28 +01:00
end
2013-11-22 04:10:53 +01:00
end
end
end
end
context 'attribute resources' do
context " SSL cert missing and ssl => true " do
let :params do default_params . merge ( {
:ssl = > true ,
:ssl_key = > 'key' ,
} ) end
2014-07-18 04:28:38 +02:00
it { expect { is_expected . to contain_class ( 'nginx::resource::vhost' ) } . to raise_error ( Puppet :: Error , %r{ nginx: SSL certificate/key \ (ssl_cert/ssl_cert \ ) and/or SSL Private must be defined and exist on the target system \ (s \ ) } ) }
2013-11-22 04:10:53 +01:00
end
context " SSL key missing and ssl => true " do
let :params do default_params . merge ( {
:ssl = > true ,
:ssl_cert = > 'cert' ,
} ) end
2014-07-18 04:28:38 +02:00
it { expect { is_expected . to contain_class ( 'nginx::resource::vhost' ) } . to raise_error ( Puppet :: Error , %r{ nginx: SSL certificate/key \ (ssl_cert/ssl_cert \ ) and/or SSL Private must be defined and exist on the target system \ (s \ ) } ) }
2013-11-22 04:10:53 +01:00
end
context " SSL cert missing and starttls => 'on' " do
let :params do default_params . merge ( {
:starttls = > 'on' ,
:ssl_key = > 'key' ,
} ) end
2014-07-18 04:28:38 +02:00
it { expect { is_expected . to contain_class ( 'nginx::resource::vhost' ) } . to raise_error ( Puppet :: Error , %r{ nginx: SSL certificate/key \ (ssl_cert/ssl_cert \ ) and/or SSL Private must be defined and exist on the target system \ (s \ ) } ) }
2013-11-22 04:10:53 +01:00
end
context " SSL key missing and starttls => 'on' " do
let :params do default_params . merge ( {
:starttls = > 'on' ,
:ssl_cert = > 'cert' ,
} ) end
2014-07-18 04:28:38 +02:00
it { expect { is_expected . to contain_class ( 'nginx::resource::vhost' ) } . to raise_error ( Puppet :: Error , %r{ nginx: SSL certificate/key \ (ssl_cert/ssl_cert \ ) and/or SSL Private must be defined and exist on the target system \ (s \ ) } ) }
2013-11-22 04:10:53 +01:00
end
context " SSL cert missing and starttls => 'only' " do
let :params do default_params . merge ( {
:starttls = > 'only' ,
:ssl_key = > 'key' ,
} ) end
2014-07-18 04:28:38 +02:00
it { expect { is_expected . to contain_class ( 'nginx::resource::vhost' ) } . to raise_error ( Puppet :: Error , %r{ nginx: SSL certificate/key \ (ssl_cert/ssl_cert \ ) and/or SSL Private must be defined and exist on the target system \ (s \ ) } ) }
2013-11-22 04:10:53 +01:00
end
context " SSL key missing and starttls => 'only' " do
let :params do default_params . merge ( {
:starttls = > 'only' ,
:ssl_cert = > 'cert' ,
} ) end
2014-07-18 04:28:38 +02:00
it { expect { is_expected . to contain_class ( 'nginx::resource::vhost' ) } . to raise_error ( Puppet :: Error , %r{ nginx: SSL certificate/key \ (ssl_cert/ssl_cert \ ) and/or SSL Private must be defined and exist on the target system \ (s \ ) } ) }
2013-11-22 04:10:53 +01:00
end
context 'when listen_port != ssl_port' do
let :params do default_params . merge ( {
:listen_port = > 80 ,
:ssl_port = > 443 ,
} ) end
2014-07-18 04:28:38 +02:00
it { is_expected . to contain_concat__fragment ( " #{ title } -header " ) }
2013-11-22 04:10:53 +01:00
end
context 'when listen_port == ssl_port' do
let :params do default_params . merge ( {
:listen_port = > 80 ,
:ssl_port = > 80 ,
} ) end
2014-07-18 04:28:38 +02:00
it { is_expected . not_to contain_concat__fragment ( " #{ title } -header " ) }
2013-11-22 04:10:53 +01:00
end
context 'when ssl => true' do
let :params do default_params . merge ( {
:ensure = > 'absent' ,
:ssl = > true ,
:ssl_key = > 'dummy.key' ,
:ssl_cert = > 'dummy.cert' ,
} ) end
2014-07-18 04:28:38 +02:00
it { is_expected . to contain_concat__fragment ( " #{ title } -header " ) }
it { is_expected . to contain_concat__fragment ( " #{ title } -ssl " ) }
2013-11-22 04:10:53 +01:00
end
context 'when ssl => false' do
let :params do default_params . merge ( {
:ensure = > 'absent' ,
:ssl = > false ,
} ) end
2014-07-18 04:28:38 +02:00
it { is_expected . to contain_concat__fragment ( " #{ title } -header " ) }
it { is_expected . not_to contain_concat__fragment ( " #{ title } -ssl " ) }
2013-11-22 04:10:53 +01:00
end
end
end
end