5a19358d00
- Reorganize configs into environments/, workers/, deprecated/ folders - Reorganize scripts into testing/, deployment/, maintenance/, benchmarks/ folders - Add comprehensive testing guide documentation - Add new Makefile targets: test-full, test-auth, test-status - Update script paths in Makefile to match new organization - Create testing protocol documentation - Add cleanup status checking functionality Testing framework now includes: - Quick authentication tests (make test-auth) - Full test suite runner (make test-full) - Cleanup status monitoring (make test-status) - Comprehensive documentation and troubleshooting guides
79 lines
2.6 KiB
Bash
Executable file
79 lines
2.6 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Homelab Secure Test Environment Script
|
|
set -e
|
|
|
|
echo "Starting Homelab Secure Production Environment..."
|
|
|
|
# Clean up any existing containers
|
|
echo "Cleaning up existing containers..."
|
|
docker-compose -f docker-compose.homelab-secure.yml down -v
|
|
|
|
# Create necessary directories with proper permissions
|
|
echo "Creating directories..."
|
|
mkdir -p data logs
|
|
chmod 750 data logs
|
|
|
|
# Build and start services
|
|
echo "Building and starting services..."
|
|
docker-compose -f docker-compose.homelab-secure.yml up --build -d
|
|
|
|
# Wait for services to be healthy
|
|
echo "Waiting for services to be healthy..."
|
|
sleep 20
|
|
|
|
# Check service health
|
|
echo "Checking service health..."
|
|
docker-compose -f docker-compose.homelab-secure.yml ps
|
|
|
|
# Test API server with TLS
|
|
echo "Testing API server..."
|
|
curl -k -s https://localhost:9104/health || echo "API health check failed"
|
|
|
|
# Test Redis with authentication
|
|
echo "Testing Redis with authentication..."
|
|
docker exec ml-homelab-redis redis-cli -a "HomelabRedis2024!" ping || echo "Redis health check failed"
|
|
|
|
# Test SSH connectivity with security
|
|
echo "Testing SSH connectivity..."
|
|
docker exec -u worker ml-homelab-worker ssh -o StrictHostKeyChecking=no -o Port=2222 worker@localhost "echo 'SSH OK'" || echo "SSH test failed"
|
|
|
|
# Test fail2ban status
|
|
echo "Testing fail2ban..."
|
|
docker exec ml-homelab-api fail2ban-client status sshd || echo "fail2ban check failed"
|
|
|
|
echo ""
|
|
echo "Homelab secure production environment is ready!"
|
|
echo ""
|
|
echo "Services:"
|
|
echo " - API Server: https://localhost:9104"
|
|
echo " - SSH: localhost:2223 (worker user)"
|
|
echo " - Redis: localhost:6379 (with password)"
|
|
echo " - Metrics: http://localhost:9101"
|
|
echo ""
|
|
echo "Security Features:"
|
|
echo " ✓ Strong TLS 1.3 with modern ciphers"
|
|
echo " ✓ SSH with fail2ban protection"
|
|
echo " ✓ Redis with password authentication"
|
|
echo " ✓ SQLite database with encryption"
|
|
echo " ✓ Container security hardening"
|
|
echo " ✓ Rate limiting and CORS protection"
|
|
echo " ✓ Security headers and CSRF protection"
|
|
echo " ✓ Podman sandboxed job execution"
|
|
echo " ✓ Audit logging and monitoring"
|
|
echo ""
|
|
echo "Credentials:"
|
|
echo " - API User: homelab_user / password"
|
|
echo " - SSH User: worker / HomelabWorker2024!"
|
|
echo " - Redis Password: HomelabRedis2024!"
|
|
echo ""
|
|
echo "To test with CLI:"
|
|
echo " ./cli/zig-out/bin/ml queue homelab-secure-test"
|
|
echo " ./cli/zig-out/bin/ml status"
|
|
echo ""
|
|
echo "To view logs:"
|
|
echo " docker-compose -f docker-compose.homelab-secure.yml logs -f api-server"
|
|
echo " docker-compose -f docker-compose.homelab-secure.yml logs -f worker"
|
|
echo ""
|
|
echo "To stop:"
|
|
echo " docker-compose -f docker-compose.homelab-secure.yml down"
|