feat: initial commit

molecule/default/molecule.yml

@@ -0,0 +1,44 @@
+---
+driver:
+  name: vagrant
+  provider:
+    name: virtualbox
+lint: |
+  yamllint --config-file .yamllint .
+  ansible-lint . 
+platforms:
+  - name: buster
+    box: debian/buster64
+    interfaces:
+      - auto_config: true
+        network_name: private_network
+        ip: "192.168.50.4"
+    instance_raw_config_args:
+      - "vm.network 'forwarded_port', guest: 8080, host: 8080"
+      - "vm.network 'forwarded_port', guest: 8000, host: 80"
+      - "vm.network 'forwarded_port', guest: 8443, host: 443"
+      - "vm.network 'forwarded_port', guest: 3000, host: 3000"
+      - "vm.network 'forwarded_port', guest: 9091, host: 9091"
+    groups:
+      - all 
+      - molecule
+      - middleware
+      - gitea
+provisioner:
+  name: ansible
+  lint: ansible-lint
+  env:
+    ANSIBLE_ROLES_PATH: ${PWD}/roles:${PWD}/roles-dependencies
+  playbooks:
+    converge: ../../site.yml
+  inventory:
+    links:
+      group_vars: ../../inventories/molecule/group_vars
+scenario:
+  name: default
+verifier:
+  name: testinfra
+  options:
+    junit-xml: report.xml
+    o: "junit_family=legacy"
+

molecule/default/prepare.yml

@@ -0,0 +1,41 @@
+---
+- name: Prepare
+  hosts: all
+  become: true
+  gather_facts: false
+  tasks:
+    - name: Install Python3 for Ansible
+      raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3-minimal sudo)
+      changed_when: false
+
+- name: Install Mkcert
+  hosts: all
+  become: true
+  gather_facts: false
+  tasks:
+    - name: install curl
+      apt:
+        name: curl
+        state: present
+        update_cache: yes
+    - name: install libnss3-tools
+      apt:
+        name: libnss3-tools
+        state: present
+        update_cache: yes
+    - name: download and install mkcert
+      get_url:
+        url: https://github.com/FiloSottile/mkcert/releases/download/v1.4.1/mkcert-v1.4.1-linux-amd64
+        dest: /usr/local/bin/mkcert
+        mode: 0755
+    - name: install the local CA in the system trust store
+      shell: mkcert -install
+    - name: create certs directory
+      file:
+        path: /certs
+        state: directory
+        mode: 0755
+    - name: generate certificates
+      shell: mkcert -cert-file local-cert.pem -key-file local-key.pem "docker.localhost" "*.docker.localhost" "*.192.168.50.4"
+      args:
+        chdir: /certs

molecule/default/tests/test_docker.py

@@ -0,0 +1,16 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('middleware')
+
+
+def test_docker_package(host):
+
+    assert host.package("docker-ce").is_installed
+
+
+def test_docker_service(host):
+    assert host.service('docker').is_running
+    assert host.service('docker').is_enabled

molecule/default/tests/test_gitea.py

@@ -0,0 +1,23 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('gitea')
+
+
+def test_gitea_service(host):
+    assert host.service('gitea').is_running
+    assert host.service('gitea').is_enabled
+
+
+def test_gitea_with_https(host):
+    cmd = host.run("curl -I -k -H Host:git.localhost https://127.0.0.1")
+    assert cmd.rc == 0
+    assert "HTTP/2 200" in cmd.stdout
+
+
+def test_gitea_redirection_with_http(host):
+    cmd = host.run("curl -I -H Host:git.localhost http://127.0.0.1")
+    assert cmd.rc == 0
+    assert "HTTP/1.1 307 Temporary Redirect" in cmd.stdout

molecule/default/tests/test_traefik.py

@@ -0,0 +1,11 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('middleware')
+
+
+def test_traefik_service(host):
+    assert host.service('traefik').is_running
+    assert host.service('traefik').is_enabled