Files
@ 064760bdc9d5
Branch filter:
Location: majic-ansible-roles/roles/common/playbook.yml - annotation
064760bdc9d5
2.4 KiB
text/x-yaml
MAR-26: Implemented tests and fixes ldap_server role:
- Use static network configuration in order to make it easier to test
connectivity from dedicated client.
- Added client machine for testing firewall.
- Added missing LDAP client configuration on instance used for testing of
mandatory options.
- Fixed name of server for backup testing purposes.
- Expanded a bit the cipher configuration for LDAP server for testing optional
parameters.
- Fixed wrongly populated Debian selections setting for LDAP organisation.
- Use templates for deploying LDAP TLS keys and certificates in order to avoid
Ansible munching the TAB characters.
- Implemented tests covering fully functionality of the role.
- Use static network configuration in order to make it easier to test
connectivity from dedicated client.
- Added client machine for testing firewall.
- Added missing LDAP client configuration on instance used for testing of
mandatory options.
- Fixed name of server for backup testing purposes.
- Expanded a bit the cipher configuration for LDAP server for testing optional
parameters.
- Fixed wrongly populated Debian selections setting for LDAP organisation.
- Use templates for deploying LDAP TLS keys and certificates in order to avoid
Ansible munching the TAB characters.
- Implemented tests covering fully functionality of the role.
2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 ea69b2719d8e ea69b2719d8e 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 ea69b2719d8e ea69b2719d8e 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 eb4d09d4abd3 ea69b2719d8e 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 ea69b2719d8e ea69b2719d8e ea69b2719d8e 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 2006d7eebe25 | ---
- hosts: all
tasks:
- name: Update all caches to avoid errors due to missing remote archives
apt:
update_cache: yes
- hosts: helper
tasks:
- name: Install apt-cacher-ng
apt:
name: apt-cacher-ng
state: installed
- hosts: parameters-mandatory
roles:
- role: common
- hosts: parameters-optional
roles:
- role: common
enable_backup: yes
apt_proxy: "http://10.31.127.2:3142/"
os_users:
- name: user1
- name: user2
uid: 2001
additional_groups:
- group1
- group2
authorized_keys:
- "{{ lookup('file', 'tests/data/ssh/clientkey1.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/clientkey2.pub') }}"
# Password is 'user2'.
password: "$6$wdXOQiMe09ugh0$VRIph2XA2QQyEYlAlH7zT4TPACDUalf/4FKpqG9JRHfKxANTcTug2ANCt450htcs0LikJfHLWofLP54jraFU61"
- name: user3
uid: 2002
additional_groups:
- group3
authorized_keys:
- "{{ lookup('file', 'tests/data/ssh/clientkey3.pub') }}"
# Password is 'user3'.
password: "$6$nmx.21uLqT$9LrUqNUgUwIM.l0KFKgr2.kDEwe2lo7IbBIhnG70AGW7GTFdWBUFnGAxH15YxikTXhDJD/uxd.NNgojEOjRvx1"
os_groups:
- name: group1
- name: group2
gid: 3001
- name: group3
gid: 3002
common_packages:
- units
- gnutls-bin
- "{{ 'libmariadb-client-lgpl-dev-compat' if ansible_distribution_release == 'jessie' else 'libmariadbclient-dev-compat' if ansible_distribution_release == 'stretch' }}"
- emacs24-nox
ca_certificates:
cacert1: "{{ lookup('file', 'tests/data/x509/ca1.cert.pem') }}"
cacert2: "{{ lookup('file', 'tests/data/x509/ca2.cert.pem') }}"
extra_backup_patterns:
- /home/user1
- /home/user2
incoming_connection_limit: 5/second
incoming_connection_limit_burst: 5
pipreqcheck_uid: 2500
pipreqcheck_gid: 2500
prompt_colour: cyan
prompt_id: test
# From backup_client role meta dependency.
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/backup_encryption_key') }}"
backup_server: backup-server
backup_server_host_ssh_public_keys:
- bougs-backup-server-key-1
- bougs-backup-server-key-2
backup_ssh_key: "bogus-backup-client-key"
|