cellinfo
/
ansible.nftables
2
0
Fork 0
Code Issues Pull Requests Releases Activity

Add Molecule tests for systemd unit

This commit is contained in:
Jeremy Gardais 2021-08-19 13:56:26 +02:00
parent 68c5d4e9f7
commit 4267dd455e
Signed by: jegardai
GPG Key ID: E759BAA22501AF32
2 changed files with 42 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
molecule/archlinux/verify.yml
View File

@ -26,7 +26,7 @@
that:
- p.stat.exists
- name: check for nftables.conf
- name: check for filter-input.nft
stat:
path: /etc/nftables.d/filter-input.nft
register: p
@ -53,6 +53,26 @@
- '"type filter hook input" in nft.stdout'
- '"type filter hook output" in nft.stdout'
- name: check for fail2ban systemd custom dir
stat:
path: /etc/systemd/system/fail2ban.service.d
register: f2b_systemd_dir
- name: check fail2ban systemd custom dir
assert:
that:
- f2b_systemd_dir.stat.exists and f2b_systemd_dir.stat.isdir
- name: check for fail2ban systemd override
stat:
path: /etc/systemd/system/fail2ban.service.d/override.conf
register: f2b_systemd_override
- name: check fail2ban systemd override
assert:
that:
- f2b_systemd_override.stat.exists
- name: service status - active
command: systemctl is-active nftables.service
register: status

22
molecule/default/verify.yml
View File

@ -26,7 +26,7 @@
that:
- p.stat.exists
- name: check for nftables.conf
- name: check for filter-input.nft
stat:
path: /etc/nftables.d/filter-input.nft
register: p
@ -53,6 +53,26 @@
- '"type filter hook input" in nft.stdout'
- '"type filter hook output" in nft.stdout'
- name: check for fail2ban systemd custom dir
stat:
path: /etc/systemd/system/fail2ban.service.d
register: f2b_systemd_dir
- name: check fail2ban systemd custom dir
assert:
that:
- f2b_systemd_dir.stat.exists and f2b_systemd_dir.stat.isdir
- name: check for fail2ban systemd override
stat:
path: /etc/systemd/system/fail2ban.service.d/override.conf
register: f2b_systemd_override
- name: check fail2ban systemd override
assert:
that:
- f2b_systemd_override.stat.exists
- name: service status - active
command: systemctl is-active nftables.service
register: status