2021-04-25 11:24:42 -04:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2022-01-28 18:58:22 +00:00
|
|
|
"io/fs"
|
2021-04-25 11:24:42 -04:00
|
|
|
"os"
|
|
|
|
"path/filepath"
|
2021-04-26 20:30:06 -04:00
|
|
|
"strings"
|
2021-04-25 11:24:42 -04:00
|
|
|
"testing"
|
|
|
|
|
2023-06-06 10:23:39 +02:00
|
|
|
"github.com/juanfont/headscale/hscontrol/types"
|
2023-05-11 09:09:18 +02:00
|
|
|
"github.com/juanfont/headscale/hscontrol/util"
|
2021-04-25 11:24:42 -04:00
|
|
|
"github.com/spf13/viper"
|
|
|
|
"gopkg.in/check.v1"
|
|
|
|
)
|
|
|
|
|
|
|
|
func Test(t *testing.T) {
|
|
|
|
check.TestingT(t)
|
|
|
|
}
|
|
|
|
|
|
|
|
var _ = check.Suite(&Suite{})
|
|
|
|
|
|
|
|
type Suite struct{}
|
|
|
|
|
|
|
|
func (s *Suite) SetUpSuite(c *check.C) {
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Suite) TearDownSuite(c *check.C) {
|
|
|
|
}
|
2021-04-26 20:30:06 -04:00
|
|
|
|
2022-06-05 17:55:27 +08:00
|
|
|
func (*Suite) TestConfigFileLoading(c *check.C) {
|
2022-08-09 23:21:19 +02:00
|
|
|
tmpDir, err := os.MkdirTemp("", "headscale")
|
2022-06-05 17:55:27 +08:00
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
|
|
|
defer os.RemoveAll(tmpDir)
|
|
|
|
|
|
|
|
path, err := os.Getwd()
|
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
cfgFile := filepath.Join(tmpDir, "config.yaml")
|
|
|
|
|
|
|
|
// Symlink the example config file
|
|
|
|
err = os.Symlink(
|
|
|
|
filepath.Clean(path+"/../../config-example.yaml"),
|
|
|
|
cfgFile,
|
|
|
|
)
|
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Load example config, it should load without validation errors
|
2023-06-06 10:23:39 +02:00
|
|
|
err = types.LoadConfig(cfgFile, true)
|
2022-06-05 17:55:27 +08:00
|
|
|
c.Assert(err, check.IsNil)
|
|
|
|
|
|
|
|
// Test that config file was interpreted correctly
|
|
|
|
c.Assert(viper.GetString("server_url"), check.Equals, "http://127.0.0.1:8080")
|
2022-11-16 15:25:10 +01:00
|
|
|
c.Assert(viper.GetString("listen_addr"), check.Equals, "127.0.0.1:8080")
|
2022-06-05 17:55:27 +08:00
|
|
|
c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9090")
|
2024-02-09 07:27:00 +01:00
|
|
|
c.Assert(viper.GetString("database.type"), check.Equals, "sqlite")
|
|
|
|
c.Assert(viper.GetString("database.sqlite.path"), check.Equals, "/var/lib/headscale/db.sqlite")
|
2022-06-05 17:55:27 +08:00
|
|
|
c.Assert(viper.GetString("tls_letsencrypt_hostname"), check.Equals, "")
|
|
|
|
c.Assert(viper.GetString("tls_letsencrypt_listen"), check.Equals, ":http")
|
|
|
|
c.Assert(viper.GetString("tls_letsencrypt_challenge_type"), check.Equals, "HTTP-01")
|
|
|
|
c.Assert(viper.GetStringSlice("dns_config.nameservers")[0], check.Equals, "1.1.1.1")
|
|
|
|
c.Assert(
|
2023-05-11 09:09:18 +02:00
|
|
|
util.GetFileMode("unix_socket_permission"),
|
2022-06-05 17:55:27 +08:00
|
|
|
check.Equals,
|
|
|
|
fs.FileMode(0o770),
|
|
|
|
)
|
|
|
|
c.Assert(viper.GetBool("logtail.enabled"), check.Equals, false)
|
|
|
|
}
|
|
|
|
|
2021-10-24 21:21:01 +01:00
|
|
|
func (*Suite) TestConfigLoading(c *check.C) {
|
2022-08-09 23:21:19 +02:00
|
|
|
tmpDir, err := os.MkdirTemp("", "headscale")
|
2021-05-15 14:36:13 +02:00
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
|
|
|
defer os.RemoveAll(tmpDir)
|
|
|
|
|
|
|
|
path, err := os.Getwd()
|
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Symlink the example config file
|
2021-11-13 08:36:45 +00:00
|
|
|
err = os.Symlink(
|
|
|
|
filepath.Clean(path+"/../../config-example.yaml"),
|
|
|
|
filepath.Join(tmpDir, "config.yaml"),
|
|
|
|
)
|
2021-05-15 14:36:13 +02:00
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Load example config, it should load without validation errors
|
2023-06-06 10:23:39 +02:00
|
|
|
err = types.LoadConfig(tmpDir, false)
|
2021-05-15 14:36:13 +02:00
|
|
|
c.Assert(err, check.IsNil)
|
|
|
|
|
|
|
|
// Test that config file was interpreted correctly
|
2021-07-30 17:07:19 +02:00
|
|
|
c.Assert(viper.GetString("server_url"), check.Equals, "http://127.0.0.1:8080")
|
2022-11-16 15:25:10 +01:00
|
|
|
c.Assert(viper.GetString("listen_addr"), check.Equals, "127.0.0.1:8080")
|
2022-02-28 10:40:02 -03:00
|
|
|
c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9090")
|
2024-02-17 13:18:15 +01:00
|
|
|
c.Assert(viper.GetString("database.type"), check.Equals, "sqlite")
|
|
|
|
c.Assert(viper.GetString("database.sqlite.path"), check.Equals, "/var/lib/headscale/db.sqlite")
|
2021-05-15 14:36:13 +02:00
|
|
|
c.Assert(viper.GetString("tls_letsencrypt_hostname"), check.Equals, "")
|
2021-07-23 16:12:01 -06:00
|
|
|
c.Assert(viper.GetString("tls_letsencrypt_listen"), check.Equals, ":http")
|
2021-05-15 14:36:13 +02:00
|
|
|
c.Assert(viper.GetString("tls_letsencrypt_challenge_type"), check.Equals, "HTTP-01")
|
2021-08-24 07:10:09 +01:00
|
|
|
c.Assert(viper.GetStringSlice("dns_config.nameservers")[0], check.Equals, "1.1.1.1")
|
2022-01-25 22:11:15 +00:00
|
|
|
c.Assert(
|
2023-05-11 09:09:18 +02:00
|
|
|
util.GetFileMode("unix_socket_permission"),
|
2022-01-25 22:11:15 +00:00
|
|
|
check.Equals,
|
|
|
|
fs.FileMode(0o770),
|
|
|
|
)
|
2022-05-30 14:57:43 +02:00
|
|
|
c.Assert(viper.GetBool("logtail.enabled"), check.Equals, false)
|
2022-06-09 21:20:11 +02:00
|
|
|
c.Assert(viper.GetBool("randomize_client_port"), check.Equals, false)
|
2021-05-15 14:36:13 +02:00
|
|
|
}
|
|
|
|
|
2021-08-25 19:03:04 +01:00
|
|
|
func (*Suite) TestDNSConfigLoading(c *check.C) {
|
2022-08-09 23:21:19 +02:00
|
|
|
tmpDir, err := os.MkdirTemp("", "headscale")
|
2021-08-25 19:03:04 +01:00
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
|
|
|
defer os.RemoveAll(tmpDir)
|
|
|
|
|
|
|
|
path, err := os.Getwd()
|
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Symlink the example config file
|
2021-11-13 08:36:45 +00:00
|
|
|
err = os.Symlink(
|
|
|
|
filepath.Clean(path+"/../../config-example.yaml"),
|
|
|
|
filepath.Join(tmpDir, "config.yaml"),
|
|
|
|
)
|
2021-08-25 19:03:04 +01:00
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Load example config, it should load without validation errors
|
2023-06-06 10:23:39 +02:00
|
|
|
err = types.LoadConfig(tmpDir, false)
|
2021-08-25 19:03:04 +01:00
|
|
|
c.Assert(err, check.IsNil)
|
|
|
|
|
2023-06-06 10:23:39 +02:00
|
|
|
dnsConfig, baseDomain := types.GetDNSConfig()
|
2021-08-25 19:03:04 +01:00
|
|
|
|
|
|
|
c.Assert(dnsConfig.Nameservers[0].String(), check.Equals, "1.1.1.1")
|
|
|
|
c.Assert(dnsConfig.Resolvers[0].Addr, check.Equals, "1.1.1.1")
|
2021-10-02 11:14:18 +02:00
|
|
|
c.Assert(dnsConfig.Proxied, check.Equals, true)
|
|
|
|
c.Assert(baseDomain, check.Equals, "example.com")
|
2021-08-25 19:03:04 +01:00
|
|
|
}
|
|
|
|
|
2021-04-26 20:30:06 -04:00
|
|
|
func writeConfig(c *check.C, tmpDir string, configYaml []byte) {
|
|
|
|
// Populate a custom config file
|
|
|
|
configFile := filepath.Join(tmpDir, "config.yaml")
|
2022-08-09 23:21:19 +02:00
|
|
|
err := os.WriteFile(configFile, configYaml, 0o600)
|
2021-04-26 20:30:06 -04:00
|
|
|
if err != nil {
|
|
|
|
c.Fatalf("Couldn't write file %s", configFile)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (*Suite) TestTLSConfigValidation(c *check.C) {
|
2022-08-09 23:21:19 +02:00
|
|
|
tmpDir, err := os.MkdirTemp("", "headscale")
|
2021-04-26 20:30:06 -04:00
|
|
|
if err != nil {
|
|
|
|
c.Fatal(err)
|
|
|
|
}
|
2021-10-22 18:14:29 +01:00
|
|
|
// defer os.RemoveAll(tmpDir)
|
2022-08-21 10:42:23 +02:00
|
|
|
configYaml := []byte(`---
|
|
|
|
tls_letsencrypt_hostname: example.com
|
|
|
|
tls_letsencrypt_challenge_type: ""
|
|
|
|
tls_cert_path: abc.pem
|
|
|
|
noise:
|
|
|
|
private_key_path: noise_private.key`)
|
2021-04-26 20:30:06 -04:00
|
|
|
writeConfig(c, tmpDir, configYaml)
|
|
|
|
|
|
|
|
// Check configuration validation errors (1)
|
2023-06-06 10:23:39 +02:00
|
|
|
err = types.LoadConfig(tmpDir, false)
|
2021-04-26 20:30:06 -04:00
|
|
|
c.Assert(err, check.NotNil)
|
|
|
|
// check.Matches can not handle multiline strings
|
|
|
|
tmp := strings.ReplaceAll(err.Error(), "\n", "***")
|
2021-10-22 18:14:29 +01:00
|
|
|
c.Assert(
|
|
|
|
tmp,
|
|
|
|
check.Matches,
|
|
|
|
".*Fatal config error: set either tls_letsencrypt_hostname or tls_cert_path/tls_key_path, not both.*",
|
|
|
|
)
|
|
|
|
c.Assert(
|
|
|
|
tmp,
|
|
|
|
check.Matches,
|
|
|
|
".*Fatal config error: the only supported values for tls_letsencrypt_challenge_type are.*",
|
|
|
|
)
|
2021-11-13 08:36:45 +00:00
|
|
|
c.Assert(
|
|
|
|
tmp,
|
|
|
|
check.Matches,
|
|
|
|
".*Fatal config error: server_url must start with https:// or http://.*",
|
|
|
|
)
|
2021-04-26 20:30:06 -04:00
|
|
|
|
|
|
|
// Check configuration validation errors (2)
|
2022-08-21 10:42:23 +02:00
|
|
|
configYaml = []byte(`---
|
|
|
|
noise:
|
|
|
|
private_key_path: noise_private.key
|
|
|
|
server_url: http://127.0.0.1:8080
|
|
|
|
tls_letsencrypt_hostname: example.com
|
|
|
|
tls_letsencrypt_challenge_type: TLS-ALPN-01
|
|
|
|
`)
|
2021-04-26 20:30:06 -04:00
|
|
|
writeConfig(c, tmpDir, configYaml)
|
2023-06-06 10:23:39 +02:00
|
|
|
err = types.LoadConfig(tmpDir, false)
|
2021-07-16 22:02:05 -04:00
|
|
|
c.Assert(err, check.IsNil)
|
2021-04-26 20:30:06 -04:00
|
|
|
}
|