Created
February 11, 2016 20:13
-
-
Save raharper/6a49940c65cc4b1b1475 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash -ex | |
# This script tests install and upgrade of strongswan | |
# LXD needs to be installed and configured. | |
# lxd vars | |
MACHINE="x1" | |
RELEASE="xenial" | |
SNAPSHOT="$MACHINE-with-strongswan-5.1.2" | |
STRONGSWAN_PKGS=" | |
libstrongswan strongswan | |
strongswan-ike strongswan-ikev1 strongswan-ikev2 strongswan-nm | |
strongswan-pt-tls-client strongswan-starter | |
strongswan-tnc-base strongswan-tnc-client strongswan-tnc-ifmap | |
strongswan-tnc-pdp strongswan-tnc-server | |
" | |
PLUGINS=" | |
strongswan-plugin-af-alg strongswan-plugin-agent | |
strongswan-plugin-attr-sql strongswan-plugin-certexpire | |
strongswan-plugin-coupling strongswan-plugin-curl strongswan-plugin-dhcp | |
strongswan-plugin-dnscert strongswan-plugin-dnskey | |
strongswan-plugin-duplicheck strongswan-plugin-eap-aka | |
strongswan-plugin-eap-aka-3gpp2 strongswan-plugin-eap-dynamic | |
strongswan-plugin-eap-gtc strongswan-plugin-eap-md5 | |
strongswan-plugin-eap-mschapv2 strongswan-plugin-eap-peap | |
strongswan-plugin-eap-radius strongswan-plugin-eap-sim | |
strongswan-plugin-eap-sim-file strongswan-plugin-eap-sim-pcsc | |
strongswan-plugin-eap-simaka-pseudonym | |
strongswan-plugin-eap-simaka-reauth strongswan-plugin-eap-simaka-sql | |
strongswan-plugin-eap-tls strongswan-plugin-eap-tnc | |
strongswan-plugin-eap-ttls strongswan-plugin-error-notify | |
strongswan-plugin-farp strongswan-plugin-fips-prf | |
strongswan-plugin-gcrypt strongswan-plugin-gmp | |
strongswan-plugin-ipseckey strongswan-plugin-kernel-libipsec | |
strongswan-plugin-ldap strongswan-plugin-led | |
strongswan-plugin-load-tester strongswan-plugin-lookip | |
strongswan-plugin-mysql strongswan-plugin-ntru strongswan-plugin-openssl | |
strongswan-plugin-pgp strongswan-plugin-pkcs11 strongswan-plugin-pubkey | |
strongswan-plugin-radattr strongswan-plugin-soup strongswan-plugin-sql | |
strongswan-plugin-sqlite strongswan-plugin-sshkey | |
strongswan-plugin-systime-fix strongswan-plugin-unbound | |
strongswan-plugin-unity strongswan-plugin-whitelist | |
strongswan-plugin-xauth-eap strongswan-plugin-xauth-generic | |
strongswan-plugin-xauth-noauth strongswan-plugin-xauth-pam " | |
# sync the image if needed | |
if ! lxc image info $RELEASE &>/dev/null; then | |
lxd-images import ubuntu $RELEASE amd64 --alias $RELEASE --sync | |
fi | |
# launch image if not defined or we've not yet made a snapshot | |
if ! lxc list $MACHINE | grep snapshot &>/dev/null; then | |
lxc launch $RELEASE $MACHINE | |
for ((x=0; x<5; x++)); do lxc list $MACHINE; sleep 1; done #wait-net | |
# uncomment and fill out for optional aptproxy | |
# echo 'Acquire { HTTP { Proxy "http://192.168.XX.YY:8000/"; }; };' | lxc exec $MACHINE -- bash -c 'read a; echo $a > /etc/apt/apt.conf.d/99proxy' | |
lxc exec $MACHINE -- bash -c "apt-get update || apt-get update" #avoid hashsum mismatch! | |
lxc exec $MACHINE -- apt-get -y install strongswan=5.1.2-0ubuntu8 | |
lxc exec $MACHINE -- apt-get -y install $STRONGSWAN_PKGS $PLUGINS | |
lxc exec $MACHINE -- bash -c 'if ! systemctl is-active strongswan; then exit 1; fi' | |
lxc snapshot $MACHINE $SNAPSHOT | |
else | |
lxc stop $MACHINE || : # might not be running, that's OK | |
lxc restore $MACHINE $SNAPSHOT | |
lxc start $MACHINE | |
fi | |
for ((x=0; x<5; x++)); do lxc list $MACHINE; sleep 1; done | |
lxc exec $MACHINE -- apt-get -y remove --purge lxd # lxd upgrade is failing | |
lxc exec $MACHINE -- add-apt-repository -y ppa:raharper/merges | |
lxc exec $MACHINE -- bash -c "apt-get update || apt-get update" #avoid hashsum mismatch! | |
lxc exec $MACHINE -- apt-get -y dist-upgrade | |
lxc exec $MACHINE -- bash -c 'if ! systemctl is-active strongswan; then exit 1; fi' | |
lxc exec $MACHINE -- systemctl daemon-reload | |
lxc exec $MACHINE -- systemctl restart strongswan | |
lxc exec $MACHINE -- bash -c 'if ! systemctl is-active strongswan; then exit 1; fi' | |
lxc exec $MACHINE -- bash -c 'OLD=`dpkg --list |grep strongswan | grep -c 5.1.2-0ubuntu8`; if [ $OLD -ne 0 ]; then exit 1; fi' | |
lxc exec $MACHINE -- apt-get -y remove --purge $PLUGINS | |
echo "strongswan upgrade successful" | |
lxc delete $MACHINE | |
exit 0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment