From 4267dd455e7375bec04dce64dfd0786a4f0f063b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gardais=20J=C3=A9r=C3=A9my?= Date: Thu, 19 Aug 2021 13:56:26 +0200 Subject: [PATCH] Add Molecule tests for systemd unit --- molecule/archlinux/verify.yml | 22 +++++++++++++++++++++- molecule/default/verify.yml | 22 +++++++++++++++++++++- 2 files changed, 42 insertions(+), 2 deletions(-) diff --git a/molecule/archlinux/verify.yml b/molecule/archlinux/verify.yml index 3ac7ebe..8eb5316 100644 --- a/molecule/archlinux/verify.yml +++ b/molecule/archlinux/verify.yml @@ -26,7 +26,7 @@ that: - p.stat.exists - - name: check for nftables.conf + - name: check for filter-input.nft stat: path: /etc/nftables.d/filter-input.nft register: p @@ -53,6 +53,26 @@ - '"type filter hook input" in nft.stdout' - '"type filter hook output" in nft.stdout' + - name: check for fail2ban systemd custom dir + stat: + path: /etc/systemd/system/fail2ban.service.d + register: f2b_systemd_dir + + - name: check fail2ban systemd custom dir + assert: + that: + - f2b_systemd_dir.stat.exists and f2b_systemd_dir.stat.isdir + + - name: check for fail2ban systemd override + stat: + path: /etc/systemd/system/fail2ban.service.d/override.conf + register: f2b_systemd_override + + - name: check fail2ban systemd override + assert: + that: + - f2b_systemd_override.stat.exists + - name: service status - active command: systemctl is-active nftables.service register: status diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 3ac7ebe..8eb5316 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -26,7 +26,7 @@ that: - p.stat.exists - - name: check for nftables.conf + - name: check for filter-input.nft stat: path: /etc/nftables.d/filter-input.nft register: p @@ -53,6 +53,26 @@ - '"type filter hook input" in nft.stdout' - '"type filter hook output" in nft.stdout' + - name: check for fail2ban systemd custom dir + stat: + path: /etc/systemd/system/fail2ban.service.d + register: f2b_systemd_dir + + - name: check fail2ban systemd custom dir + assert: + that: + - f2b_systemd_dir.stat.exists and f2b_systemd_dir.stat.isdir + + - name: check for fail2ban systemd override + stat: + path: /etc/systemd/system/fail2ban.service.d/override.conf + register: f2b_systemd_override + + - name: check fail2ban systemd override + assert: + that: + - f2b_systemd_override.stat.exists + - name: service status - active command: systemctl is-active nftables.service register: status