certbot/certbot-apache/tests/apache-conf-files/apache-conf-test

#!/bin/bash

# A hackish script to see if the client is behaving as expected 
# with each of the "passing" conf files.

if [ -z "$SERVER" ]; then
    echo "Please set SERVER to the ACME server's directory URL."
    exit 1
fi

export EA=/etc/apache2/ 
TESTDIR="`dirname $0`"
cd $TESTDIR/passing

function CleanupExit() {
    echo control c, exiting tests...
    if [ "$f" != "" ] ; then
        Cleanup
    fi
    exit 1
}

function Setup() {
    if [ "$APPEND_APACHECONF" = "" ] ; then
        sudo cp "$f" "$EA"/sites-available/
        sudo ln -sf "$EA/sites-available/$f" "$EA/sites-enabled/$f"
        echo "
<VirtualHost *:80>
    ServerName example.com
    DocumentRoot /tmp/
    ErrorLog /tmp/error.log
    CustomLog /tmp/requests.log combined
</VirtualHost>" | sudo tee $EA/sites-available/throwaway-example.conf >/dev/null
        sudo ln -sf $EA/sites-available/throwaway-example.conf $EA/sites-enabled/throwaway-example.conf
    else
        TMP="/tmp/`basename \"$APPEND_APACHECONF\"`.$$"
        sudo cp -a "$APPEND_APACHECONF" "$TMP"
        sudo bash -c "cat \"$f\" >> \"$APPEND_APACHECONF\""
    fi
}

function Cleanup() {
    if [ "$APPEND_APACHECONF" = "" ] ; then
        sudo rm /etc/apache2/sites-{enabled,available}/"$f"
        sudo rm $EA/sites-available/throwaway-example.conf
        sudo rm $EA/sites-enabled/throwaway-example.conf
    else
        sudo mv "$TMP" "$APPEND_APACHECONF"
    fi
}

# if our environment asks us to enable modules, do our best!
if [ "$1" = --debian-modules ] ; then
    sudo apt-get install -y apache2
    sudo apt-get install -y libapache2-mod-wsgi-py3
    sudo apt-get install -y libapache2-mod-macro

    for mod in  ssl rewrite macro wsgi deflate userdir version mime setenvif ; do
        echo -n enabling $mod
        sudo a2enmod $mod
    done
fi

CERTBOT_CMD="sudo $(command -v certbot) --server $SERVER -vvvv"
CERTBOT_CMD="$CERTBOT_CMD --debug --apache --register-unsafely-without-email"
CERTBOT_CMD="$CERTBOT_CMD --agree-tos certonly -t --no-verify-ssl"

FAILS=0
trap CleanupExit INT
for f in *.conf ; do 
    echo -n  testing "$f"...
    Setup
    RESULT=`echo c | $CERTBOT_CMD 2>&1`
    if echo $RESULT | grep -Eq \("Which names would you like"\|"mod_macro is not yet"\) ; then
        echo passed
    else
        echo failed
        echo $RESULT
        echo
        echo
        FAILS=`expr $FAILS + 1`
    fi
    Cleanup
done
if [ "$FAILS" -ne 0 ] ; then
    exit 1
fi
exit 0
This is a hackish script to run all of these "tests". 2015-12-11 15:18:41 -05:00			`#!/bin/bash`

			`# A hackish script to see if the client is behaving as expected`
			`# with each of the "passing" conf files.`

Stop using staging in apacheconftests (#6647) Fixes #6585. I wrote up three suggestions for fixing this at https://github.com/certbot/certbot/issues/6585#issuecomment-448054502. I took the middle approach of requiring the user to provide an ACME server to use. I like this better than the other approaches which were: > Resolve #5938 instead of this issue. There is value in these tests as is over the compatibility tests in that they don't use Docker and run on different OSes. > Spin up a local Python server to return the directory object. Trying to set up a dummy ACME server seemed hacky and error prone. Other notes about this PR are: * I put the Pebble setup in `tox.ini` rather than `.travis.yml` as this seems much cleaner and more natural. * I created a new `tox` environment called `apacheconftest-with-pebble` that reuses the code from `testenv:apacheconftest` so `apacheconftest` can continue to be used with servers other than Pebble like is done in our test farm tests. * I chose the environment variable `SERVER` for consistency with our integration tests. I chose to not give this environment variable a default but to fail fast when it is not set. * I ran test farm tests on this PR and they passed. 2019-01-09 15:37:45 -05:00			`if [ -z "$SERVER" ]; then`
			`echo "Please set SERVER to the ACME server's directory URL."`
			`exit 1`
			`fi`

This is a hackish script to run all of these "tests". 2015-12-11 15:18:41 -05:00			`export EA=/etc/apache2/`
			TESTDIR="`dirname $0`"
			`cd $TESTDIR/passing`

			`function CleanupExit() {`
			`echo control c, exiting tests...`
			`if [ "$f" != "" ] ; then`
Prep for testfarming. 2015-12-16 22:41:35 -05:00			`Cleanup`
This is a hackish script to run all of these "tests". 2015-12-11 15:18:41 -05:00			`fi`
			`exit 1`
			`}`

Neaten things with a Setup() function 2015-12-16 22:51:45 -05:00			`function Setup() {`
			`if [ "$APPEND_APACHECONF" = "" ] ; then`
			`sudo cp "$f" "$EA"/sites-available/`
			`sudo ln -sf "$EA/sites-available/$f" "$EA/sites-enabled/$f"`
Fix `sudo echo`... 2016-04-10 14:52:38 -04:00			`echo "`
Make sure there's always a domain name to prompt a question 2015-12-16 23:04:27 -05:00			`<VirtualHost *:80>`
			`ServerName example.com`
			`DocumentRoot /tmp/`
			`ErrorLog /tmp/error.log`
			`CustomLog /tmp/requests.log combined`
Fix `sudo echo`... 2016-04-10 14:52:38 -04:00			`</VirtualHost>" \| sudo tee $EA/sites-available/throwaway-example.conf >/dev/null`
Do not parse disabled configuration files from under sites-available on Debian / Ubuntu (#4104) This changes the apache plugin behaviour to only parse enabled configuration files and respecting the --apache-vhost-root CLI parameter for new SSL vhost creation. If --apache-vhost-root isn't defined, or doesn't exist, the SSL vhost will be created to originating non-SSL vhost directory. This PR also implements actual check for vhost enabled state, and makes sure parser.parse_file() does not discard changes in Augeas DOM, by doing an autosave. Also handles enabling the new SSL vhost, if it's on a path that's not parsed by Apache. Fixes: #1328 Fixes: #3545 Fixes: #3791 Fixes: #4523 Fixes: #4837 Fixes: #4905 * First changes * Handle rest of the errors * Test fixes * Final fixes * Make parse_files accessible and fix linter problems * Activate vhost at later time * Cleanup * Add a new test case, and fix old * Enable site later in deploy_cert * Make apache-conf-test default dummy configuration enabled * Remove is_sites_available as obsolete * Cleanup * Brought back conditional vhost_path parsing * Parenthesis * Fix merge leftovers * Fix to work with the recent changes to new file creation * Added fix and tests for non-symlink vhost in sites-enabled * Made vhostroot parameter for ApacheParser optional, and removed extra_path * Respect vhost-root, and add Include statements to root configuration if needed * Fixed site enabling order to prevent apache restart error while enabling mod_ssl * Don't exclude Ubuntu / Debian vhost-root cli argument * Changed the SSL vhost directory selection priority * Requested fixes for paths and vhost discovery * Make sure the Augeas DOM is written to disk before loading new files * Actual checking for if the file is parsed within existing Apache configuration * Fix the order of dummy SSL directives addition and enabling modules * Restructured site_enabled checks * Enabling vhost correctly for non-debian systems 2017-09-25 15:03:09 -04:00			`sudo ln -sf $EA/sites-available/throwaway-example.conf $EA/sites-enabled/throwaway-example.conf`
Neaten things with a Setup() function 2015-12-16 22:51:45 -05:00			`else`
			TMP="/tmp/`basename \"$APPEND_APACHECONF\"`.$$"
			`sudo cp -a "$APPEND_APACHECONF" "$TMP"`
			`sudo bash -c "cat \"$f\" >> \"$APPEND_APACHECONF\""`
			`fi`
			`}`

Prep for testfarming. 2015-12-16 22:41:35 -05:00			`function Cleanup() {`
			`if [ "$APPEND_APACHECONF" = "" ] ; then`
			`sudo rm /etc/apache2/sites-{enabled,available}/"$f"`
Make sure there's always a domain name to prompt a question 2015-12-16 23:04:27 -05:00			`sudo rm $EA/sites-available/throwaway-example.conf`
Do not parse disabled configuration files from under sites-available on Debian / Ubuntu (#4104) This changes the apache plugin behaviour to only parse enabled configuration files and respecting the --apache-vhost-root CLI parameter for new SSL vhost creation. If --apache-vhost-root isn't defined, or doesn't exist, the SSL vhost will be created to originating non-SSL vhost directory. This PR also implements actual check for vhost enabled state, and makes sure parser.parse_file() does not discard changes in Augeas DOM, by doing an autosave. Also handles enabling the new SSL vhost, if it's on a path that's not parsed by Apache. Fixes: #1328 Fixes: #3545 Fixes: #3791 Fixes: #4523 Fixes: #4837 Fixes: #4905 * First changes * Handle rest of the errors * Test fixes * Final fixes * Make parse_files accessible and fix linter problems * Activate vhost at later time * Cleanup * Add a new test case, and fix old * Enable site later in deploy_cert * Make apache-conf-test default dummy configuration enabled * Remove is_sites_available as obsolete * Cleanup * Brought back conditional vhost_path parsing * Parenthesis * Fix merge leftovers * Fix to work with the recent changes to new file creation * Added fix and tests for non-symlink vhost in sites-enabled * Made vhostroot parameter for ApacheParser optional, and removed extra_path * Respect vhost-root, and add Include statements to root configuration if needed * Fixed site enabling order to prevent apache restart error while enabling mod_ssl * Don't exclude Ubuntu / Debian vhost-root cli argument * Changed the SSL vhost directory selection priority * Requested fixes for paths and vhost discovery * Make sure the Augeas DOM is written to disk before loading new files * Actual checking for if the file is parsed within existing Apache configuration * Fix the order of dummy SSL directives addition and enabling modules * Restructured site_enabled checks * Enabling vhost correctly for non-debian systems 2017-09-25 15:03:09 -04:00			`sudo rm $EA/sites-enabled/throwaway-example.conf`
Prep for testfarming. 2015-12-16 22:41:35 -05:00			`else`
			`sudo mv "$TMP" "$APPEND_APACHECONF"`
			`fi`
			`}`

Install Apache modules in travis 2015-12-18 11:48:49 -05:00			`# if our environment asks us to enable modules, do our best!`
			`if [ "$1" = --debian-modules ] ; then`
Add Python 3.7 tests (#6179) * Remove apacheconftest packages. The apacheconftests handle installing Apache dependencies, so let's remove it from the general case. * We don't need to run dpkg -s in before_install. * Remove augeas sources. We only needed it for Ubuntu Precise which is dead and it doesn't work in Ubuntu Xenial. * Upgrade Python 3.6 tests to 3.7. Let's continue the approach of testing on the oldest and newest versions of Python 3. We will continue testing on Python 3.6 in the nightly tests. * Revert "We don't need to run dpkg -s in before_install." This reverts commit e5d35099a79985ee97a26931e08451620d711522. * let apacheconftest handle deps 2018-07-06 12:08:40 -04:00			`sudo apt-get install -y apache2`
Add Ubuntu 20.10 test farm tests (#8414) Fixes https://github.com/certbot/certbot/issues/8400. I had to switch the package installed in `apacheconftest` to `libapache2-mod-wsgi-py3` because Ubuntu 20.10 removed the Python 2 version of this module. I didn't add this AMI to `tests/letstest/auto_targets.yaml` because like Ubuntu 20.04, `certbot-auto` has never worked on the OS. * Add Ubuntu 20.20 test farm tests * Try Python 3 WSGI 2020-10-28 18:08:16 -04:00			`sudo apt-get install -y libapache2-mod-wsgi-py3`
Split module installation into substeps - This may prevent failures if one thing is uninstallable 2015-12-23 13:45:08 -05:00			`sudo apt-get install -y libapache2-mod-macro`
Install Apache modules in travis 2015-12-18 11:48:49 -05:00
Setenvif may be required for conf tests on ubuntu 12.04? 2016-01-07 11:57:13 -05:00			`for mod in ssl rewrite macro wsgi deflate userdir version mime setenvif ; do`
Verbosity 2016-01-07 11:59:53 -05:00			`echo -n enabling $mod`
Install Apache modules in travis 2015-12-18 11:48:49 -05:00			`sudo a2enmod $mod`
			`done`
			`fi`

Stop using staging in apacheconftests (#6647) Fixes #6585. I wrote up three suggestions for fixing this at https://github.com/certbot/certbot/issues/6585#issuecomment-448054502. I took the middle approach of requiring the user to provide an ACME server to use. I like this better than the other approaches which were: > Resolve #5938 instead of this issue. There is value in these tests as is over the compatibility tests in that they don't use Docker and run on different OSes. > Spin up a local Python server to return the directory object. Trying to set up a dummy ACME server seemed hacky and error prone. Other notes about this PR are: * I put the Pebble setup in `tox.ini` rather than `.travis.yml` as this seems much cleaner and more natural. * I created a new `tox` environment called `apacheconftest-with-pebble` that reuses the code from `testenv:apacheconftest` so `apacheconftest` can continue to be used with servers other than Pebble like is done in our test farm tests. * I chose the environment variable `SERVER` for consistency with our integration tests. I chose to not give this environment variable a default but to fail fast when it is not set. * I ran test farm tests on this PR and they passed. 2019-01-09 15:37:45 -05:00			`CERTBOT_CMD="sudo $(command -v certbot) --server $SERVER -vvvv"`
			`CERTBOT_CMD="$CERTBOT_CMD --debug --apache --register-unsafely-without-email"`
			`CERTBOT_CMD="$CERTBOT_CMD --agree-tos certonly -t --no-verify-ssl"`
Install Apache modules in travis 2015-12-18 11:48:49 -05:00
Automate testing with the apache-conf-library 2015-12-16 19:43:24 -05:00			`FAILS=0`
This is a hackish script to run all of these "tests". 2015-12-11 15:18:41 -05:00			`trap CleanupExit INT`
			`for f in *.conf ; do`
Automate testing with the apache-conf-library 2015-12-16 19:43:24 -05:00			`echo -n testing "$f"...`
Neaten things with a Setup() function 2015-12-16 22:51:45 -05:00			`Setup`
Stop using staging in apacheconftests (#6647) Fixes #6585. I wrote up three suggestions for fixing this at https://github.com/certbot/certbot/issues/6585#issuecomment-448054502. I took the middle approach of requiring the user to provide an ACME server to use. I like this better than the other approaches which were: > Resolve #5938 instead of this issue. There is value in these tests as is over the compatibility tests in that they don't use Docker and run on different OSes. > Spin up a local Python server to return the directory object. Trying to set up a dummy ACME server seemed hacky and error prone. Other notes about this PR are: * I put the Pebble setup in `tox.ini` rather than `.travis.yml` as this seems much cleaner and more natural. * I created a new `tox` environment called `apacheconftest-with-pebble` that reuses the code from `testenv:apacheconftest` so `apacheconftest` can continue to be used with servers other than Pebble like is done in our test farm tests. * I chose the environment variable `SERVER` for consistency with our integration tests. I chose to not give this environment variable a default but to fail fast when it is not set. * I ran test farm tests on this PR and they passed. 2019-01-09 15:37:45 -05:00			RESULT=`echo c \| $CERTBOT_CMD 2>&1`
This is a more correct test 2015-12-21 16:49:46 -05:00			`if echo $RESULT \| grep -Eq \("Which names would you like"\\|"mod_macro is not yet"\) ; then`
Automate testing with the apache-conf-library 2015-12-16 19:43:24 -05:00			`echo passed`
			`else`
			`echo failed`
			`echo $RESULT`
			`echo`
			`echo`
			FAILS=`expr $FAILS + 1`
			`fi`
Prep for testfarming. 2015-12-16 22:41:35 -05:00			`Cleanup`
This is a hackish script to run all of these "tests". 2015-12-11 15:18:41 -05:00			`done`
Automate testing with the apache-conf-library 2015-12-16 19:43:24 -05:00			`if [ "$FAILS" -ne 0 ] ; then`
Bugfix, and use --staging 2015-12-16 20:21:47 -05:00			`exit 1`
Automate testing with the apache-conf-library 2015-12-16 19:43:24 -05:00			`fi`
Bugfix, and use --staging 2015-12-16 20:21:47 -05:00			`exit 0`