diff --git a/roles/pterodactyl_panel/molecule/default/converge.yml b/roles/pterodactyl_panel/molecule/default/converge.yml new file mode 100644 index 0000000..d200992 --- /dev/null +++ b/roles/pterodactyl_panel/molecule/default/converge.yml @@ -0,0 +1,7 @@ +--- +- name: Converge + hosts: panel + tasks: + - name: "Include pterodactyl_panel" + include_role: + name: "pterodactyl_panel" diff --git a/roles/pterodactyl_panel/molecule/default/files/fullchain.pem b/roles/pterodactyl_panel/molecule/default/files/fullchain.pem deleted file mode 100644 index 72a5e57..0000000 --- a/roles/pterodactyl_panel/molecule/default/files/fullchain.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBZzCCAQ6gAwIBAgIRAK3OSor1YhpKluiQW64jwHgwCgYIKoZIzj0EAwIwEjEQ -MA4GA1UEAxMHcm9vdC1jYTAeFw0yMTAzMjcyMTE0MjRaFw0zMTAzMjUyMTE0MjRa -MBIxEDAOBgNVBAMTB3Jvb3QtY2EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASZ -ccJ3O1AP8uosuTitbj/NabOdZcRRkpC8UgP1zWYfHNI3pztSPG5Qh7W1JOgTrmwx -Xq8z0Mvnez9mSGOmadupo0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgw -BgEB/wIBATAdBgNVHQ4EFgQUFafEPUBZgawVsLPnfBZ0BLfV/b8wCgYIKoZIzj0E -AwIDRwAwRAIgG2s5kqh0siBxarq+nYicTXkH65zedYITFxMWMqqkd5ACIC3m8Ha/ -08S0Splg4I8UDeWoDvG8HDkCpCnm3QMR0gbR ------END CERTIFICATE----- diff --git a/roles/pterodactyl_panel/molecule/default/files/privkey.pem b/roles/pterodactyl_panel/molecule/default/files/privkey.pem deleted file mode 100644 index 12f0527..0000000 --- a/roles/pterodactyl_panel/molecule/default/files/privkey.pem +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIHI/w6anB6NIHH+2lVoEhXmuxA10av7EybdmAynyXzVNoAoGCCqGSM49 -AwEHoUQDQgAEmXHCdztQD/LqLLk4rW4/zWmznWXEUZKQvFID9c1mHxzSN6c7Ujxu -UIe1tSToE65sMV6vM9DL53s/ZkhjpmnbqQ== ------END EC PRIVATE KEY----- diff --git a/roles/pterodactyl_panel/molecule/default/molecule.yml b/roles/pterodactyl_panel/molecule/default/molecule.yml index 53769ba..683f74f 100644 --- a/roles/pterodactyl_panel/molecule/default/molecule.yml +++ b/roles/pterodactyl_panel/molecule/default/molecule.yml @@ -79,13 +79,14 @@ platforms: network: molecule-pterodactyl-panel provisioner: - playbooks: - converge: ../converge.yml - verify: ../verify.yml inventory: group_vars: all: pterodactyl_panel_webroot: /var/www/pterodactyl-molecule + pterodactyl_panel_domain: "{{ ansible_fqdn }}" + pterodactyl_panel_ssl_mode: selfsign + pterodactyl_panel_ssl_cert: /etc/ssl/selfsign-test.crt + pterodactyl_panel_ssl_key: /etc/ssl/selfsign-test.key pterodactyl_panel_app_key: base64:plc67JdoBykgQPhTJV8BCu1MDAYM0QRbZt93mnh/uyE= pterodactyl_panel_hashids_salt: YhQ1W5XhR1cTZGMLK16a # DB Settings diff --git a/roles/pterodactyl_panel/molecule/default/prepare.yml b/roles/pterodactyl_panel/molecule/default/prepare.yml index d790fd7..d04a543 100644 --- a/roles/pterodactyl_panel/molecule/default/prepare.yml +++ b/roles/pterodactyl_panel/molecule/default/prepare.yml @@ -4,21 +4,3 @@ apt: update_cache: yes when: ansible_os_family == "Debian" - - - name: SSL cert directory exists - ansible.builtin.file: - path: /etc/letsencrypt/live/{{ ansible_fqdn }}/ - state: directory - owner: root - group: root - mode: "755" - - name: Copy existing SSL cert/key to fake letsencrypt directory - copy: - src: "{{ item }}" - dest: /etc/letsencrypt/live/{{ ansible_fqdn }}/ - owner: root - group: root - mode: 0755 # this is insecure, don't do this in prod - loop: - - "fullchain.pem" - - "privkey.pem" diff --git a/roles/pterodactyl_panel/molecule/default/verify.yml b/roles/pterodactyl_panel/molecule/default/verify.yml new file mode 100644 index 0000000..4b0acc1 --- /dev/null +++ b/roles/pterodactyl_panel/molecule/default/verify.yml @@ -0,0 +1,14 @@ +--- +- name: Verify + hosts: panel + tasks: + - name: Get panel homepage + ansible.builtin.uri: + url: "https://{{ pterodactyl_panel_domain }}" + ca_path: "{{ pterodactyl_panel_ssl_cert }}" + return_content: true + register: page + - name: Verify that homepage was loaded + assert: + that: + - '"Pterodactyl" in page.content' diff --git a/roles/pterodactyl_panel/molecule/selfsign/molecule.yml b/roles/pterodactyl_panel/molecule/selfsign/molecule.yml deleted file mode 100644 index 259ab10..0000000 --- a/roles/pterodactyl_panel/molecule/selfsign/molecule.yml +++ /dev/null @@ -1,103 +0,0 @@ ---- -platforms: - - name: pterodactyl-panel-ubuntu-22 - image: "docker.io/geerlingguy/docker-ubuntu2204-ansible" - groups: - - panel - systemd: always - override_command: false - pre_build_image: true - network: molecule-pterodactyl-panel - - name: pterodactyl-panel-ubuntu-22-db - image: docker.io/mariadb - pre_build_image: true - override_command: false - env: - MYSQL_ROOT_PASSWORD: panel_molecule - MYSQL_DATABASE: panel_molecule - MYSQL_USER: panel_molecule - MYSQL_PASSWORD: panel_molecule - network: molecule-pterodactyl-panel - - - name: pterodactyl-panel-ubuntu-20 - image: "docker.io/geerlingguy/docker-ubuntu2004-ansible" - groups: - - panel - - php7 - systemd: always - override_command: false - pre_build_image: true - network: molecule-pterodactyl-panel - - name: pterodactyl-panel-ubuntu-20-db - image: docker.io/mariadb - pre_build_image: true - override_command: false - env: - MYSQL_ROOT_PASSWORD: panel_molecule - MYSQL_DATABASE: panel_molecule - MYSQL_USER: panel_molecule - MYSQL_PASSWORD: panel_molecule - network: molecule-pterodactyl-panel - - - name: pterodactyl-panel-debian-12 - image: "docker.io/geerlingguy/docker-debian12-ansible" - groups: - - panel - systemd: always - override_command: false - pre_build_image: true - network: molecule-pterodactyl-panel - - name: pterodactyl-panel-debian-12-db - image: docker.io/mariadb - pre_build_image: true - override_command: false - env: - MYSQL_ROOT_PASSWORD: panel_molecule - MYSQL_DATABASE: panel_molecule - MYSQL_USER: panel_molecule - MYSQL_PASSWORD: panel_molecule - network: molecule-pterodactyl-panel - - - name: pterodactyl-panel-debian-11 - image: "docker.io/geerlingguy/docker-debian11-ansible" - groups: - - panel - - php7 - systemd: always - override_command: false - pre_build_image: true - network: molecule-pterodactyl-panel - - name: pterodactyl-panel-debian-11-db - image: docker.io/mariadb - pre_build_image: true - override_command: false - env: - MYSQL_ROOT_PASSWORD: panel_molecule - MYSQL_DATABASE: panel_molecule - MYSQL_USER: panel_molecule - MYSQL_PASSWORD: panel_molecule - network: molecule-pterodactyl-panel - -provisioner: - playbooks: - converge: ../converge.yml - verify: ../verify.yml - inventory: - group_vars: - all: - pterodactyl_panel_webroot: /var/www/pterodactyl-molecule - pterodactyl_panel_ssl_mode: selfsign - pterodactyl_panel_ssl_cert: /etc/ssl/selfsign-test.crt - pterodactyl_panel_ssl_key: /etc/ssl/selfsign-test.key - pterodactyl_panel_app_key: base64:plc67JdoBykgQPhTJV8BCu1MDAYM0QRbZt93mnh/uyE= - pterodactyl_panel_hashids_salt: YhQ1W5XhR1cTZGMLK16a - # DB Settings - pterodactyl_panel_db_host: "{{ inventory_hostname }}-db" - pterodactyl_panel_db_name: panel_molecule - pterodactyl_panel_db_user: panel_molecule - pterodactyl_panel_db_password: panel_molecule - # Test against the latest panel version unless specified - pterodactyl_panel_version: "latest" - php7: - # Install the last php7-compatible panel version for older OSes - pterodactyl_panel_version: "v1.10.4" diff --git a/roles/pterodactyl_panel/molecule/selfsign/prepare.yml b/roles/pterodactyl_panel/molecule/selfsign/prepare.yml deleted file mode 100644 index d04a543..0000000 --- a/roles/pterodactyl_panel/molecule/selfsign/prepare.yml +++ /dev/null @@ -1,6 +0,0 @@ -- hosts: panel - tasks: - - name: Update APT cache - apt: - update_cache: yes - when: ansible_os_family == "Debian" diff --git a/roles/pterodactyl_panel/molecule/selfsign/requirements.txt b/roles/pterodactyl_panel/molecule/selfsign/requirements.txt deleted file mode 120000 index 0bd8d01..0000000 --- a/roles/pterodactyl_panel/molecule/selfsign/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -../../../../tests/roles/requirements.txt \ No newline at end of file diff --git a/roles/pterodactyl_panel/molecule/verify.yml b/roles/pterodactyl_panel/molecule/verify.yml deleted file mode 100644 index 44a2ad1..0000000 --- a/roles/pterodactyl_panel/molecule/verify.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: Verify - hosts: panel - gather_facts: false - tasks: - - name: Get panel homepage # noqa risky-file-permissions - get_url: - url: https://127.0.0.1 - dest: /tmp/index.html - validate_certs: no - - name: Get homepage contents - command: cat /tmp/index.html - changed_when: no - register: pterodactyl_panel_page - - name: Verify that homepage was loaded - assert: - that: - - '"Pterodactyl" in pterodactyl_panel_page.stdout' diff --git a/roles/pterodactyl_panel/tasks/selfsign.yml b/roles/pterodactyl_panel/tasks/selfsign.yml index ca31739..5e1f328 100644 --- a/roles/pterodactyl_panel/tasks/selfsign.yml +++ b/roles/pterodactyl_panel/tasks/selfsign.yml @@ -5,9 +5,19 @@ group: www-data mode: "640" +- name: Signing request (CSR) for self-signed certificate + community.crypto.openssl_csr_pipe: + privatekey_path: "{{ pterodactyl_panel_ssl_key }}" + common_name: "{{ pterodactyl_panel_domain }}" + organization_name: Pterodactyl Panel + register: csr + changed_when: no + check_mode: no + - name: Self-signed cert is present community.crypto.x509_certificate: path: "{{ pterodactyl_panel_ssl_cert }}" + csr_content: "{{ csr.csr }}" privatekey_path: "{{ pterodactyl_panel_ssl_key }}" provider: selfsigned owner: root