majic-ansible-roles Files · roles/mail_server/molecule/default/host

Files @ 114f02e67a4d

Branch filter:

Location: majic-ansible-roles/roles/mail_server/molecule/default/host_vars/ldap-server.yml - annotation

114f02e67a4d 1.4 KiB text/x-yaml Show Source Show as Raw Download as Raw

branko

MAR-173: Switch to using Prosody 0.11 as default version in the xmpp_server role:

- Updated default value for the Prosody package parameters.
- Configure the backports repository on the server, and pin the
lua-ldap package to be installed from the backports
repository (needed for Lua 5.2 support).
- Drop the explicit installation of lua-sec library - it is already
installed as pre-requisite for the Prosody package.

b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
6844c0a01173
6844c0a01173
b0c92677ba93
b0c92677ba93
b0c92677ba93
6844c0a01173
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
5c5d8636f699
b0c92677ba93
b0c92677ba93
b0c92677ba93
5c5d8636f699
5c5d8636f699
5c5d8636f699
5c5d8636f699

---

# ldap_server role
ldap_admin_password: admin

ldap_server_consumers:
  - name: postfix
    password: postfixpassword
  - name: dovecot
    password: dovecotpassword
    state: present

ldap_server_domain: "local"
ldap_server_groups:
  - name: mail
ldap_server_organization: "Example"
ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/ldap-server_ldap.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/server/ldap-server_ldap.key.pem') }}"

# common
ca_certificates:
  testca: "{{ lookup('file', 'tests/data/x509/ca/level1.cert.pem') }}"

# ldap_client
ldap_client_config:
  - comment: CA truststore
    option: TLS_CACERT
    value: /etc/ssl/certs/testca.cert.pem
  - comment: Ensure TLS is enforced
    option: TLS_REQCERT
    value: demand
  - comment: Base DN
    option: BASE
    value: dc=local
  - comment: URI
    option: URI
    value: ldapi:///

# backup_server role
backup_host_ssh_private_keys:
  rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
  ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
  ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
backup_clients:

  - server: parameters-optional-j64
    ip: 10.31.127.31
    public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"

  - server: parameters-optional-s64
    ip: 10.31.127.33
    public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"