14859adf87
- Modified the GenerateConfig function to include an additional parameter for ruleset paths. - Updated multiple test cases across various files to accommodate the new parameter. - Enhanced the manager's ApplyConfig method to handle ruleset file creation and error handling. - Added integration tests for Coraza WAF to validate runtime behavior and ruleset application. - Updated documentation to include instructions for testing Coraza WAF integration locally.
43 lines
1.4 KiB
Go
43 lines
1.4 KiB
Go
package caddy
|
|
|
|
import (
|
|
"encoding/json"
|
|
"testing"
|
|
|
|
"github.com/Wikid82/charon/backend/internal/models"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestGenerateConfig_CustomCertsAndTLS(t *testing.T) {
|
|
hosts := []models.ProxyHost{
|
|
{
|
|
UUID: "h1",
|
|
DomainNames: "a.example.com",
|
|
ForwardHost: "127.0.0.1",
|
|
ForwardPort: 8080,
|
|
Enabled: true,
|
|
Certificate: &models.SSLCertificate{ID: 1, UUID: "c1", Name: "CustomCert", Provider: "custom", Certificate: "cert", PrivateKey: "key"},
|
|
CertificateID: ptrUint(1),
|
|
HSTSEnabled: true,
|
|
HSTSSubdomains: true,
|
|
BlockExploits: true,
|
|
Locations: []models.Location{{Path: "/app", ForwardHost: "127.0.0.1", ForwardPort: 8081}},
|
|
},
|
|
}
|
|
cfg, err := GenerateConfig(hosts, "/data/caddy/data", "admin@example.com", "/frontend/dist", "letsencrypt", true, false, false, false, false, "", nil, nil, nil, nil)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, cfg)
|
|
// TLS should be configured
|
|
require.NotNil(t, cfg.Apps.TLS)
|
|
// Custom cert load
|
|
require.NotNil(t, cfg.Apps.TLS.Certificates)
|
|
// One route for the host (with location) plus catch-all -> at least 2 routes
|
|
server := cfg.Apps.HTTP.Servers["charon_server"]
|
|
require.GreaterOrEqual(t, len(server.Routes), 2)
|
|
// Check HSTS header exists in JSON representation
|
|
b, _ := json.Marshal(cfg)
|
|
require.Contains(t, string(b), "Strict-Transport-Security")
|
|
}
|
|
|
|
func ptrUint(v uint) *uint { return &v }
|