Compare commits
2 Commits
3c7273eb62
...
0fe30b0479
| Author | SHA1 | Date | |
|---|---|---|---|
|
0fe30b0479 | ||
|
|
9088681e89 |
104
.github/workflows/test_set_1.yml
vendored
104
.github/workflows/test_set_1.yml
vendored
@ -17,7 +17,7 @@ jobs:
|
||||
if: github.repository_owner == 'hwdsl2'
|
||||
strategy:
|
||||
matrix:
|
||||
os_version: ["centos:8s", "centos:7", "rockylinux:8", "almalinux:8", "amazonlinux:2", "oraclelinux:8", "oraclelinux:7"]
|
||||
os_version: ["centos:9s", "centos:8s", "centos:7", "rockylinux:9", "rockylinux:8", "almalinux:9", "almalinux:8", "amazonlinux:2", "oraclelinux:9", "oraclelinux:8", "oraclelinux:7"]
|
||||
fail-fast: false
|
||||
env:
|
||||
OS_VERSION: ${{ matrix.os_version }}
|
||||
@ -51,7 +51,7 @@ jobs:
|
||||
}
|
||||
|
||||
restart_ipsec() {
|
||||
if grep -qs 'release 8' /etc/oracle-release; then
|
||||
if grep -qs -E 'release (8|9)' /etc/oracle-release; then
|
||||
sleep 3
|
||||
fi
|
||||
if ! command -v amazon-linux-extras; then
|
||||
@ -85,58 +85,75 @@ jobs:
|
||||
cd /opt/src
|
||||
yum -y -q update
|
||||
yum -y -q install wget rsyslog
|
||||
if grep -qs 'release 9' /etc/redhat-release; then
|
||||
if grep -qi rocky /etc/redhat-release \
|
||||
|| grep -qi alma /etc/redhat-release; then
|
||||
yum -y -q install diffutils
|
||||
fi
|
||||
fi
|
||||
systemctl start rsyslog
|
||||
|
||||
cp -f /opt/src/scripts/vpnsetup.sh .
|
||||
cp -f /opt/src/scripts/extras/quickstart.sh .
|
||||
cp -f /opt/src/scripts/extras/vpnuninstall.sh ./vpnunst.sh
|
||||
sed -i -e '/curl /a sed -i "/swan_ver_latest=/s/^/#/" "$tmpdir/vpn.sh"' \
|
||||
-e '/curl /a sed -i \x27/status=0/a sed -i "/swan_ver_latest=/s/^/#/" /opt/src/ikev2.sh\x27 "$tmpdir/vpn.sh"' \
|
||||
vpnsetup.sh quickstart.sh
|
||||
vpnsetup.sh
|
||||
|
||||
for vpnsc in vpnsetup.sh quickstart.sh; do
|
||||
sh "$vpnsc"
|
||||
sh vpnsetup.sh
|
||||
|
||||
systemctl restart xl2tpd
|
||||
restart_ipsec
|
||||
systemctl restart xl2tpd
|
||||
restart_ipsec
|
||||
if ! grep -qs 'release 9' /etc/oracle-release; then
|
||||
restart_fail2ban
|
||||
cat /var/log/fail2ban.log
|
||||
fi
|
||||
|
||||
netstat -anpu | grep pluto
|
||||
netstat -anpu | grep xl2tpd
|
||||
netstat -anpu | grep pluto
|
||||
netstat -anpu | grep xl2tpd
|
||||
if grep -qs 'release 9' /etc/redhat-release; then
|
||||
nft list ruleset
|
||||
nft list ruleset | grep -q '192\.168\.42\.0/24'
|
||||
nft list ruleset | grep -q '192\.168\.43\.0/24'
|
||||
else
|
||||
iptables -nvL
|
||||
iptables -nvL | grep -q 'ppp+'
|
||||
iptables -nvL | grep -q '192\.168\.43\.0/24'
|
||||
iptables -nvL -t nat
|
||||
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
|
||||
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
|
||||
grep pluto "$log1"
|
||||
grep xl2tpd "$log2"
|
||||
ipsec status
|
||||
ipsec status | grep -q l2tp-psk
|
||||
ipsec status | grep -q xauth-psk
|
||||
ipsec status | grep -q ikev2-cp
|
||||
fi
|
||||
grep pluto "$log1"
|
||||
grep xl2tpd "$log2"
|
||||
ipsec status
|
||||
ipsec status | grep -q l2tp-psk
|
||||
ipsec status | grep -q xauth-psk
|
||||
ipsec status | grep -q ikev2-cp
|
||||
|
||||
ls -ld /etc/ipsec.d/vpnclient.mobileconfig
|
||||
ls -ld /etc/ipsec.d/vpnclient.sswan
|
||||
ls -ld /etc/ipsec.d/vpnclient.p12
|
||||
ls -ld /etc/ipsec.d/vpnclient.mobileconfig
|
||||
ls -ld /etc/ipsec.d/vpnclient.sswan
|
||||
ls -ld /etc/ipsec.d/vpnclient.p12
|
||||
|
||||
ls -l /usr/bin/ikev2.sh
|
||||
ls -l /usr/bin/addvpnuser.sh
|
||||
ls -l /usr/bin/delvpnuser.sh
|
||||
ls -l /opt/src/ikev2.sh
|
||||
ls -l /opt/src/addvpnuser.sh
|
||||
ls -l /opt/src/delvpnuser.sh
|
||||
ls -l /usr/bin/ikev2.sh
|
||||
ls -l /usr/bin/addvpnuser.sh
|
||||
ls -l /usr/bin/delvpnuser.sh
|
||||
ls -l /opt/src/ikev2.sh
|
||||
ls -l /opt/src/addvpnuser.sh
|
||||
ls -l /opt/src/delvpnuser.sh
|
||||
|
||||
bash vpnunst.sh <<ANSWERS
|
||||
y
|
||||
ANSWERS
|
||||
rm -f /etc/ipsec.d/vpnclient*
|
||||
if grep -qi stream /etc/redhat-release \
|
||||
|| grep -qs 'release 8' /etc/oracle-release; then
|
||||
rm -f /etc/ipsec.d/vpnclient*
|
||||
if grep -qi stream /etc/redhat-release \
|
||||
|| grep -qs -E 'release (8|9)' /etc/oracle-release; then
|
||||
mkdir /etc/xl2tpd
|
||||
fi
|
||||
if grep -qs 'release 9' /etc/redhat-release; then
|
||||
if grep -qi rocky /etc/redhat-release \
|
||||
|| grep -qi alma /etc/redhat-release; then
|
||||
mkdir /etc/xl2tpd
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
if [ "$1" != "amazon" ]; then
|
||||
cp -f /opt/src/scripts/vpnsetup_centos.sh ./vpnsetup.sh
|
||||
@ -161,12 +178,18 @@ jobs:
|
||||
|
||||
netstat -anpu | grep pluto
|
||||
netstat -anpu | grep xl2tpd
|
||||
iptables -nvL
|
||||
iptables -nvL | grep -q 'ppp+'
|
||||
iptables -nvL | grep -q '192\.168\.43\.0/24'
|
||||
iptables -nvL -t nat
|
||||
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
|
||||
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
|
||||
if grep -qs 'release 9' /etc/redhat-release; then
|
||||
nft list ruleset
|
||||
nft list ruleset | grep -q '192\.168\.42\.0/24'
|
||||
nft list ruleset | grep -q '192\.168\.43\.0/24'
|
||||
else
|
||||
iptables -nvL
|
||||
iptables -nvL | grep -q 'ppp+'
|
||||
iptables -nvL | grep -q '192\.168\.43\.0/24'
|
||||
iptables -nvL -t nat
|
||||
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
|
||||
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
|
||||
fi
|
||||
ipsec status
|
||||
ipsec status | grep -q l2tp-psk
|
||||
ipsec status | grep -q xauth-psk
|
||||
@ -512,7 +535,9 @@ jobs:
|
||||
exit 0
|
||||
EOF
|
||||
|
||||
if [ "$OS_VERSION" = "centos:8s" ]; then
|
||||
if [ "$OS_VERSION" = "centos:9s" ]; then
|
||||
echo "FROM quay.io/centos/centos:stream9" > Dockerfile
|
||||
elif [ "$OS_VERSION" = "centos:8s" ]; then
|
||||
echo "FROM quay.io/centos/centos:stream8" > Dockerfile
|
||||
else
|
||||
echo "FROM $OS_VERSION" > Dockerfile
|
||||
@ -524,6 +549,13 @@ jobs:
|
||||
WORKDIR /opt/src
|
||||
|
||||
RUN if command -v amazon-linux-extras; then amazon-linux-extras install -y kernel-ng; fi
|
||||
EOF
|
||||
|
||||
if [ "$OS_VERSION" = "centos:9s" ]; then
|
||||
echo "RUN yum -y -q install systemd" >> Dockerfile
|
||||
fi
|
||||
|
||||
cat >> Dockerfile <<'EOF'
|
||||
|
||||
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ "$i" = \
|
||||
systemd-tmpfiles-setup.service ] || rm -f "$i"; done); \
|
||||
|
||||
81
.github/workflows/test_set_2.yml
vendored
81
.github/workflows/test_set_2.yml
vendored
@ -17,7 +17,7 @@ jobs:
|
||||
if: github.repository_owner == 'hwdsl2'
|
||||
strategy:
|
||||
matrix:
|
||||
os_version: ["ubuntu:22.04", "ubuntu:20.04", "ubuntu:18.04", "debian:11", "debian:10", "debian:9", "alpine:3.15", "alpine:3.16"]
|
||||
os_version: ["ubuntu:22.04", "ubuntu:20.04", "ubuntu:18.04", "debian:11", "debian:10", "alpine:3.15", "alpine:3.16"]
|
||||
fail-fast: false
|
||||
container:
|
||||
image: ${{ matrix.os_version }}
|
||||
@ -92,59 +92,56 @@ jobs:
|
||||
fi
|
||||
|
||||
cp -f "$GITHUB_WORKSPACE"/vpnsetup.sh .
|
||||
cp -f "$GITHUB_WORKSPACE"/extras/quickstart.sh .
|
||||
cp -f "$GITHUB_WORKSPACE"/extras/vpnuninstall.sh ./vpnunst.sh
|
||||
sed -i -e '/curl /a sed -i "/swan_ver_latest=/s/^/#/" "$tmpdir/vpn.sh"' \
|
||||
-e '/curl /a sed -i \x27/status=0/a sed -i "/swan_ver_latest=/s/^/#/" /opt/src/ikev2.sh\x27 "$tmpdir/vpn.sh"' \
|
||||
vpnsetup.sh quickstart.sh
|
||||
vpnsetup.sh
|
||||
|
||||
for vpnsc in vpnsetup.sh quickstart.sh; do
|
||||
sh "$vpnsc"
|
||||
sh vpnsetup.sh
|
||||
|
||||
if [ "$os_type" = "alpine" ]; then
|
||||
xl2tpd -c /etc/xl2tpd/xl2tpd.conf
|
||||
restart_ipsec
|
||||
else
|
||||
restart_ipsec
|
||||
restart_fail2ban
|
||||
cat /var/log/fail2ban.log
|
||||
fi
|
||||
if [ "$os_type" = "alpine" ]; then
|
||||
xl2tpd -c /etc/xl2tpd/xl2tpd.conf
|
||||
restart_ipsec
|
||||
else
|
||||
restart_ipsec
|
||||
restart_fail2ban
|
||||
cat /var/log/fail2ban.log
|
||||
fi
|
||||
|
||||
netstat -anpu | grep pluto
|
||||
netstat -anpu | grep xl2tpd
|
||||
iptables -nvL
|
||||
iptables -nvL | grep -q 'ppp+'
|
||||
iptables -nvL | grep -q '192\.168\.43\.0/24'
|
||||
iptables -nvL -t nat
|
||||
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
|
||||
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
|
||||
grep pluto "$log1"
|
||||
grep xl2tpd "$log2"
|
||||
ipsec status
|
||||
ipsec status | grep -q l2tp-psk
|
||||
ipsec status | grep -q xauth-psk
|
||||
ipsec status | grep -q ikev2-cp
|
||||
netstat -anpu | grep pluto
|
||||
netstat -anpu | grep xl2tpd
|
||||
iptables -nvL
|
||||
iptables -nvL | grep -q 'ppp+'
|
||||
iptables -nvL | grep -q '192\.168\.43\.0/24'
|
||||
iptables -nvL -t nat
|
||||
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
|
||||
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
|
||||
grep pluto "$log1"
|
||||
grep xl2tpd "$log2"
|
||||
ipsec status
|
||||
ipsec status | grep -q l2tp-psk
|
||||
ipsec status | grep -q xauth-psk
|
||||
ipsec status | grep -q ikev2-cp
|
||||
|
||||
ls -ld /etc/ipsec.d/vpnclient.mobileconfig
|
||||
ls -ld /etc/ipsec.d/vpnclient.sswan
|
||||
ls -ld /etc/ipsec.d/vpnclient.p12
|
||||
ls -ld /etc/ipsec.d/vpnclient.mobileconfig
|
||||
ls -ld /etc/ipsec.d/vpnclient.sswan
|
||||
ls -ld /etc/ipsec.d/vpnclient.p12
|
||||
|
||||
ls -l /usr/bin/ikev2.sh
|
||||
ls -l /usr/bin/addvpnuser.sh
|
||||
ls -l /usr/bin/delvpnuser.sh
|
||||
ls -l /opt/src/ikev2.sh
|
||||
ls -l /opt/src/addvpnuser.sh
|
||||
ls -l /opt/src/delvpnuser.sh
|
||||
ls -l /usr/bin/ikev2.sh
|
||||
ls -l /usr/bin/addvpnuser.sh
|
||||
ls -l /usr/bin/delvpnuser.sh
|
||||
ls -l /opt/src/ikev2.sh
|
||||
ls -l /opt/src/addvpnuser.sh
|
||||
ls -l /opt/src/delvpnuser.sh
|
||||
|
||||
bash vpnunst.sh <<ANSWERS
|
||||
y
|
||||
ANSWERS
|
||||
rm -f /etc/ipsec.d/vpnclient*
|
||||
if [ "$os_type" = "alpine" ]; then
|
||||
killall pluto || true
|
||||
killall xl2tpd || true
|
||||
fi
|
||||
done
|
||||
rm -f /etc/ipsec.d/vpnclient*
|
||||
if [ "$os_type" = "alpine" ]; then
|
||||
killall pluto || true
|
||||
killall xl2tpd || true
|
||||
fi
|
||||
|
||||
if [ "$os_type" = "alpine" ]; then
|
||||
cp -f "$GITHUB_WORKSPACE"/vpnsetup_alpine.sh ./vpnsetup.sh
|
||||
|
||||
Loading…
Reference in New Issue
Block a user