roof/pic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
85d265187da6d01a295a2772215bb77dd036fe8c
pic/tests
T
History
roof 85d265187d
Unit Tests / test (push) Successful in 7m32s
Details
fix: Caddy TLS cert acquisition — two DNS-01 blockers 
1. caddy_manager: embed ddns.token (registration bearer token) in
   Caddyfile, not DDNS_TOTP_SECRET. The pic_ngo plugin sends the token
   to POST /api/v1/dns-challenge; using the TOTP secret caused 401 on
   every attempt.

2. firewall_manager: add _acme-challenge.<zone> forwarding block before
   each split-horizon zone in the Corefile. Without this, CoreDNS was
   authoritative for the challenge name and returned NODATA for TXT
   queries (wildcard A record matches but wrong type), blocking Caddy's
   internal DNS pre-verification step.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-08 10:45:15 -04:00
..
e2e
fix: use sudo for nft list tables — /usr/sbin not in roof user PATH
2026-06-06 15:46:09 -04:00
integration
fix: e2e/integration test infrastructure and Makefile test targets
2026-04-26 08:27:27 -04:00
__init__.py
init
2025-09-12 23:04:52 +03:00
conftest.py
feat: add authentication and authorization system
2026-04-25 15:00:06 -04:00
run_tests.py
init
2025-09-12 23:04:52 +03:00
test_account_manager.py
feat: add HTTP dispatch to AccountManager for generic store services
2026-05-30 00:46:54 -04:00
test_api_endpoints.py
fix: EmailManager route calls get_email_users not get_users
2026-06-08 10:12:24 -04:00
test_app_misc.py
Fix CI unit test failures and DDNS config wiring
2026-05-10 04:20:19 -04:00
test_auth_manager.py
feat: add authentication and authorization system
2026-04-25 15:00:06 -04:00
test_auth_routes.py
Fix session cookie name collision when running multiple PIC instances on localhost
2026-05-04 09:15:42 -04:00
test_backup_service_data.py
feat: add Steps 1-4 implementation files (AccountManager, ServiceComposer, builtins, tests)
2026-05-29 04:39:19 -04:00
test_caddy_manager.py
fix: Caddy TLS cert acquisition — two DNS-01 blockers
2026-06-08 10:45:15 -04:00
test_caddy_registry_integration.py
feat: Phase 2 — remove builtins layer, ServiceRegistry is installed-only
2026-05-29 08:53:44 -04:00
test_calendar_endpoints.py
feat: Phase 6 — require_active_service decorator + wizard install wiring
2026-05-29 16:58:57 -04:00
test_calendar_manager.py
init
2025-09-12 23:04:52 +03:00
test_cell_link_dns.py
fix: DNS split-horizon in DDNS mode, service access filter, health check, verbosity persistence
2026-06-07 13:05:58 -04:00
test_cell_link_manager.py
Add domain conflict validation when changing domain or accepting heal invite
2026-05-04 09:46:58 -04:00
test_cell_manager.py
fix: all 214 tests passing (from 36 failures)
2026-04-19 16:43:07 -04:00
test_cells_endpoints.py
feat: Phase 4 hardening — retry/backoff, loop detection, sync status UI + tests
2026-05-04 04:18:36 -04:00
test_cli_tool.py
fix: all 214 tests passing (from 36 failures)
2026-04-19 16:43:07 -04:00
test_config_apply.py
feat: HTTPS cert status, IDENTITY_CHANGED wiring, remove stale ip_utils Caddyfile writes
2026-06-05 11:39:36 -04:00
test_config_backup_restore_http.py
feat: replace hardcoded service names with ServiceRegistry-driven Caddy and CoreDNS config
2026-05-28 18:27:52 -04:00
test_config_manager.py
fix: split-horizon DNS zone uses WireGuard IP, not Docker bridge IP
2026-06-08 02:11:01 -04:00
test_config_validation.py
Add subnet conflict validation for wireguard.address and ip_range changes
2026-05-04 10:00:58 -04:00
test_connectivity_manager.py
Implement connectivity store services (wireguard-ext, openvpn-client, tor)
2026-05-30 10:06:48 -04:00
test_container_manager.py
add security fixes, port hardening, and expanded QA coverage
2026-04-25 13:08:24 -04:00
test_ddns_endpoints.py
feat: DDNS self-healing heartbeat + manual re-register endpoint
2026-05-26 15:05:27 -04:00
test_ddns_manager.py
fix: DDNS update token in body, webdav gating, regression tests
2026-06-07 16:56:12 -04:00
test_egress_manager.py
feat: add EgressManager — per-service egress enforcement via host iptables
2026-05-30 00:58:47 -04:00
test_email_endpoints.py
fix: EmailManager route calls get_email_users not get_users
2026-06-08 10:12:24 -04:00
test_email_manager.py
feat: make DDNS domain_name the effective domain across all services
2026-05-28 02:48:47 -04:00
test_enforce_auth_configured.py
fix: DDNS update token in body, webdav gating, regression tests
2026-06-07 16:56:12 -04:00
test_file_endpoints.py
feat: Phase 6 — require_active_service decorator + wizard install wiring
2026-05-29 16:58:57 -04:00
test_file_manager.py
init
2025-09-12 23:04:52 +03:00
test_firewall_manager.py
fix: Caddy TLS cert acquisition — two DNS-01 blockers
2026-06-08 10:45:15 -04:00
test_identity_validation.py
fix: autosave, cell name overflow, length validation, apply-and-verify tests
2026-04-24 05:29:09 -04:00
test_input_validation.py
fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests
2026-04-27 11:30:21 -04:00
test_install_process.py
fix: start-core missing cell-network creation breaks fresh install
2026-06-08 01:07:00 -04:00
test_integration.py
init
2025-09-12 23:04:52 +03:00
test_ip_utils_caddyfile.py
fix: architecture audit — security, atomicity, broken endpoints, test coverage
2026-04-24 03:27:52 -04:00
test_ip_utils.py
Fix CI failures on root — mock OSError instead of relying on filesystem
2026-05-10 06:19:24 -04:00
test_is_local_request_per_endpoint.py
fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests
2026-04-27 11:30:21 -04:00
test_legacy_cleanup.py
feat: Phase 5 — remove legacy service blocks, one-shot container cleanup
2026-05-29 15:57:45 -04:00
test_log_manager.py
init
2025-09-12 23:04:52 +03:00
test_logs_endpoints.py
fix: DNS split-horizon in DDNS mode, service access filter, health check, verbosity persistence
2026-06-07 13:05:58 -04:00
test_manifest_validator.py
Implement connectivity store services (wireguard-ext, openvpn-client, tor)
2026-05-30 10:06:48 -04:00
test_network_endpoints.py
fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests
2026-04-27 11:30:21 -04:00
test_network_manager.py
fix: split-horizon DNS zone uses WireGuard IP, not Docker bridge IP
2026-06-08 02:11:01 -04:00
test_optional_services_feature.py
feat: add manifest_validator.py — security chokepoint for compose and manifest validation
2026-05-29 18:45:45 -04:00
test_peer_dashboard_services.py
fix: add built-in service subdomains to DNS zone on startup
2026-06-07 03:14:34 -04:00
test_peer_management_edge_cases.py
A5: Extract all route groups into Flask blueprints (app.py -1735 lines)
2026-05-01 06:11:21 -04:00
test_peer_management_update.py
fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests
2026-04-27 11:30:21 -04:00
test_peer_provisioning.py
fix: DDNS update token in body, webdav gating, regression tests
2026-06-07 16:56:12 -04:00
test_peer_registry.py
feat: Phase 3 - per-peer internet routing via exit cell
2026-05-01 16:23:31 -04:00
test_peer_route_via.py
test: add loop detection tests for PUT /api/peers/<peer>/route-via
2026-05-04 04:24:02 -04:00
test_peer_wg_integration.py
feat: add authentication and authorization system
2026-04-25 15:00:06 -04:00
test_pending_restart.py
test: add .env write verification for port changes
2026-04-22 14:06:20 -04:00
test_port_conflicts.py
feat: port conflict validation, autosave on Apply, extended integration tests
2026-04-24 04:45:47 -04:00
test_require_active_service.py
feat: Phase 6 — require_active_service decorator + wizard install wiring
2026-05-29 16:58:57 -04:00
test_route_protection.py
Fix: exempt /api/setup/* from enforce_auth so setup wizard works on fresh install
2026-05-11 05:03:44 -04:00
test_routing_endpoints.py
fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests
2026-04-27 11:30:21 -04:00
test_routing_manager.py
init
2025-09-12 23:04:52 +03:00
test_service_bus.py
feat: make DDNS domain_name the effective domain across all services
2026-05-28 02:48:47 -04:00
test_service_composer.py
Implement connectivity store services (wireguard-ext, openvpn-client, tor)
2026-05-30 10:06:48 -04:00
test_service_registry.py
feat: Phase 2 — remove builtins layer, ServiceRegistry is installed-only
2026-05-29 08:53:44 -04:00
test_service_store_manager.py
fix: DDNS update token in body, webdav gating, regression tests
2026-06-07 16:56:12 -04:00
test_services_active_endpoint.py
feat: Phase 4 — dynamic nav + service visibility based on installed services
2026-05-29 12:15:02 -04:00
test_setup_manager.py
feat: remove optional services step from setup wizard
2026-05-29 18:33:43 -04:00
test_vault_api.py
fix: all 214 tests passing (from 36 failures)
2026-04-19 16:43:07 -04:00
test_vault_manager.py
init
2025-09-12 23:04:52 +03:00
test_wireguard_endpoints.py
A5: Extract config routes into blueprint (app.py 1294 → 579 lines)
2026-05-01 06:53:24 -04:00
test_wireguard_manager.py
Fix ensure_postup_dnat to strip-and-replace all DNAT rules idempotently
2026-05-04 06:54:20 -04:00
test_wireguard_vpn_routing.py
feat: fix cross-cell service access — DNS DNAT, service DNAT, Caddy routing
2026-05-02 03:12:09 -04:00