Cleanup

tests/integration/nat/hole-punching/compose.yml

@@ -1,10 +1,4 @@
-# A node behind a NAT is reachable only through A's relay. When the reachable
-# node C dials it through the relay, the relayed node dials C back directly
-# (C is public) and the relayed connection is upgraded to a direct one. Same
-# topology as relay-download. Run via testholepunching.nim.
-#
-#   node B ──── lan ──── router (NAT) ──── wan ──── bootstrap A (relay)
-#                                           └────── node C (reachable)
+# NAT hole-punching scenario — see README.md. Run via testholepunching.nim.
 name: nat-hole-punching
 
 # Topology addresses, named for their role (defined once, referenced below).

tests/integration/nat/hole-punching/testholepunching.nim

@@ -1,16 +1,7 @@
-## NAT hole-punching scenario — a node reached through the relay is upgraded to
-## a direct connection.
+## NAT hole-punching scenario. See README.md.
 ##
-## B sits behind a NAT and is reachable only via A's relay. When the reachable
-## node C dials B through the relay, B's hole-punching handler dials C back
-## directly (C is public) and the relayed connection is replaced by a direct one.
-##
-## Hole punching has no REST surface, so success is asserted on B's container log
-## line below (DEBUG). Brittle if that message ever changes.
-##
-## Requires podman-compose and the scenario image:
-##   podman build -t localhost/storage-nat \
-##     -f tests/integration/nat/Dockerfile .
+## Success is asserted on node B's container log line (no REST surface for the
+## connection type); brittle if that message changes.
 
 import std/[json, os, sequtils, strutils, times]
 import pkg/chronos

tests/integration/nat/not-downloadable/compose.yml

@@ -1,11 +1,4 @@
-# A node behind a NAT with no relay can't be reached from outside, so it can't
-# be downloaded from: it announces no dialable address, the reachable node C
-# finds it as a provider but never dials it. Same real iptables NAT as
-# not-reachable, but bootstrap A runs *without* the relay server. Run via
-# testnotdownloadable.nim.
-#
-#   node B ──── lan ──── router (NAT) ──── wan ──── bootstrap A
-#                                           └────── node C (reachable)
+# NAT not-downloadable scenario — see README.md. Run via testnotdownloadable.nim.
 name: nat-not-downloadable
 
 # Topology addresses, named for their role (defined once, referenced below).

tests/integration/nat/not-downloadable/testnotdownloadable.nim

@@ -1,14 +1,4 @@
-## NAT not-downloadable scenario — a node behind a NAT with no relay cannot be
-## downloaded from.
-##
-## Same shape as the not-reachable test: compose.yml brings up a real NAT
-## topology, but bootstrap A runs without the relay server. B stays NotReachable
-## and announces no dialable address, so a reachable peer C finds it as a
-## provider but can never dial it — the manifest fetch fails.
-##
-## Requires podman-compose and the scenario image:
-##   podman build -t localhost/storage-nat \
-##     -f tests/integration/nat/Dockerfile .
+## NAT not-downloadable scenario. See README.md.
 
 import std/[json, os, times]
 import pkg/chronos

tests/integration/nat/not-reachable/compose.yml

@@ -1,9 +1,4 @@
-# A node behind a NAT that can't be reached from outside must be detected
-# NotReachable and fall back to the relay. This checks it on a real container
-# network with real iptables NAT, not the in-process simulation the unit tests
-# use. Run via testnotreachable.nim.
-#
-#   node B ──── lan ──── router (NAT) ──── wan ──── bootstrap A
+# NAT not-reachable scenario — see README.md. Run via testnotreachable.nim.
 name: nat-not-reachable
 
 # Topology addresses, named for their role (defined once, referenced below).

tests/integration/nat/not-reachable/testnotreachable.nim

@@ -1,8 +1,4 @@
-## NAT not-reachable scenario — node behind a real NAT falls back to relay.
-##
-## Requires podman-compose and the scenario image:
-##   podman build -t localhost/storage-nat:not-reachable \
-##     -f tests/integration/nat/not-reachable/Dockerfile .
+## NAT not-reachable scenario. See README.md.
 
 import std/[json, os, sequtils, strutils, times]
 import pkg/chronos

tests/integration/nat/pcp/compose.yml

@@ -1,9 +1,4 @@
-# Same NAT topology as upnp, but miniupnpd has PCP enabled and the node maps its
-# port over PCP (libplum's preferred protocol), which installs a real DNAT on the
-# router, so AutoNAT's dial-back reaches it and it is detected Reachable — no
-# relay. Run via testpcp.nim.
-#
-#   node B ──── lan ──── router (NAT + miniupnpd/PCP) ──── wan ──── bootstrap A
+# NAT pcp scenario — see README.md. Run via testpcp.nim.
 name: nat-pcp
 
 # Topology addresses, named for their role (defined once, referenced below).

tests/integration/nat/pcp/testpcp.nim

@@ -1,13 +1,4 @@
-## NAT pcp scenario — node behind a real NAT becomes Reachable by mapping its
-## port over PCP.
-##
-## Same shape as the upnp test, but miniupnpd has PCP enabled and the node maps
-## its TCP/UDP ports via PCP (libplum's preferred protocol), which installs a real
-## DNAT on the router. AutoNAT's dial-back then reaches the node, so it is
-## detected Reachable with an active PCP mapping — no relay.
-##
-## Requires podman-compose and the scenario image:
-##   podman build -t localhost/storage-nat -f tests/integration/nat/Dockerfile .
+## NAT pcp scenario. See README.md.
 
 import std/[json, os, sequtils, strutils, times]
 import pkg/chronos

tests/integration/nat/reachable/compose.yml

@@ -1,7 +1,4 @@
-# Same setup as not-reachable, but the router forwards B's port (DNAT), so
-# AutoNAT's dial-back reaches B and it is detected Reachable — no relay needed.
-#
-#   node B ──── lan ──── router (NAT + port forward) ──── wan ──── bootstrap A
+# NAT reachable scenario — see README.md. Run via testreachable.nim.
 name: nat-reachable
 
 # Topology addresses, named for their role (defined once, referenced below).

tests/integration/nat/reachable/testreachable.nim

@@ -1,14 +1,4 @@
-## NAT reachable scenario — node behind a real NAT is Reachable because the
-## router forwards its port.
-##
-## Same shape as the not-reachable test: compose.yml brings up a real NAT
-## topology, but the router has a static inbound port-forward (DNAT) to the node.
-## AutoNAT's dial-back reaches the node, so it is detected Reachable (no relay) —
-## a manual port-forward / endpoint-independent NAT, no miniupnpd.
-##
-## Requires podman-compose and the scenario image:
-##   podman build -t localhost/storage-nat:reachable \
-##     -f tests/integration/nat/reachable/Dockerfile .
+## NAT reachable scenario. See README.md.
 
 import std/[json, os, sequtils, strutils, times]
 import pkg/chronos

tests/integration/nat/relay-download/compose.yml

@@ -1,10 +1,4 @@
-# A node behind a NAT falls back to bootstrap A's relay and announces its
-# circuit address, so a reachable node C can download from it through the relay.
-# Same real iptables NAT as not-reachable, with C added as the downloader. Run
-# via testrelaydownload.nim.
-#
-#   node B ──── lan ──── router (NAT) ──── wan ──── bootstrap A (relay)
-#                                           └────── node C (reachable)
+# NAT relay-download scenario — see README.md. Run via testrelaydownload.nim.
 name: nat-relay-download
 
 # Topology addresses, named for their role (defined once, referenced below).

tests/integration/nat/relay-download/testrelaydownload.nim

@@ -1,14 +1,4 @@
-## NAT relay-download scenario — a node behind a NAT can be downloaded from
-## through the relay.
-##
-## Same shape as the not-reachable test: compose.yml brings up a real NAT
-## topology with bootstrap A running the relay server. B stays NotReachable,
-## falls back to the relay and announces its circuit address, so a reachable
-## peer C can fetch its data through the relay.
-##
-## Requires podman-compose and the scenario image:
-##   podman build -t localhost/storage-nat \
-##     -f tests/integration/nat/Dockerfile .
+## NAT relay-download scenario. See README.md.
 
 import std/[json, os, sequtils, strutils, times]
 import pkg/chronos

tests/integration/nat/upnp/compose.yml

@@ -1,8 +1,4 @@
-# Same NAT topology as not-reachable, but the router runs miniupnpd. The node
-# maps its port over UPnP, which installs a real DNAT on the router, so AutoNAT's
-# dial-back reaches it and it is detected Reachable — no relay. Run via testupnp.nim.
-#
-#   node B ──── lan ──── router (NAT + miniupnpd) ──── wan ──── bootstrap A
+# NAT upnp scenario — see README.md. Run via testupnp.nim.
 name: nat-upnp
 
 # Topology addresses, named for their role (defined once, referenced below).

tests/integration/nat/upnp/testupnp.nim

@@ -1,13 +1,4 @@
-## NAT upnp scenario — node behind a real NAT becomes Reachable by mapping its
-## port over UPnP.
-##
-## Same shape as the reachable test, but the router opens no port itself: it runs
-## miniupnpd and the node maps its TCP/UDP ports via UPnP, which installs a real
-## DNAT on the router. AutoNAT's dial-back then reaches the node, so it is
-## detected Reachable with an active UPnP mapping — no relay.
-##
-## Requires podman-compose and the scenario image:
-##   podman build -t localhost/storage-nat -f tests/integration/nat/Dockerfile .
+## NAT upnp scenario. See README.md.
 
 import std/[json, os, sequtils, strutils, times]
 import pkg/chronos