diff options
Diffstat (limited to '')
-rw-r--r-- | distro/tests/knot-resolver-test.yaml | 148 |
1 files changed, 148 insertions, 0 deletions
diff --git a/distro/tests/knot-resolver-test.yaml b/distro/tests/knot-resolver-test.yaml new file mode 100644 index 0000000..33d07aa --- /dev/null +++ b/distro/tests/knot-resolver-test.yaml @@ -0,0 +1,148 @@ +--- +- hosts: all + + remote_user: root + become: true + + vars: + dig_package: + Debian: dnsutils + Ubuntu: dnsutils + Fedora: bind-utils + CentOS: bind-utils + openSUSE Leap: bind-utils + openSUSE Tumbleweed: bind-utils + Archlinux: bind-tools + configure_obs_repo: + Fedora: | + dnf config-manager --add-repo https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/Fedora_{{ ansible_distribution_major_version }}/home:CZ-NIC:{{ item }}.repo + CentOS: | + yum install -y wget && + wget -i wget https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/CentOS_7_EPEL/home:CZ-NIC:{{ item }}.repo -O /etc/yum.repos.d/home:CZ-NIC:{{ item }}.repo + Debian: | + echo 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/Debian_9.0/ /' > /etc/apt/sources.list.d/{{ item }}.list && + wget -nv https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/Debian_9.0/Release.key -O Release.key && + apt-key add - < Release.key && + apt-get update + Ubuntu: | + echo 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/xUbuntu_{{ ansible_distribution_version }}/ /' > /etc/apt/sources.list.d/{{ item }}.list && + wget -nv https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/xUbuntu_{{ ansible_distribution_version }}/Release.key -O Release.key && + apt-key add - < Release.key && + apt-get update + openSUSE Tumbleweed: | + zypper addrepo https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/openSUSE_Tumbleweed/home:CZ-NIC:{{ item }}.repo && + zypper --gpg-auto-import-keys refresh + openSUSE Leap: | + zypper addrepo https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/openSUSE_Leap_15.0/home:CZ-NIC:{{ item }}.repo && + zypper --gpg-auto-import-keys refresh + show_package_version: + Archlinux: + pacman -Qi knot-resolver | grep '^Version' + Fedora: &pkg_version_rpm | + rpm -qi knot-resolver | grep '^Version' + CentOS: *pkg_version_rpm + openSUSE Leap: *pkg_version_rpm + openSUSE Tumbleweed: *pkg_version_rpm + Debian: + dpkg -s knot-resolver | grep '^Version' + Ubuntu: | + dpkg -s knot-resolver | grep '^Version' + vars_files: + - repos.yaml + + gather_facts: false + pre_tasks: + - name: install python3 (Arch) + raw: | + (pacman-key --init && pacman-key --populate archlinux && \ + pacman -Sy python3 --noconfirm) || : + ignore_errors: true + - name: gather facts + setup: + + tasks: + - name: install epel + package: + name: epel-release + state: present + when: ansible_distribution == 'CentOS' + + - name: configure OBS repository + shell: "{{ configure_obs_repo[ansible_distribution] }}" + args: + warn: false + with_items: "{{ repos }}" + when: ansible_distribution_file_variety != 'Archlinux' + + - block: + - name: configure OBS repository (Arch) + blockinfile: + block: | + [home_CZ-NIC_{{ item }}_Arch] + SigLevel = Never + Server = https://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/Arch/$arch + insertbefore: '^\[core\]' + path: /etc/pacman.conf + state: present + with_items: "{{ repos }}" + - name: set up package mirrors + copy: + content: | + ## Arch Linux repository mirrorlist + ## Generated on 2018-12-10 + ## Czechia + Server = http://mirrors.nic.cz/archlinux/$repo/os/$arch + Server = http://ftp.fi.muni.cz/pub/linux/arch/$repo/os/$arch + Server = http://ftp.sh.cvut.cz/arch/$repo/os/$arch + Server = http://gluttony.sin.cvut.cz/arch/$repo/os/$arch + dest: /etc/pacman.d/mirrorlist + - name: sync repos (Arch) + shell: pacman -Syu --noconfirm + args: + warn: false + when: ansible_distribution_file_variety == 'Archlinux' + + - name: install knot-resolver + package: + name: knot-resolver + state: latest + + - name: get installed package version + shell: "{{ show_package_version[ansible_distribution] }}" + args: + warn: false + register: package_version + + - name: install dig + package: + name: "{{ dig_package[ansible_distribution] }}" + state: present + + - name: testing block + block: + - name: start kresd@1.service + service: + name: kresd@1.service + state: restarted + + - name: resolve nic.cz + shell: dig @127.0.0.1 nic.cz + register: res + failed_when: '"status: NOERROR" not in res.stdout' + + - name: test dnssec is turned on + block: + - name: test dnssec-failed.org +cd returns NOERROR + shell: dig +cd @127.0.0.1 dnssec-failed.org + register: res + failed_when: '"status: NOERROR" not in res.stdout' + + - name: test dnssec-failed.org returns SERVFAIL + shell: dig @127.0.0.1 dnssec-failed.org + register: res + failed_when: '"status: SERVFAIL" not in res.stdout' + + always: + - name: show installed version + debug: + var: package_version.stdout |