test(suites): caddy (#3305)

This commit is contained in:
James Elliott 2022-05-07 11:55:52 +10:00 committed by GitHub
parent 1060bcee06
commit bda87db79c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 295 additions and 0 deletions

View File

@ -0,0 +1,52 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
jwt_secret: unsecure_secret
server:
port: 9091
asset_path: /config/assets/
tls:
certificate: /config/ssl/cert.pem
key: /config/ssl/key.pem
log:
level: debug
authentication_backend:
file:
path: /config/users.yml
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
encryption_key: a_not_so_secure_encryption_key
local:
path: /config/db.sqlite
access_control:
default_policy: bypass
rules:
- domain: "public.example.com"
policy: bypass
- domain: "admin.example.com"
policy: two_factor
- domain: "secure.example.com"
policy: two_factor
- domain: "singlefactor.example.com"
policy: one_factor
notifier:
smtp:
host: smtp
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -0,0 +1,9 @@
---
version: '3'
services:
authelia-backend:
volumes:
- './Caddy/configuration.yml:/config/configuration.yml:ro'
- './Caddy/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -0,0 +1,35 @@
---
###############################################################
# Users Database #
###############################################################
# This file can be used if you do not have an LDAP set up.
# List of users
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
- dev
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -0,0 +1,65 @@
(tls-transport) {
transport http {
tls
tls_insecure_skip_verify
}
}
:8085 {
log
reverse_proxy authelia-backend:9091 {
import tls-transport
}
}
login.example.com:8080 {
tls internal
log
route {
reverse_proxy /.well-known/* authelia-backend:9091 {
import tls-transport
}
reverse_proxy /api/* authelia-backend:9091 {
import tls-transport
}
reverse_proxy /locales/* authelia-backend:9091 {
import tls-transport
}
reverse_proxy /jwks.json authelia-backend:9091 {
import tls-transport
}
reverse_proxy authelia-frontend:3000 :8085 {
lb_policy first
lb_try_duration 5s
lb_try_interval 250ms
fail_duration 10s
max_fails 1
unhealthy_status 5xx
unhealthy_request_count 1
}
}
}
mail.example.com:8080 {
tls internal
log
reverse_proxy smtp:1080
}
*.example.com:8080 {
tls internal
log
forward_auth authelia-backend:9091 {
uri /api/verify?rd=https://login.example.com:8080
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
import tls-transport
}
reverse_proxy /headers httpbin:8000
reverse_proxy nginx-backend
}

View File

@ -0,0 +1,11 @@
---
version: '3'
services:
caddy:
image: caddy:2.5.1-alpine
volumes:
- ./example/compose/caddy/Caddyfile:/etc/caddy/Caddyfile
networks:
authelianet:
ipv4_address: 192.168.240.100
...

View File

@ -0,0 +1,84 @@
package suites
import (
"fmt"
"os"
"time"
)
var caddySuiteName = "Caddy"
func init() {
dockerEnvironment := NewDockerEnvironment([]string{
"internal/suites/docker-compose.yml",
"internal/suites/Caddy/docker-compose.yml",
"internal/suites/example/compose/authelia/docker-compose.backend.{}.yml",
"internal/suites/example/compose/authelia/docker-compose.frontend.{}.yml",
"internal/suites/example/compose/nginx/backend/docker-compose.yml",
"internal/suites/example/compose/caddy/docker-compose.yml",
"internal/suites/example/compose/smtp/docker-compose.yml",
"internal/suites/example/compose/httpbin/docker-compose.yml",
})
if os.Getenv("CI") == t {
dockerEnvironment = NewDockerEnvironment([]string{
"internal/suites/docker-compose.yml",
"internal/suites/Caddy/docker-compose.yml",
"internal/suites/example/compose/authelia/docker-compose.backend.{}.yml",
"internal/suites/example/compose/nginx/backend/docker-compose.yml",
"internal/suites/example/compose/caddy/docker-compose.yml",
"internal/suites/example/compose/smtp/docker-compose.yml",
"internal/suites/example/compose/httpbin/docker-compose.yml",
})
}
setup := func(suitePath string) error {
if err := dockerEnvironment.Up(); err != nil {
return err
}
return waitUntilAutheliaIsReady(dockerEnvironment, caddySuiteName)
}
displayAutheliaLogs := func() error {
backendLogs, err := dockerEnvironment.Logs("authelia-backend", nil)
if err != nil {
return err
}
fmt.Println(backendLogs)
if os.Getenv("CI") != t {
frontendLogs, err := dockerEnvironment.Logs("authelia-frontend", nil)
if err != nil {
return err
}
fmt.Println(frontendLogs)
}
caddyLogs, err := dockerEnvironment.Logs("caddy", nil)
if err != nil {
return err
}
fmt.Println(caddyLogs)
return nil
}
teardown := func(suitePath string) error {
err := dockerEnvironment.Down()
return err
}
GlobalRegistry.Register(caddySuiteName, Suite{
SetUp: setup,
SetUpTimeout: 5 * time.Minute,
OnSetupTimeout: displayAutheliaLogs,
OnError: displayAutheliaLogs,
TestTimeout: 2 * time.Minute,
TearDown: teardown,
TearDownTimeout: 2 * time.Minute,
})
}

View File

@ -0,0 +1,39 @@
package suites
import (
"testing"
"github.com/stretchr/testify/suite"
)
type CaddySuite struct {
*RodSuite
}
func NewCaddySuite() *CaddySuite {
return &CaddySuite{RodSuite: new(RodSuite)}
}
func (s *CaddySuite) Test1FAScenario() {
suite.Run(s.T(), New1FAScenario())
}
func (s *CaddySuite) Test2FAScenario() {
suite.Run(s.T(), New2FAScenario())
}
func (s *CaddySuite) TestCustomHeaders() {
suite.Run(s.T(), NewCustomHeadersScenario())
}
func (s *CaddySuite) TestResetPasswordScenario() {
suite.Run(s.T(), NewResetPasswordScenario())
}
func TestCaddySuite(t *testing.T) {
if testing.Short() {
t.Skip("skipping suite test in short mode")
}
suite.Run(t, NewCaddySuite())
}