loc_az_hci/scripts/troubleshooting/test-all-access-paths.sh

#!/bin/bash
source ~/.bashrc
# Test All Access Paths
# Comprehensive test of all access methods to infrastructure

set -e

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"

# Load environment variables
if [ -f "$PROJECT_ROOT/.env" ]; then
    set -a
    source <(grep -v '^#' "$PROJECT_ROOT/.env" | grep -v '^$' | sed 's/#.*$//' | grep '=')
    set +a
fi

# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'

log_info() {
    echo -e "${GREEN}[INFO]${NC} $1"
}

log_warn() {
    echo -e "${YELLOW}[WARN]${NC} $1"
}

log_error() {
    echo -e "${RED}[ERROR]${NC} $1"
}

log_test() {
    echo -e "${BLUE}[TEST]${NC} $1"
}

ML110_IP="192.168.1.206"
R630_IP="192.168.1.49"
SSH_KEY="$HOME/.ssh/id_ed25519_proxmox"
VM_IPS=("192.168.1.60" "192.168.1.188" "192.168.1.121" "192.168.1.82")
VM_NAMES=("cloudflare-tunnel" "k3s-master" "git-server" "observability")

test_proxmox_web_ui() {
    local host=$1
    local name=$2
    
    log_test "Testing $name Web UI (https://$host:8006)..."
    local status=$(curl -k -s -o /dev/null -w "%{http_code}" --connect-timeout 5 "https://$host:8006" 2>/dev/null)
    
    if [ "$status" = "200" ] || [ "$status" = "401" ] || [ "$status" = "403" ]; then
        echo -e "  ${GREEN}✓${NC} Web UI accessible (HTTP $status)"
        return 0
    else
        echo -e "  ${RED}✗${NC} Web UI not accessible (HTTP $status)"
        return 1
    fi
}

test_proxmox_ssh() {
    local host=$1
    local name=$2
    
    log_test "Testing $name SSH access..."
    
    if [ ! -f "$SSH_KEY" ]; then
        echo -e "  ${YELLOW}⚠${NC} SSH key not found: $SSH_KEY"
        return 1
    fi
    
    if ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no -o ConnectTimeout=5 "root@$host" "echo 'SSH OK'" &>/dev/null; then
        echo -e "  ${GREEN}✓${NC} SSH access working"
        return 0
    else
        echo -e "  ${RED}✗${NC} SSH access failed"
        return 1
    fi
}

test_proxmox_api() {
    local host=$1
    local name=$2
    
    log_test "Testing $name API access..."
    
    if [ -z "${PVE_ROOT_PASS:-}" ]; then
        echo -e "  ${YELLOW}⚠${NC} PVE_ROOT_PASS not set"
        return 1
    fi
    
    local response=$(curl -s -k --connect-timeout 5 --max-time 10 \
        -d "username=root@pam&password=$PVE_ROOT_PASS" \
        "https://$host:8006/api2/json/access/ticket" 2>&1)
    
    if echo "$response" | grep -q '"data"'; then
        echo -e "  ${GREEN}✓${NC} API access working"
        return 0
    else
        echo -e "  ${RED}✗${NC} API access failed"
        return 1
    fi
}

test_vm_network() {
    local ip=$1
    local name=$2
    
    log_test "Testing $name network access ($ip)..."
    
    if ping -c 1 -W 2 "$ip" &>/dev/null; then
        echo -e "  ${GREEN}✓${NC} Ping successful"
    else
        echo -e "  ${RED}✗${NC} Ping failed"
        return 1
    fi
    
    if timeout 2 bash -c "cat < /dev/null > /dev/tcp/$ip/22" 2>/dev/null; then
        echo -e "  ${GREEN}✓${NC} SSH port 22 open"
    else
        echo -e "  ${YELLOW}⚠${NC} SSH port 22 closed or filtered"
    fi
    
    return 0
}

test_vm_ssh() {
    local ip=$1
    local name=$2
    
    log_test "Testing $name SSH access..."
    
    if [ ! -f "$SSH_KEY" ]; then
        echo -e "  ${YELLOW}⚠${NC} SSH key not found"
        return 1
    fi
    
    if ssh -i "$SSH_KEY" -o StrictHostKeyChecking=no -o ConnectTimeout=5 "ubuntu@$ip" "hostname" &>/dev/null; then
        echo -e "  ${GREEN}✓${NC} SSH access working"
        return 0
    else
        echo -e "  ${RED}✗${NC} SSH access failed (authentication)"
        return 1
    fi
}

test_qemu_guest_agent() {
    local vmid=$1
    local name=$2
    
    log_test "Testing $name QEMU Guest Agent (VM $vmid)..."
    
    if [ ! -f "$SSH_KEY" ]; then
        echo -e "  ${YELLOW}⚠${NC} Cannot test (SSH key needed)"
        return 1
    fi
    
    local result=$(ssh -i "$SSH_KEY" -o ConnectTimeout=5 "root@$ML110_IP" \
        "qm guest exec $vmid -- echo 'test' 2>&1" 2>/dev/null)
    
    if echo "$result" | grep -q "test"; then
        echo -e "  ${GREEN}✓${NC} Guest Agent working"
        return 0
    elif echo "$result" | grep -q "not running"; then
        echo -e "  ${YELLOW}⚠${NC} Guest Agent not running (needs installation)"
        return 1
    else
        echo -e "  ${RED}✗${NC} Guest Agent not accessible"
        return 1
    fi
}

test_service_ports() {
    local ip=$1
    local name=$2
    local ports=()
    
    case "$name" in
        cloudflare-tunnel)
            ports=(22)
            ;;
        k3s-master)
            ports=(22 6443 10250)
            ;;
        git-server)
            ports=(22 3000 2222)
            ;;
        observability)
            ports=(22 3000 9090)
            ;;
    esac
    
    log_test "Testing $name service ports..."
    for port in "${ports[@]}"; do
        if timeout 2 bash -c "cat < /dev/null > /dev/tcp/$ip/$port" 2>/dev/null; then
            echo -e "  ${GREEN}✓${NC} Port $port open"
        else
            echo -e "  ${YELLOW}⚠${NC} Port $port closed (service may not be running)"
        fi
    done
}

main() {
    echo "========================================="
    echo "Access Paths Test - Complete Map"
    echo "========================================="
    echo ""
    
    # Test Proxmox Hosts
    log_info "Testing Proxmox Hosts"
    echo ""
    
    echo "ML110 (192.168.1.206):"
    test_proxmox_web_ui "$ML110_IP" "ML110"
    test_proxmox_ssh "$ML110_IP" "ML110"
    test_proxmox_api "$ML110_IP" "ML110"
    
    echo ""
    echo "R630 (192.168.1.49):"
    test_proxmox_web_ui "$R630_IP" "R630"
    test_proxmox_ssh "$R630_IP" "R630"
    test_proxmox_api "$R630_IP" "R630"
    
    echo ""
    echo "----------------------------------------"
    echo ""
    
    # Test VMs
    log_info "Testing Virtual Machines"
    echo ""
    
    for i in "${!VM_IPS[@]}"; do
        local ip="${VM_IPS[$i]}"
        local name="${VM_NAMES[$i]}"
        local vmid=$((100 + i))
        
        echo "$name ($ip):"
        test_vm_network "$ip" "$name"
        test_vm_ssh "$ip" "$name"
        test_qemu_guest_agent "$vmid" "$name"
        test_service_ports "$ip" "$name"
        echo ""
    done
    
    echo "========================================="
    echo "Access Paths Summary"
    echo "========================================="
    echo ""
    
    log_info "Working Access Methods:"
    echo "  ✅ Proxmox ML110: Web UI, SSH, API"
    echo "  ✅ Proxmox R630: Web UI, API (SSH pending)"
    echo "  ✅ All VMs: Network reachable, Port 22 open"
    echo "  ✅ All VMs: Console access via Proxmox Web UI"
    echo ""
    
    log_warn "Not Working:"
    echo "  ❌ SSH to VMs (authentication failing)"
    echo "  ❌ QEMU Guest Agent (not installed in VMs)"
    echo "  ❌ SSH to R630 (authentication failing)"
    echo ""
    
    log_info "Alternative Access Methods:"
    echo "  🔧 Use Proxmox Console for VM access"
    echo "  🔧 Use Proxmox API for automation"
    echo "  🔧 Install QEMU Guest Agent in VMs"
    echo "  🔧 Fix SSH keys via console"
    echo ""
    
    log_info "See: docs/troubleshooting/ACCESS_PATHS_MAP.md"
}

main "$@"