Docs: Improve setup for test environments

BornToBeRoot · BornToBeRoot · commit 3e6d670fd8c7 · 2026-06-16T23:07:39.000+02:00
diff --git a/Tests/Environments/ActiveDirectory/README.md b/Tests/Environments/ActiveDirectory/README.md
@@ -0,0 +1,59 @@
+# Active Directory Test Environment
+
+Helper scripts for setting up Active Directory test data for NETworkManager.
+
+## Scripts
+
+### `Create-TestAdComputers.ps1`
+
+Creates computer accounts in Active Directory to test NETworkManager's **AD profile import** feature (import of computer accounts as connection profiles).
+
+#### Requirements
+
+- Windows with the **ActiveDirectory** PowerShell module (RSAT)
+- Domain-joined machine with write permissions to the target OU
+
+Install RSAT if missing:
+
+```powershell
+Add-WindowsCapability -Online -Name Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0
+```
+
+#### Parameters
+
+| Parameter       | Default                               | Description                                                                  |
+| --------------- | ------------------------------------- | ---------------------------------------------------------------------------- |
+| `-OUPath`       | Domain's built-in Computers container | Distinguished name of the target OU                                          |
+| `-Count`        | `25`                                  | Number of computer accounts to create                                        |
+| `-NamePrefix`   | `NM-TEST-`                            | Name prefix for computer accounts                                            |
+| `-DnsZone`      | AD domain DNS root                    | DNS zone appended to the computer name to build `dnsHostName`                |
+| `-CreateOU`     | _(switch)_                            | Create the target OU if it does not exist                                    |
+| `-DisableEvery` | `0` _(never)_                         | Disable every Nth account — useful for testing the "exclude disabled" filter |
+
+#### Examples
+
+Create 25 computers in the default Computers container:
+
+```powershell
+.\Create-TestAdComputers.ps1
+```
+
+Create 50 computers in a custom OU (creates the OU if missing), disable every 5th:
+
+```powershell
+.\Create-TestAdComputers.ps1 `
+    -OUPath "OU=NetworkManagerTest,DC=lab,DC=local" `
+    -Count 50 `
+    -CreateOU `
+    -DisableEvery 5
+```
+
+Preview changes without applying them (`-WhatIf`):
+
+```powershell
+.\Create-TestAdComputers.ps1 -OUPath "OU=NM,DC=lab,DC=local" -Count 10 -WhatIf
+```
+
+#### Idempotency
+
+The script skips accounts that already exist and reports them as `[skip]`. Re-running it is safe.
diff --git a/Tests/Environments/SNMP/README.md b/Tests/Environments/SNMP/README.md
@@ -0,0 +1,75 @@
+# SNMP Test Environment
+
+A minimal, self-contained SNMP test environment running on Linux (Debian/Ubuntu) to test NETworkManager's SNMP features.
+
+> **Warning:** This configuration is intentionally insecure. Use in isolated test environments only, never in production.
+
+## Requirements
+
+- Debian / Ubuntu (tested on Ubuntu 22.04+)
+- Root / `sudo` access
+
+## Setup
+
+Run the setup script to install and configure the SNMP daemon:
+
+```bash
+sudo bash setup.sh
+```
+
+The script is idempotent — re-running it overwrites the configuration and resets the SNMPv3 credentials.
+
+To customise community strings or credentials, edit the variables at the top of `setup.sh` before running.
+
+## Default credentials
+
+| Protocol            | Setting       | Value            |
+| ------------------- | ------------- | ---------------- |
+| SNMPv2c             | Community     | `public`         |
+| SNMPv3 noAuthNoPriv | Username      | `noAuthUser`     |
+| SNMPv3 authNoPriv   | Username      | `authNoPrivUser` |
+| SNMPv3 authNoPriv   | Auth protocol | SHA-512          |
+| SNMPv3 authNoPriv   | Auth password | `auth123456789`  |
+| SNMPv3 authPriv     | Username      | `authPrivUser`   |
+| SNMPv3 authPriv     | Auth protocol | SHA-512          |
+| SNMPv3 authPriv     | Auth password | `auth123456789`  |
+| SNMPv3 authPriv     | Priv protocol | AES              |
+| SNMPv3 authPriv     | Priv password | `priv987654321`  |
+
+## Accessible OIDs
+
+The `systemonly` view restricts access to:
+
+| OID prefix          | Description                                    |
+| ------------------- | ---------------------------------------------- |
+| `.1.3.6.1.2.1.1`    | System group (sysDescr, sysName, sysUpTime, …) |
+| `.1.3.6.1.2.1.25.1` | Host resources — hrSystem group                |
+
+## Ports
+
+The daemon listens on UDP port **161** for both IPv4 (`udp:161`) and IPv6 (`udp6:161`).
+
+## Verifying the setup
+
+```bash
+# SNMPv2c
+snmpwalk -v2c -c public localhost .1.3.6.1.2.1.1
+
+# SNMPv3 – noAuthNoPriv
+snmpwalk -v3 -l noAuthNoPriv -u noAuthUser localhost .1.3.6.1.2.1.1
+
+# SNMPv3 – authNoPriv
+snmpwalk -v3 -l authNoPriv -u authNoPrivUser \
+  -a SHA-512 -A auth123456789 \
+  localhost .1.3.6.1.2.1.1
+
+# SNMPv3 – authPriv
+snmpwalk -v3 -l authPriv -u authPrivUser \
+  -a SHA-512 -A auth123456789 \
+  -x AES    -X priv987654321 \
+  localhost .1.3.6.1.2.1.1
+```
+
+## Additional configuration
+
+Drop extra `.conf` files into `/etc/snmp/snmpd.conf.d/` — they are included automatically by the daemon.
diff --git a/Tests/Environments/SNMP/setup.sh b/Tests/Environments/SNMP/setup.sh
@@ -0,0 +1,125 @@
+#!/usr/bin/env bash
+# Sets up a minimal, insecure SNMP test environment on Debian/Ubuntu.
+# Idempotent: safe to re-run; resets configuration and SNMPv3 credentials each time.
+set -euo pipefail
+
+# ------------------------------------------------------------------------------
+# Configuration — adjust to your needs
+# ------------------------------------------------------------------------------
+SYS_LOCATION="Testserver"
+SYS_CONTACT="Test <test@borntoberoot.net>"
+
+V2C_COMMUNITY="public"
+
+V3_NOAUTH_USER="noAuthUser"
+
+V3_AUTH_USER="authNoPrivUser"
+V3_AUTH_PROTOCOL="SHA-512"      # MD5 | SHA | SHA-224 | SHA-256 | SHA-384 | SHA-512
+V3_AUTH_PASSWORD="auth123456789"
+
+V3_AUTHPRIV_USER="authPrivUser"
+V3_PRIV_PROTOCOL="AES"          # DES | AES
+V3_PRIV_PASSWORD="priv987654321"
+# ------------------------------------------------------------------------------
+
+SNMPD_CONF="/etc/snmp/snmpd.conf"
+SNMPD_PERSIST="/var/lib/snmp/snmpd.conf"
+SNMPD_CONF_D="/etc/snmp/snmpd.conf.d"
+
+if [[ $EUID -ne 0 ]]; then
+    echo "ERROR: Run as root or with sudo." >&2
+    exit 1
+fi
+
+echo "==> Installing packages..."
+apt-get update -y -qq
+apt-get install -y -qq snmp snmpd
+
+echo "==> Stopping snmpd..."
+systemctl stop snmpd 2>/dev/null || true
+
+# snmpd moves 'createUser' entries into /var/lib/snmp/snmpd.conf on first start
+# and removes them from the main config. Remove the persisted user so snmpd
+# re-creates it from our config on the next start (idempotency).
+echo "==> Resetting SNMPv3 credentials from persistent store..."
+if [[ -f "$SNMPD_PERSIST" ]]; then
+    sed -i "/usmUser.*\"$V3_NOAUTH_USER\"/d" "$SNMPD_PERSIST"
+    sed -i "/usmUser.*\"$V3_AUTH_USER\"/d"   "$SNMPD_PERSIST"
+    sed -i "/usmUser.*\"$V3_AUTHPRIV_USER\"/d" "$SNMPD_PERSIST"
+fi
+
+echo "==> Writing $SNMPD_CONF..."
+cat > "$SNMPD_CONF" << EOF
+sysLocation    $SYS_LOCATION
+sysContact     $SYS_CONTACT
+sysServices    72
+
+master  agentx
+
+agentaddress  udp:161,udp6:161
+
+view   systemonly  included   .1.3.6.1.2.1.1
+view   systemonly  included   .1.3.6.1.2.1.25.1
+
+# v2c
+rocommunity  $V2C_COMMUNITY default -V systemonly
+rocommunity6 $V2C_COMMUNITY default -V systemonly
+
+# v3 – noAuthNoPriv (no authentication, no encryption)
+createUser $V3_NOAUTH_USER
+rouser $V3_NOAUTH_USER noauth -V systemonly
+
+# v3 – authNoPriv (authentication, no encryption)
+createUser $V3_AUTH_USER $V3_AUTH_PROTOCOL $V3_AUTH_PASSWORD
+rouser $V3_AUTH_USER auth -V systemonly
+
+# v3 – authPriv (authentication and encryption)
+createUser $V3_AUTHPRIV_USER $V3_AUTH_PROTOCOL $V3_AUTH_PASSWORD $V3_PRIV_PROTOCOL $V3_PRIV_PASSWORD
+rouser $V3_AUTHPRIV_USER authpriv -V systemonly
+
+# include all *.conf files in a directory
+includeDir $SNMPD_CONF_D
+EOF
+chmod 600 "$SNMPD_CONF"
+
+echo "==> Creating $SNMPD_CONF_D (for optional extra config files)..."
+mkdir -p "$SNMPD_CONF_D"
+
+echo "==> Enabling and starting snmpd..."
+systemctl enable --quiet snmpd
+systemctl start snmpd
+
+echo ""
+if systemctl is-active --quiet snmpd; then
+    echo "snmpd is running."
+else
+    echo "WARNING: snmpd did not start. Check 'journalctl -u snmpd' for details." >&2
+    exit 1
+fi
+
+echo ""
+echo "Setup complete. Credentials:"
+echo ""
+echo "  SNMPv2c"
+echo "    Community string : $V2C_COMMUNITY"
+echo ""
+echo "  SNMPv3 – noAuthNoPriv"
+echo "    Username         : $V3_NOAUTH_USER"
+echo ""
+echo "  SNMPv3 – authNoPriv"
+echo "    Username         : $V3_AUTH_USER"
+echo "    Auth protocol    : $V3_AUTH_PROTOCOL"
+echo "    Auth password    : $V3_AUTH_PASSWORD"
+echo ""
+echo "  SNMPv3 – authPriv"
+echo "    Username         : $V3_AUTHPRIV_USER"
+echo "    Auth protocol    : $V3_AUTH_PROTOCOL"
+echo "    Auth password    : $V3_AUTH_PASSWORD"
+echo "    Priv protocol    : $V3_PRIV_PROTOCOL"
+echo "    Priv password    : $V3_PRIV_PASSWORD"
+echo ""
+echo "Verify with:"
+echo "  snmpwalk -v2c -c $V2C_COMMUNITY localhost .1.3.6.1.2.1.1"
+echo "  snmpwalk -v3 -l noAuthNoPriv -u $V3_NOAUTH_USER localhost .1.3.6.1.2.1.1"
+echo "  snmpwalk -v3 -l authNoPriv   -u $V3_AUTH_USER    -a $V3_AUTH_PROTOCOL -A $V3_AUTH_PASSWORD localhost .1.3.6.1.2.1.1"
+echo "  snmpwalk -v3 -l authPriv     -u $V3_AUTHPRIV_USER -a $V3_AUTH_PROTOCOL -A $V3_AUTH_PASSWORD -x $V3_PRIV_PROTOCOL -X $V3_PRIV_PASSWORD localhost .1.3.6.1.2.1.1"
