914538eed1
Architektur-Pivot: nginx fällt komplett weg. HAProxy 2.8+ übernimmt
TLS-Termination, L7-Routing per Host-Header und LB. ACME-Webroot
und Management-UI werden von edgeguard-api ausgeliefert (Phase 3
implementiert die zugehörigen Handler); HAProxy proxied
/.well-known/acme-challenge/* und Management-FQDN-Traffic an
127.0.0.1:9443. Eine Distro-Abhängigkeit weniger, ein Renderer
weniger, sauberere Trennung.
Renderer (alle mit Embed-Templates + Tests):
* internal/configgen/ — atomic write + systemctl reload helpers
* internal/haproxy/ — :80 + :443, ACME-ACL, Host-Header-Routing,
Stats-Frontend, api_backend Fallback
* internal/firewall/ — default-deny input, stateful baseline,
SSH-Rate-Limit, :80/:443 accept,
Cluster-Peer-Set für mTLS :8443,
Custom-Rules aus PG
* internal/{squid,wireguard,unbound}/ — Stubs (ErrNotImplemented)
Orchestrator + CLI:
* internal/services/configorch/ — fester Reihenfolge-Run, Stubs
sind soft-skip statt fatal
* cmd/edgeguard-ctl render-config [--no-reload] [--only=svc1,svc2]
Packaging:
* postinst: /etc/edgeguard/nginx raus, /var/lib/edgeguard/acme rein,
self-signed _default.pem via openssl req (damit HAProxy startet
bevor certbot etwas issuet hat)
* control: Depends nginx raus, openssl rein
* edgeguard-ui: dependency auf nginx weg, "Served by edgeguard-api
gin StaticFS"
Live-Smoke: render-config gegen lokale PG schreibt /etc/edgeguard/
haproxy/haproxy.cfg + nftables.d/ruleset.nft korrekt; CRUD-Test aus
Phase 2 läuft weiter unverändert.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
64 lines
1.5 KiB
Go
64 lines
1.5 KiB
Go
package configgen
|
|
|
|
import (
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
)
|
|
|
|
func TestAtomicWrite_CreatesAndChmods(t *testing.T) {
|
|
dir := t.TempDir()
|
|
target := filepath.Join(dir, "sub", "out.conf")
|
|
data := []byte("hello config\n")
|
|
if err := AtomicWrite(target, data, 0o644); err != nil {
|
|
t.Fatalf("AtomicWrite: %v", err)
|
|
}
|
|
got, err := os.ReadFile(target)
|
|
if err != nil {
|
|
t.Fatalf("read back: %v", err)
|
|
}
|
|
if string(got) != string(data) {
|
|
t.Errorf("content mismatch: %q", got)
|
|
}
|
|
st, err := os.Stat(target)
|
|
if err != nil {
|
|
t.Fatalf("stat: %v", err)
|
|
}
|
|
if st.Mode().Perm() != 0o644 {
|
|
t.Errorf("mode: %v", st.Mode().Perm())
|
|
}
|
|
}
|
|
|
|
func TestAtomicWrite_OverwritesExisting(t *testing.T) {
|
|
dir := t.TempDir()
|
|
target := filepath.Join(dir, "out.conf")
|
|
if err := os.WriteFile(target, []byte("old\n"), 0o600); err != nil {
|
|
t.Fatalf("seed: %v", err)
|
|
}
|
|
if err := AtomicWrite(target, []byte("new\n"), 0o640); err != nil {
|
|
t.Fatalf("AtomicWrite: %v", err)
|
|
}
|
|
got, _ := os.ReadFile(target)
|
|
if string(got) != "new\n" {
|
|
t.Errorf("expected 'new\\n', got %q", got)
|
|
}
|
|
st, _ := os.Stat(target)
|
|
if st.Mode().Perm() != 0o640 {
|
|
t.Errorf("mode: %v", st.Mode().Perm())
|
|
}
|
|
}
|
|
|
|
func TestAtomicWrite_NoTempLeak(t *testing.T) {
|
|
dir := t.TempDir()
|
|
target := filepath.Join(dir, "out.conf")
|
|
if err := AtomicWrite(target, []byte("x"), 0o644); err != nil {
|
|
t.Fatalf("AtomicWrite: %v", err)
|
|
}
|
|
entries, _ := os.ReadDir(dir)
|
|
for _, e := range entries {
|
|
if e.Name() != "out.conf" {
|
|
t.Errorf("unexpected leftover: %s", e.Name())
|
|
}
|
|
}
|
|
}
|