torrust
diff --git a/‎.github/copilot-instructions.md‎
Lines changed: 1 addition & 0 deletions b/‎.github/copilot-instructions.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/workflows/infrastructure.yml‎
Lines changed: 85 additions & 0 deletions b/‎.github/workflows/infrastructure.yml‎
Lines changed: 85 additions & 0 deletions
diff --git a/‎.markdownlint.json‎
Lines changed: 19 additions & 0 deletions b/‎.markdownlint.json‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎Makefile‎
Lines changed: 263 additions & 0 deletions b/‎Makefile‎
Lines changed: 263 additions & 0 deletions
@@ -18,3 +18,4 @@ Follow these conventions:
     - Uses hyphens to separate words, e.g., `1-add-new-feature`.
 - Ensure that shell scripts are POSIX-compliant.
 - Provide clear and concise documentation for any new features or changes.
+- Follow https://github.com/DavidAnson/markdownlint conventions for Markdown files.
@@ -0,0 +1,85 @@
+name: Infrastructure Tests
+
+on:
+  push:
+    branches: [main, develop]
+    paths:
+      - "infrastructure/**"
+      - "tests/infrastructure/**"
+      - "Makefile"
+      - ".github/workflows/infrastructure.yml"
+  pull_request:
+    branches: [main, develop]
+    paths:
+      - "infrastructure/**"
+      - "tests/infrastructure/**"
+      - "Makefile"
+      - ".github/workflows/infrastructure.yml"
+
+jobs:
+  validate-infrastructure:
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install OpenTofu
+        run: |
+          curl -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
+          chmod +x install-opentofu.sh
+          sudo ./install-opentofu.sh --install-method deb
+          rm install-opentofu.sh
+          tofu version
+
+      - name: Install yamllint
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y yamllint
+
+      - name: Validate OpenTofu syntax
+        run: |
+          cd infrastructure/terraform
+          tofu init
+          tofu validate
+          tofu plan
+
+      - name: Validate cloud-init YAML
+        run: |
+          yamllint infrastructure/cloud-init/user-data.yaml
+          yamllint infrastructure/cloud-init/network-config.yaml
+
+      - name: Test script permissions
+        run: |
+          test -x tests/infrastructure/test-local-setup.sh
+          test -x tests/infrastructure/test-integration.sh
+
+      - name: Run syntax tests
+        run: |
+          make test-syntax
+
+      - name: Validate Makefile targets
+        run: |
+          make help
+          make workflow-help
+
+  # Note: Full VM testing is not run in CI as it requires KVM/nested virtualization
+  # which is not available in GitHub Actions runners
+  documentation-check:
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Check documentation links
+        run: |
+          # Verify documentation files exist
+          test -f docs/infrastructure/quick-start.md
+          test -f docs/infrastructure/local-testing-setup.md
+          test -f infrastructure/README.md
+
+          # Check for common documentation issues
+          grep -q "Quick Start" docs/infrastructure/quick-start.md
+          grep -q "OpenTofu" docs/infrastructure/local-testing-setup.md
+          grep -q "make" README.md
@@ -0,0 +1,19 @@
+{
+    "default": true,
+    "MD013": {
+        "line_length": 80
+    },
+    "MD031": true,
+    "MD032": true,
+    "MD040": true,
+    "MD022": true,
+    "MD009": true,
+    "MD007": {
+        "indent": 2
+    },
+    "MD026": false,
+    "MD041": false,
+    "MD034": false,
+    "MD024": false,
+    "MD033": false
+}
@@ -0,0 +1,263 @@
+# Makefile for Torrust Tracker Local Testing Infrastructure
+.PHONY: help init plan apply destroy test clean status ssh install-deps
+
+# Default variables
+VM_NAME ?= torrust-tracker-demo
+TERRAFORM_DIR = infrastructure/terraform
+TESTS_DIR = tests/infrastructure
+
+# Help target
+help: ## Show this help message
+	@echo "Torrust Tracker Local Testing Infrastructure"
+	@echo ""
+	@echo "Available targets:"
+	@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "  %-20s %s\n", $$1, $$2}' $(MAKEFILE_LIST)
+
+install-deps: ## Install required dependencies (Ubuntu/Debian)
+	@echo "Installing dependencies..."
+	sudo apt update
+	sudo apt install -y qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virt-manager genisoimage
+	sudo usermod -aG libvirt $$USER
+	sudo usermod -aG kvm $$USER
+	sudo systemctl enable libvirtd
+	sudo systemctl start libvirtd
+	@echo "Setting up libvirt storage and permissions..."
+	@sudo virsh pool-define-as default dir --target /var/lib/libvirt/images || true
+	@sudo virsh pool-autostart default || true
+	@sudo virsh pool-start default || true
+	@sudo chown -R libvirt-qemu:libvirt /var/lib/libvirt/images/ || true
+	@sudo chmod -R 755 /var/lib/libvirt/images/ || true
+	@echo "Installing OpenTofu..."
+	curl -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
+	chmod +x install-opentofu.sh
+	sudo ./install-opentofu.sh --install-method deb
+	rm install-opentofu.sh
+	@echo "Dependencies installed. Please log out and log back in for group changes to take effect."
+
+init: ## Initialize OpenTofu
+	@echo "Initializing OpenTofu..."
+	cd $(TERRAFORM_DIR) && tofu init
+
+plan: ## Show what OpenTofu will do
+	@echo "Planning infrastructure changes..."
+	@if [ -f $(TERRAFORM_DIR)/local.tfvars ]; then \
+		cd $(TERRAFORM_DIR) && tofu plan -var-file="local.tfvars"; \
+	else \
+		echo "WARNING: No local.tfvars found. Please create it first with 'make setup-ssh-key'"; \
+		exit 1; \
+	fi
+
+apply-minimal: ## Deploy VM with minimal cloud-init configuration
+	@echo "Ensuring libvirt permissions are correct..."
+	@$(MAKE) fix-libvirt
+	@echo "Deploying VM with minimal configuration..."
+	cd $(TERRAFORM_DIR) && tofu apply -var-file="local.tfvars" -var="use_minimal_config=true" -parallelism=1
+	@echo "Fixing permissions after deployment..."
+	@$(MAKE) fix-libvirt
+
+apply: ## Deploy the VM
+	@echo "Ensuring libvirt permissions are correct..."
+	@$(MAKE) fix-libvirt
+	@echo "Deploying VM..."
+	@if [ -f $(TERRAFORM_DIR)/local.tfvars ]; then \
+		echo "Using local SSH key configuration..."; \
+		cd $(TERRAFORM_DIR) && tofu apply -var-file="local.tfvars" -parallelism=1; \
+	else \
+		echo "WARNING: No local.tfvars found. Creating with placeholder..."; \
+		echo 'ssh_public_key = "REPLACE_WITH_YOUR_SSH_PUBLIC_KEY"' > $(TERRAFORM_DIR)/local.tfvars; \
+		echo "Please edit $(TERRAFORM_DIR)/local.tfvars with your SSH public key and run 'make apply' again"; \
+		exit 1; \
+	fi
+	@echo "Fixing permissions after deployment..."
+	@$(MAKE) fix-libvirt
+
+destroy: ## Destroy the VM
+	@echo "Destroying VM..."
+	cd $(TERRAFORM_DIR) && tofu destroy
+
+status: ## Show current infrastructure status
+	@echo "Infrastructure status:"
+	cd $(TERRAFORM_DIR) && tofu show
+
+ssh: ## SSH into the VM
+	@echo "Connecting to VM..."
+	@VM_IP=$$(cd $(TERRAFORM_DIR) && tofu output -raw vm_ip 2>/dev/null); \
+	if [ -n "$$VM_IP" ]; then \
+		echo "Connecting to $$VM_IP..."; \
+		ssh torrust@$$VM_IP; \
+	else \
+		echo "Could not get VM IP. Is the VM deployed?"; \
+		exit 1; \
+	fi
+
+test: ## Run all tests
+	@echo "Running infrastructure tests..."
+	$(TESTS_DIR)/test-local-setup.sh full-test
+
+test-prereq: ## Test prerequisites only
+	@echo "Testing prerequisites..."
+	$(TESTS_DIR)/test-local-setup.sh prerequisites
+
+check-libvirt: ## Check libvirt installation and permissions
+	@echo "Checking libvirt setup..."
+	@echo "1. Checking if libvirt service is running:"
+	@sudo systemctl status libvirtd --no-pager -l || echo "libvirtd not running"
+	@echo ""
+	@echo "2. Checking user groups:"
+	@groups | grep -q libvirt && echo "✓ User is in libvirt group" || echo "✗ User is NOT in libvirt group"
+	@groups | grep -q kvm && echo "✓ User is in kvm group" || echo "✗ User is NOT in kvm group"
+	@echo ""
+	@echo "3. Testing libvirt access:"
+	@virsh list --all >/dev/null 2>&1 && echo "✓ User can access libvirt" || echo "✗ User cannot access libvirt (try 'sudo virsh list')"
+	@echo ""
+	@echo "4. Checking default network:"
+	@virsh net-list --all 2>/dev/null | grep -q default && echo "✓ Default network exists" || echo "✗ Default network missing"
+	@echo ""
+	@echo "5. Checking KVM support:"
+	@test -r /dev/kvm && echo "✓ KVM device accessible" || echo "✗ KVM device not accessible"
+	@echo ""
+	@echo "If you see any ✗ marks, run 'make fix-libvirt' to attempt fixes"
+
+fix-libvirt: ## Fix common libvirt permission issues
+	@echo "Setting up user-friendly libvirt configuration..."
+	@infrastructure/scripts/setup-user-libvirt.sh
+	@echo "Attempting to fix libvirt permissions..."
+	@echo "Adding user to required groups..."
+	sudo usermod -aG libvirt $$USER
+	sudo usermod -aG kvm $$USER
+	@echo "Starting libvirt service..."
+	sudo systemctl enable libvirtd
+	sudo systemctl start libvirtd
+	@echo "Checking if default network needs to be started..."
+	@sudo virsh net-list --all | grep -q "default.*inactive" && sudo virsh net-start default || true
+	@sudo virsh net-autostart default 2>/dev/null || true
+	@echo ""
+	@echo "✓ Fix attempt completed!"
+	@echo "IMPORTANT: You need to log out and log back in (or run 'newgrp libvirt') for group changes to take effect"
+	@echo "Then run 'make check-libvirt' to verify the fixes worked"
+
+test-syntax: ## Test configuration syntax only
+	@echo "Testing configuration syntax..."
+	$(TESTS_DIR)/test-local-setup.sh syntax
+
+test-integration: ## Run integration tests (requires deployed VM)
+	@echo "Running integration tests..."
+	$(TESTS_DIR)/test-integration.sh full-test
+
+deploy-test: ## Deploy VM for testing (without cleanup)
+	@echo "Deploying test VM..."
+	$(TESTS_DIR)/test-local-setup.sh deploy
+
+clean: ## Clean up temporary files
+	@echo "Cleaning up..."
+	rm -f $(TERRAFORM_DIR)/.terraform.lock.hcl
+	rm -f $(TERRAFORM_DIR)/terraform.tfstate.backup
+	rm -f install-opentofu.sh
+	rm -f /tmp/torrust-infrastructure-test.log
+
+clean-and-fix: ## Clean up all VMs and fix libvirt permissions
+	@echo "Cleaning up VMs and fixing permissions..."
+	@echo "1. Stopping and undefining any existing VMs:"
+	@for vm in $$(virsh list --all --name 2>/dev/null | grep -v '^$$'); do \
+		echo "  Cleaning up VM: $$vm"; \
+		virsh destroy $$vm 2>/dev/null || true; \
+		virsh undefine $$vm 2>/dev/null || true; \
+	done
+	@echo "2. Removing OpenTofu state:"
+	@cd $(TERRAFORM_DIR) && rm -f terraform.tfstate terraform.tfstate.backup .terraform.lock.hcl 2>/dev/null || true
+	@echo "3. Cleaning libvirt images:"
+	@sudo rm -f /var/lib/libvirt/images/torrust-tracker-demo* /var/lib/libvirt/images/ubuntu-22.04-base.qcow2 2>/dev/null || true
+	@echo "4. Fixing libvirt setup:"
+	@$(MAKE) fix-libvirt
+	@echo "✓ Clean up complete. You can now run 'make apply' safely."
+
+# New target for setting up SSH key
+setup-ssh-key: ## Setup local SSH key configuration
+	@if [ -f $(TERRAFORM_DIR)/local.tfvars ]; then \
+		echo "Local SSH configuration already exists at $(TERRAFORM_DIR)/local.tfvars"; \
+		echo "Current configuration:"; \
+		cat $(TERRAFORM_DIR)/local.tfvars; \
+	else \
+		echo "Creating local SSH key configuration..."; \
+		echo 'ssh_public_key = "REPLACE_WITH_YOUR_SSH_PUBLIC_KEY"' > $(TERRAFORM_DIR)/local.tfvars; \
+		echo ""; \
+		echo "✓ Created $(TERRAFORM_DIR)/local.tfvars"; \
+		echo ""; \
+		echo "Next steps:"; \
+		echo "1. Get your SSH public key:"; \
+		echo "   cat ~/.ssh/id_rsa.pub"; \
+		echo "   # or cat ~/.ssh/id_ed25519.pub"; \
+		echo ""; \
+		echo "2. Edit the file and replace the placeholder:"; \
+		echo "   vim $(TERRAFORM_DIR)/local.tfvars"; \
+		echo ""; \
+		echo "3. Deploy the VM:"; \
+		echo "   make apply"; \
+	fi
+
+restart-and-monitor: ## Destroy, deploy fresh, and monitor cloud-init
+	@echo "🔄 Complete restart: destroying existing VM..."
+	@$(MAKE) destroy || true
+	@echo "🚀 Deploying fresh VM..."
+	@$(MAKE) apply &
+	@echo "⏳ Waiting 10 seconds for VM to start..."
+	@sleep 10
+	@echo "📡 Starting cloud-init monitoring..."
+	@$(MAKE) monitor-cloud-init
+
+fresh-start: restart-and-monitor ## Alias for restart-and-monitor
+
+# Development targets
+dev-setup: install-deps init fix-libvirt setup-ssh-key ## Complete development setup
+	@echo "Development environment setup complete!"
+	@echo "Next steps:"
+	@echo "1. Log out and log back in for group changes"
+	@echo "2. Edit $(TERRAFORM_DIR)/local.tfvars with your SSH public key"
+	@echo "3. Run 'make test-prereq' to verify setup"
+	@echo "4. Run 'make apply' to deploy a VM"
+
+quick-test: test-prereq test-syntax ## Quick test without VM deployment
+	@echo "Quick tests completed!"
+
+# Help for specific workflows
+workflow-help: ## Show common workflows
+	@echo "Common workflows:"
+	@echo ""
+	@echo "1. First-time setup:"
+	@echo "   make dev-setup"
+	@echo "   # Log out and log back in"
+	@echo "   # Edit infrastructure/cloud-init/user-data.yaml to add your SSH key"
+	@echo "   make test-prereq"
+	@echo ""
+	@echo "2. Deploy and test:"
+	@echo "   make apply"
+	@echo "   make ssh"
+	@echo "   make destroy"
+	@echo ""
+	@echo "3. Run full test suite:"
+	@echo "   make test"
+	@echo ""
+	@echo "4. Run integration tests:"
+	@echo "   make apply"
+	@echo "   make test-integration"
+	@echo "   make destroy"
+	@echo ""
+	@echo "5. Development cycle:"
+	@echo "   make plan     # Review changes"
+	@echo "   make apply    # Deploy"
+	@echo "   make ssh      # Test manually"
+	@echo "   make destroy  # Clean up"
+
+monitor-cloud-init: ## Monitor cloud-init progress in real-time
+	@echo "Monitoring cloud-init progress..."
+	@./infrastructure/scripts/monitor-cloud-init.sh
+
+vm-restart: ## Restart the VM
+	@echo "Restarting VM..."
+	virsh shutdown $(VM_NAME)
+	@echo "Waiting for shutdown..."
+	@sleep 5
+	virsh start $(VM_NAME)
+	@echo "VM restarted"
+
+# Advanced targets