Files
@ 114f02e67a4d
Branch filter:
Location: majic-ansible-roles/roles/xmpp_server/molecule/default/host_vars/ldap-server.yml - annotation
114f02e67a4d
1.2 KiB
text/x-yaml
MAR-173: Switch to using Prosody 0.11 as default version in the xmpp_server role:
- Updated default value for the Prosody package parameters.
- Configure the backports repository on the server, and pin the
lua-ldap package to be installed from the backports
repository (needed for Lua 5.2 support).
- Drop the explicit installation of lua-sec library - it is already
installed as pre-requisite for the Prosody package.
- Updated default value for the Prosody package parameters.
- Configure the backports repository on the server, and pin the
lua-ldap package to be installed from the backports
repository (needed for Lua 5.2 support).
- Drop the explicit installation of lua-sec library - it is already
installed as pre-requisite for the Prosody package.
2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 87f4f8572370 87f4f8572370 2ada86e90026 2ada86e90026 2ada86e90026 87f4f8572370 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 ceb51ff23ae3 ceb51ff23ae3 ceb51ff23ae3 | ---
# ldap_server role.
ldap_admin_password: admin
ldap_server_consumers:
- name: prosody
password: prosodypassword
ldap_server_domain: "local"
ldap_server_groups:
- name: xmpp
ldap_server_organization: "Example"
ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/ldap-server_ldap.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/server/ldap-server_ldap.key.pem') }}"
# common
ca_certificates:
testca: "{{ lookup('file', 'tests/data/x509/ca/level1.cert.pem') }}"
# ldap_client
ldap_client_config:
- comment: CA truststore
option: TLS_CACERT
value: /etc/ssl/certs/testca.cert.pem
- comment: Ensure TLS is enforced
option: TLS_REQCERT
value: demand
- comment: Base DN
option: BASE
value: dc=local
- comment: URI
option: URI
value: ldapi:///
# backup_server role.
backup_host_ssh_private_keys:
rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
backup_clients:
- server: parameters-optional-stretch
ip: 10.31.127.33
public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
|