diff options
| -rw-r--r-- | .gitattributes | 2 | ||||
| -rw-r--r-- | .github/workflows/ci.yml | 12 | ||||
| -rwxr-xr-x | test/test.sh | 155 |
3 files changed, 169 insertions, 0 deletions
diff --git a/.gitattributes b/.gitattributes index 176a458..d76765e 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1 +1,3 @@ * text=auto + +*.sh text eol=lf diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f3b46fe..f39c07f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,7 +6,19 @@ on: workflow_dispatch: jobs: + test: + runs-on: ubuntu-latest + name: Test + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Install dependencies + run: sudo apt install -y wireguard-tools + - name: Test + run: sudo ./test/test.sh + publish_docker: + needs: [test] runs-on: ubuntu-latest name: 'Publish / Docker Hub' if: github.event_name == 'push' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')) diff --git a/test/test.sh b/test/test.sh new file mode 100755 index 0000000..f7509ca --- /dev/null +++ b/test/test.sh @@ -0,0 +1,155 @@ +#!/usr/bin/env bash + +set -o errexit -o nounset -o pipefail +shopt -s inherit_errexit lastpipe + +script_dir="$( dirname -- "${BASH_SOURCE[0]}" )" +script_dir="$( cd -- "$script_dir" && pwd )" +readonly script_dir + +base_dir="$( mktemp -d )" +readonly base_dir + +readonly subnet_base=192.168.166 +ip_counter=1 +port_counter=561 + +add_device() { + local name + for name; do + local dir + dir="$base_dir/devices/$name" + mkdir -p -- "$dir" + + local ip + ip="$subnet_base.$ip_counter" + ip_counter=$((ip_counter + 1)) + echo "$ip" > "$dir/ip" + + local port + port="$port_counter" + port_counter=$((port_counter + 1)) + echo "$port" > "$dir/port" + + wg genkey | tee "$dir/private" | wg pubkey > "$dir/public" + ip link add dev "$name" type wireguard + ip addr add "$ip/24" dev "$name" + wg set "$name" private-key "$dir/private" + wg set "$name" listen-port "$port" + done +} + +connect_devices() { + if [ "$#" -ne 2 ]; then + echo "usage: ${FUNCNAME[0]} DEV1 DEV2" >&2 + return 1 + fi + + local dev1="$1" + local dev2="$2" + + local dev1_dir + dev1_dir="$base_dir/devices/$dev1" + local dev2_dir + dev2_dir="$base_dir/devices/$dev2" + + local pubkey1 + pubkey1="$( cat -- "$dev1_dir/public" )" + local port + port="$( cat -- "$dev1_dir/port" )" + local pubkey2 + pubkey2="$( cat -- "$dev2_dir/public" )" + local ip + ip="$( cat -- "$dev2_dir/ip" )" + + wg set "$dev1" peer "$pubkey2" allowed-ips "$ip/32" + wg set "$dev2" peer "$pubkey1" allowed-ips "$subnet_base.0/24" endpoint "127.0.0.1:$port" persistent-keepalive 25 +} + +up_device() { + local name + for name; do + ip link set "$name" up + done +} + +show_device() { + local name + for name; do + echo ------------------------------------------------------------------ + echo "Device: $name" + echo ------------------------------------------------------------------ + wg show "$name" + echo + done +} + +add_devices() { + add_device peer1 + add_device peer2 + add_device peer3 + connect_devices peer1 peer2 + connect_devices peer1 peer3 + up_device peer1 peer2 peer3 + sleep 2 + show_device peer1 peer2 peer3 +} + +build_services() { + echo ------------------------------------------------------------------ + echo Building + echo ------------------------------------------------------------------ + + docker-compose pull api + docker-compose build --force-rm --pull web + WG_IFACE=peer1 docker-compose up -d +} + +run_curl() { + curl -sS -D - --connect-timeout 3 http://192.168.177.1:1234/ "$@" +} + +run_curl_api() { + run_curl -H 'Content-Type: application/json' "$@" +} + +call_api_method() { + local method + for method; do + run_curl_api -d '{"jsonrpc": "2.0", "method": "'"$method"'", "params": {}}' + done +} + +check_api() { + call_api_method ListPeers + call_api_method GetDeviceInfo +} + +cleanup() { + echo ------------------------------------------------------------------ + echo Cleaning up + echo ------------------------------------------------------------------ + + local name + find "$base_dir/devices" -mindepth 1 -maxdepth 1 -type d -printf '%P\0' \ + | while IFS= read -d '' -r name; do + echo "Removing interface: $name" + ip link delete "$name" type wireguard || true + done + + echo "Removing $base_dir" + rm -rf -- "$base_dir" + + echo "Brining down containers..." + docker-compose down -v --remove-orphans +} + +main() { + cd -- "$script_dir/.." + trap cleanup EXIT + add_devices + build_services + check_api +} + +main |