166 lines
7.7 KiB
Python
166 lines
7.7 KiB
Python
|
|
import os
|
|
import pytest
|
|
import re
|
|
|
|
SETUPVARS_LOC='/etc/pihole/setupVars.conf'
|
|
DNSMASQ_CONFIG_LOC = '/etc/dnsmasq.d/01-pihole.conf'
|
|
EVAL_SETUP_FTL_CACHESIZE='. ./bash_functions.sh ; eval `grep setup_FTL_CacheSize /start.sh`'
|
|
EVAL_SETUP_FTL_INTERFACE='. ./bash_functions.sh ; eval `grep setup_FTL_Interface /start.sh`'
|
|
EVAL_SETUP_WEB_PASSWORD='. ./bash_functions.sh ; eval `grep setup_web_password /start.sh`'
|
|
|
|
def _cat(file):
|
|
return 'cat {}'.format(file)
|
|
|
|
def _grep(string, file):
|
|
return 'grep -q \'{}\' {}'.format(string,file)
|
|
|
|
@pytest.mark.parametrize('test_args,expected_ipv6,expected_stdout', [
|
|
('', True, 'IPv4 and IPv6'),
|
|
('-e "IPv6=True"', True, 'IPv4 and IPv6'),
|
|
('-e "IPv6=False"', False, 'IPv4'),
|
|
('-e "IPv6=foobar"', False, 'IPv4'),
|
|
])
|
|
def test_ipv6_not_true_removes_ipv6(docker, slow, test_args, expected_ipv6, expected_stdout):
|
|
''' When a user overrides IPv6=True they only get IPv4 listening webservers '''
|
|
IPV6_LINE = 'use-ipv6.pl'
|
|
WEB_CONFIG = '/etc/lighttpd/lighttpd.conf'
|
|
|
|
function = docker.run('. /bash_functions.sh ; setup_ipv4_ipv6')
|
|
assert "Using {}".format(expected_stdout) in function.stdout
|
|
if expected_stdout == 'IPv4':
|
|
assert 'IPv6' not in function.stdout
|
|
# On overlay2(?) docker sometimes writes to disk are slow enough to break some tests...
|
|
expected_ipv6_check = lambda: (\
|
|
IPV6_LINE in docker.run('grep \'use-ipv6.pl\' {}'.format(WEB_CONFIG)).stdout
|
|
) == expected_ipv6
|
|
slow(expected_ipv6_check)
|
|
|
|
|
|
@pytest.mark.parametrize('test_args', ['-e "WEB_PORT=999"'])
|
|
def test_overrides_default_web_port(docker, slow, test_args):
|
|
''' When a --net=host user sets WEB_PORT to avoid synology's 80 default IPv4 and or IPv6 ports are updated'''
|
|
CONFIG_LINE = r'server.port\s*=\s*999'
|
|
WEB_CONFIG = '/etc/lighttpd/lighttpd.conf'
|
|
|
|
function = docker.run('. /bash_functions.sh ; eval `grep setup_web_port /start.sh`')
|
|
assert "Custom WEB_PORT set to 999" in function.stdout
|
|
assert "INFO: Without proper router DNAT forwarding to 127.0.0.1:999, you may not get any blocked websites on ads" in function.stdout
|
|
slow(lambda: re.search(CONFIG_LINE, docker.run(_cat(WEB_CONFIG)).stdout) != None)
|
|
|
|
|
|
@pytest.mark.parametrize('test_args,expected_error', [
|
|
('-e WEB_PORT="LXXX"', 'WARNING: Custom WEB_PORT not used - LXXX is not an integer'),
|
|
('-e WEB_PORT="1,000"', 'WARNING: Custom WEB_PORT not used - 1,000 is not an integer'),
|
|
('-e WEB_PORT="99999"', 'WARNING: Custom WEB_PORT not used - 99999 is not within valid port range of 1-65535'),
|
|
])
|
|
def test_bad_input_to_web_port(docker, test_args, expected_error):
|
|
function = docker.run('. /bash_functions.sh ; eval `grep setup_web_port /start.sh`')
|
|
assert expected_error in function.stdout
|
|
|
|
|
|
@pytest.mark.parametrize('test_args,cache_size', [('-e CUSTOM_CACHE_SIZE="0"', '0'), ('-e CUSTOM_CACHE_SIZE="20000"', '20000')])
|
|
def test_overrides_default_custom_cache_size(docker, slow, test_args, cache_size):
|
|
''' Changes the cache_size setting to increase or decrease the cache size for dnsmasq'''
|
|
CONFIG_LINE = r'cache-size\s*=\s*{}'.format(cache_size)
|
|
|
|
function = docker.run('echo ${CUSTOM_CACHE_SIZE};. ./bash_functions.sh; echo ${CUSTOM_CACHE_SIZE}; eval `grep setup_FTL_CacheSize /start.sh`')
|
|
assert "Custom CUSTOM_CACHE_SIZE set to {}".format(cache_size) in function.stdout
|
|
slow(lambda: re.search(CONFIG_LINE, docker.run(_cat(DNSMASQ_CONFIG_LOC)).stdout) != None)
|
|
|
|
|
|
@pytest.mark.parametrize('test_args', [
|
|
'-e CUSTOM_CACHE_SIZE="-1"',
|
|
'-e CUSTOM_CACHE_SIZE="1,000"',
|
|
])
|
|
def test_bad_input_to_custom_cache_size(docker, slow, test_args):
|
|
CONFIG_LINE = r'cache-size\s*=\s*10000'
|
|
|
|
docker.run(EVAL_SETUP_FTL_CACHESIZE)
|
|
slow(lambda: re.search(CONFIG_LINE, docker.run(_cat(DNSMASQ_CONFIG_LOC)).stdout) != None)
|
|
|
|
@pytest.mark.parametrize('test_args', [
|
|
'-e DNSSEC="true" -e CUSTOM_CACHE_SIZE="0"',
|
|
])
|
|
def test_dnssec_enabled_with_custom_cache_size(docker, slow, test_args):
|
|
CONFIG_LINE = r'cache-size\s*=\s*10000'
|
|
|
|
docker.run(EVAL_SETUP_FTL_CACHESIZE)
|
|
slow(lambda: re.search(CONFIG_LINE, docker.run(_cat(DNSMASQ_CONFIG_LOC)).stdout) != None)
|
|
|
|
|
|
@pytest.mark.parametrize('args_env, expected_stdout, expected_config_line', [
|
|
('', 'binding to default interface: eth0', 'PIHOLE_INTERFACE=eth0'),
|
|
('-e INTERFACE="br0"', 'binding to custom interface: br0', 'PIHOLE_INTERFACE=br0'),
|
|
])
|
|
def test_dns_interface_override_defaults(docker, slow, args_env, expected_stdout, expected_config_line):
|
|
''' When INTERFACE environment var is passed in, overwrite dnsmasq interface '''
|
|
function = docker.run(EVAL_SETUP_FTL_INTERFACE)
|
|
assert expected_stdout in function.stdout
|
|
slow(lambda: expected_config_line + '\n' == docker.run('grep "^PIHOLE_INTERFACE" {}'.format(SETUPVARS_LOC)).stdout)
|
|
|
|
|
|
expected_debian_lines = [
|
|
'"VIRTUAL_HOST" => "127.0.0.1"',
|
|
'"PHP_ERROR_LOG" => "/var/log/lighttpd/error-pihole.log"'
|
|
]
|
|
|
|
|
|
@pytest.mark.parametrize('expected_lines,repeat_function', [
|
|
(expected_debian_lines, 1),
|
|
(expected_debian_lines, 2)
|
|
])
|
|
def test_debian_setup_php_env(docker, expected_lines, repeat_function):
|
|
''' confirm all expected output is there and nothing else '''
|
|
for _ in range(repeat_function):
|
|
docker.run('. /bash_functions.sh ; eval `grep setup_php_env /start.sh`').stdout
|
|
for expected_line in expected_lines:
|
|
search_config_cmd = "grep -c '{}' /etc/lighttpd/conf-enabled/15-fastcgi-php.conf".format(expected_line)
|
|
search_config_count = docker.run(search_config_cmd)
|
|
found_lines = int(search_config_count.stdout.rstrip('\n'))
|
|
if found_lines > 1:
|
|
assert False, f'Found line {expected_line} times (more than once): {found_lines}'
|
|
|
|
|
|
|
|
def test_webpassword_random_generation(docker):
|
|
''' When a user sets webPassword env the admin password gets set to that '''
|
|
function = docker.run(EVAL_SETUP_WEB_PASSWORD)
|
|
assert 'assigning random password' in function.stdout.lower()
|
|
|
|
|
|
@pytest.mark.parametrize('entrypoint,cmd', [('--entrypoint=tail','-f /dev/null')])
|
|
@pytest.mark.parametrize('args_env,secure,setupvars_hash', [
|
|
('-e WEBPASSWORD=login', True, 'WEBPASSWORD=6060d59351e8c2f48140f01b2c3f3b61652f396c53a5300ae239ebfbe7d5ff08'),
|
|
('-e WEBPASSWORD=""', False, ''),
|
|
])
|
|
def test_webpassword_env_assigns_password_to_file_or_removes_if_empty(docker, args_env, secure, setupvars_hash):
|
|
''' When a user sets webPassword env the admin password gets set or removed if empty '''
|
|
function = docker.run(EVAL_SETUP_WEB_PASSWORD)
|
|
|
|
if secure:
|
|
assert 'new password set' in function.stdout.lower()
|
|
assert docker.run(_grep(setupvars_hash, SETUPVARS_LOC)).rc == 0
|
|
else:
|
|
assert 'password removed' in function.stdout.lower()
|
|
assert docker.run(_grep('^WEBPASSWORD=$', SETUPVARS_LOC)).rc == 0
|
|
|
|
|
|
@pytest.mark.parametrize('entrypoint,cmd', [('--entrypoint=tail','-f /dev/null')])
|
|
@pytest.mark.parametrize('test_args', ['-e WEBPASSWORD=login', '-e WEBPASSWORD=""'])
|
|
def test_env_always_updates_password(docker, args_env, test_args):
|
|
'''When a user sets the WEBPASSWORD environment variable, ensure it always sets the password'''
|
|
function = docker.run(EVAL_SETUP_WEB_PASSWORD)
|
|
|
|
assert '::: Assigning password defined by Environment Variable' in function.stdout
|
|
|
|
|
|
@pytest.mark.parametrize('entrypoint,cmd', [('--entrypoint=tail','-f /dev/null')])
|
|
def test_setupvars_trumps_random_password_if_set(docker, args_env, test_args):
|
|
'''If a password is already set in setupvars, and no password is set in the environment variable, do not generate a random password'''
|
|
docker.run('. /opt/pihole/utils.sh ; addOrEditKeyValPair {} WEBPASSWORD volumepass'.format(SETUPVARS_LOC))
|
|
function = docker.run(EVAL_SETUP_WEB_PASSWORD)
|
|
|
|
assert 'Pre existing WEBPASSWORD found' in function.stdout
|
|
assert docker.run(_grep('WEBPASSWORD=volumepass', SETUPVARS_LOC)).rc == 0
|