1
0
mirror of synced 2024-11-24 05:46:09 +03:00

Compare commits

...

2 Commits

Author SHA1 Message Date
hwdsl2
0fe30b0479 Update tests 2022-07-31 00:05:10 -05:00
hwdsl2
9088681e89 Update tests 2022-07-30 23:17:53 -05:00
2 changed files with 107 additions and 78 deletions

View File

@ -17,7 +17,7 @@ jobs:
if: github.repository_owner == 'hwdsl2'
strategy:
matrix:
os_version: ["centos:8s", "centos:7", "rockylinux:8", "almalinux:8", "amazonlinux:2", "oraclelinux:8", "oraclelinux:7"]
os_version: ["centos:9s", "centos:8s", "centos:7", "rockylinux:9", "rockylinux:8", "almalinux:9", "almalinux:8", "amazonlinux:2", "oraclelinux:9", "oraclelinux:8", "oraclelinux:7"]
fail-fast: false
env:
OS_VERSION: ${{ matrix.os_version }}
@ -51,7 +51,7 @@ jobs:
}
restart_ipsec() {
if grep -qs 'release 8' /etc/oracle-release; then
if grep -qs -E 'release (8|9)' /etc/oracle-release; then
sleep 3
fi
if ! command -v amazon-linux-extras; then
@ -85,58 +85,75 @@ jobs:
cd /opt/src
yum -y -q update
yum -y -q install wget rsyslog
if grep -qs 'release 9' /etc/redhat-release; then
if grep -qi rocky /etc/redhat-release \
|| grep -qi alma /etc/redhat-release; then
yum -y -q install diffutils
fi
fi
systemctl start rsyslog
cp -f /opt/src/scripts/vpnsetup.sh .
cp -f /opt/src/scripts/extras/quickstart.sh .
cp -f /opt/src/scripts/extras/vpnuninstall.sh ./vpnunst.sh
sed -i -e '/curl /a sed -i "/swan_ver_latest=/s/^/#/" "$tmpdir/vpn.sh"' \
-e '/curl /a sed -i \x27/status=0/a sed -i "/swan_ver_latest=/s/^/#/" /opt/src/ikev2.sh\x27 "$tmpdir/vpn.sh"' \
vpnsetup.sh quickstart.sh
vpnsetup.sh
for vpnsc in vpnsetup.sh quickstart.sh; do
sh "$vpnsc"
sh vpnsetup.sh
systemctl restart xl2tpd
restart_ipsec
systemctl restart xl2tpd
restart_ipsec
if ! grep -qs 'release 9' /etc/oracle-release; then
restart_fail2ban
cat /var/log/fail2ban.log
fi
netstat -anpu | grep pluto
netstat -anpu | grep xl2tpd
netstat -anpu | grep pluto
netstat -anpu | grep xl2tpd
if grep -qs 'release 9' /etc/redhat-release; then
nft list ruleset
nft list ruleset | grep -q '192\.168\.42\.0/24'
nft list ruleset | grep -q '192\.168\.43\.0/24'
else
iptables -nvL
iptables -nvL | grep -q 'ppp+'
iptables -nvL | grep -q '192\.168\.43\.0/24'
iptables -nvL -t nat
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
grep pluto "$log1"
grep xl2tpd "$log2"
ipsec status
ipsec status | grep -q l2tp-psk
ipsec status | grep -q xauth-psk
ipsec status | grep -q ikev2-cp
fi
grep pluto "$log1"
grep xl2tpd "$log2"
ipsec status
ipsec status | grep -q l2tp-psk
ipsec status | grep -q xauth-psk
ipsec status | grep -q ikev2-cp
ls -ld /etc/ipsec.d/vpnclient.mobileconfig
ls -ld /etc/ipsec.d/vpnclient.sswan
ls -ld /etc/ipsec.d/vpnclient.p12
ls -ld /etc/ipsec.d/vpnclient.mobileconfig
ls -ld /etc/ipsec.d/vpnclient.sswan
ls -ld /etc/ipsec.d/vpnclient.p12
ls -l /usr/bin/ikev2.sh
ls -l /usr/bin/addvpnuser.sh
ls -l /usr/bin/delvpnuser.sh
ls -l /opt/src/ikev2.sh
ls -l /opt/src/addvpnuser.sh
ls -l /opt/src/delvpnuser.sh
ls -l /usr/bin/ikev2.sh
ls -l /usr/bin/addvpnuser.sh
ls -l /usr/bin/delvpnuser.sh
ls -l /opt/src/ikev2.sh
ls -l /opt/src/addvpnuser.sh
ls -l /opt/src/delvpnuser.sh
bash vpnunst.sh <<ANSWERS
y
ANSWERS
rm -f /etc/ipsec.d/vpnclient*
if grep -qi stream /etc/redhat-release \
|| grep -qs 'release 8' /etc/oracle-release; then
rm -f /etc/ipsec.d/vpnclient*
if grep -qi stream /etc/redhat-release \
|| grep -qs -E 'release (8|9)' /etc/oracle-release; then
mkdir /etc/xl2tpd
fi
if grep -qs 'release 9' /etc/redhat-release; then
if grep -qi rocky /etc/redhat-release \
|| grep -qi alma /etc/redhat-release; then
mkdir /etc/xl2tpd
fi
done
fi
if [ "$1" != "amazon" ]; then
cp -f /opt/src/scripts/vpnsetup_centos.sh ./vpnsetup.sh
@ -161,12 +178,18 @@ jobs:
netstat -anpu | grep pluto
netstat -anpu | grep xl2tpd
iptables -nvL
iptables -nvL | grep -q 'ppp+'
iptables -nvL | grep -q '192\.168\.43\.0/24'
iptables -nvL -t nat
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
if grep -qs 'release 9' /etc/redhat-release; then
nft list ruleset
nft list ruleset | grep -q '192\.168\.42\.0/24'
nft list ruleset | grep -q '192\.168\.43\.0/24'
else
iptables -nvL
iptables -nvL | grep -q 'ppp+'
iptables -nvL | grep -q '192\.168\.43\.0/24'
iptables -nvL -t nat
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
fi
ipsec status
ipsec status | grep -q l2tp-psk
ipsec status | grep -q xauth-psk
@ -512,7 +535,9 @@ jobs:
exit 0
EOF
if [ "$OS_VERSION" = "centos:8s" ]; then
if [ "$OS_VERSION" = "centos:9s" ]; then
echo "FROM quay.io/centos/centos:stream9" > Dockerfile
elif [ "$OS_VERSION" = "centos:8s" ]; then
echo "FROM quay.io/centos/centos:stream8" > Dockerfile
else
echo "FROM $OS_VERSION" > Dockerfile
@ -524,6 +549,13 @@ jobs:
WORKDIR /opt/src
RUN if command -v amazon-linux-extras; then amazon-linux-extras install -y kernel-ng; fi
EOF
if [ "$OS_VERSION" = "centos:9s" ]; then
echo "RUN yum -y -q install systemd" >> Dockerfile
fi
cat >> Dockerfile <<'EOF'
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ "$i" = \
systemd-tmpfiles-setup.service ] || rm -f "$i"; done); \

View File

@ -17,7 +17,7 @@ jobs:
if: github.repository_owner == 'hwdsl2'
strategy:
matrix:
os_version: ["ubuntu:22.04", "ubuntu:20.04", "ubuntu:18.04", "debian:11", "debian:10", "debian:9", "alpine:3.15", "alpine:3.16"]
os_version: ["ubuntu:22.04", "ubuntu:20.04", "ubuntu:18.04", "debian:11", "debian:10", "alpine:3.15", "alpine:3.16"]
fail-fast: false
container:
image: ${{ matrix.os_version }}
@ -92,59 +92,56 @@ jobs:
fi
cp -f "$GITHUB_WORKSPACE"/vpnsetup.sh .
cp -f "$GITHUB_WORKSPACE"/extras/quickstart.sh .
cp -f "$GITHUB_WORKSPACE"/extras/vpnuninstall.sh ./vpnunst.sh
sed -i -e '/curl /a sed -i "/swan_ver_latest=/s/^/#/" "$tmpdir/vpn.sh"' \
-e '/curl /a sed -i \x27/status=0/a sed -i "/swan_ver_latest=/s/^/#/" /opt/src/ikev2.sh\x27 "$tmpdir/vpn.sh"' \
vpnsetup.sh quickstart.sh
vpnsetup.sh
for vpnsc in vpnsetup.sh quickstart.sh; do
sh "$vpnsc"
sh vpnsetup.sh
if [ "$os_type" = "alpine" ]; then
xl2tpd -c /etc/xl2tpd/xl2tpd.conf
restart_ipsec
else
restart_ipsec
restart_fail2ban
cat /var/log/fail2ban.log
fi
if [ "$os_type" = "alpine" ]; then
xl2tpd -c /etc/xl2tpd/xl2tpd.conf
restart_ipsec
else
restart_ipsec
restart_fail2ban
cat /var/log/fail2ban.log
fi
netstat -anpu | grep pluto
netstat -anpu | grep xl2tpd
iptables -nvL
iptables -nvL | grep -q 'ppp+'
iptables -nvL | grep -q '192\.168\.43\.0/24'
iptables -nvL -t nat
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
grep pluto "$log1"
grep xl2tpd "$log2"
ipsec status
ipsec status | grep -q l2tp-psk
ipsec status | grep -q xauth-psk
ipsec status | grep -q ikev2-cp
netstat -anpu | grep pluto
netstat -anpu | grep xl2tpd
iptables -nvL
iptables -nvL | grep -q 'ppp+'
iptables -nvL | grep -q '192\.168\.43\.0/24'
iptables -nvL -t nat
iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
grep pluto "$log1"
grep xl2tpd "$log2"
ipsec status
ipsec status | grep -q l2tp-psk
ipsec status | grep -q xauth-psk
ipsec status | grep -q ikev2-cp
ls -ld /etc/ipsec.d/vpnclient.mobileconfig
ls -ld /etc/ipsec.d/vpnclient.sswan
ls -ld /etc/ipsec.d/vpnclient.p12
ls -ld /etc/ipsec.d/vpnclient.mobileconfig
ls -ld /etc/ipsec.d/vpnclient.sswan
ls -ld /etc/ipsec.d/vpnclient.p12
ls -l /usr/bin/ikev2.sh
ls -l /usr/bin/addvpnuser.sh
ls -l /usr/bin/delvpnuser.sh
ls -l /opt/src/ikev2.sh
ls -l /opt/src/addvpnuser.sh
ls -l /opt/src/delvpnuser.sh
ls -l /usr/bin/ikev2.sh
ls -l /usr/bin/addvpnuser.sh
ls -l /usr/bin/delvpnuser.sh
ls -l /opt/src/ikev2.sh
ls -l /opt/src/addvpnuser.sh
ls -l /opt/src/delvpnuser.sh
bash vpnunst.sh <<ANSWERS
y
ANSWERS
rm -f /etc/ipsec.d/vpnclient*
if [ "$os_type" = "alpine" ]; then
killall pluto || true
killall xl2tpd || true
fi
done
rm -f /etc/ipsec.d/vpnclient*
if [ "$os_type" = "alpine" ]; then
killall pluto || true
killall xl2tpd || true
fi
if [ "$os_type" = "alpine" ]; then
cp -f "$GITHUB_WORKSPACE"/vpnsetup_alpine.sh ./vpnsetup.sh