Files
@ 19020779a000
Branch filter:
Location: majic-ansible-roles/roles/backup_client/playbook.yml - annotation
19020779a000
3.4 KiB
text/x-yaml
MAR-108: Implemented initial boilerplate for backup_client tests:
- Fixed backup_client role handling of encryption keys.
- Fixed backup server URI (had too many forward slashes).
- Added Molecule instance configuration file for backup server, one backup
client for testing mandatory parameters, and one backup client for testing
optional parameters.
- Implemented playbook for setting-up the test instances.
- Added test data (SSH, GnuPG keys).
- Added dummy (stock) Molecule test file.
- Fixed backup_client role handling of encryption keys.
- Fixed backup server URI (had too many forward slashes).
- Added Molecule instance configuration file for backup server, one backup
client for testing mandatory parameters, and one backup client for testing
optional parameters.
- Implemented playbook for setting-up the test instances.
- Added test data (SSH, GnuPG keys).
- Added dummy (stock) Molecule test file.
19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 19020779a000 | ---
- hosts: all
tasks:
- name: Update all caches to avoid errors due to missing remote archives
apt:
update_cache: yes
- hosts: backup-server
roles:
- role: backup_server
backup_host_ssh_private_keys:
dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"
rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
backup_clients:
- server: parameters-mandatory
ip: 10.31.127.20
public_key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory.pub') }}"
- server: parameters-mandatory
uid: 5001
ip: 10.31.127.21
public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
# Set-up custom user and port for testing optional parameters.
- hosts: backup-server
tasks:
- name: Set-up backup group
group:
name: backupuser
- name: Set-up backup user
user:
name: backupuser
group: backupuser
- name: Set-up firewall configuration for port forwarding
copy:
content: "domain (ip ip6) table nat chain PREROUTING { proto tcp dport 3333 REDIRECT to-ports 2222; }"
dest: /etc/ferm/conf.d/50-redirect_3333.conf
owner: root
group: root
mode: 0640
notify:
- Reload firewall
- name: Set-up firewall configuration to accept incoming connections to port 3333
copy:
content: "domain (ip ip6) table filter chain INPUT { proto tcp dport 3333 ACCEPT; }"
dest: /etc/ferm/conf.d/55-accept_3333.conf
owner: root
group: root
mode: 0640
notify:
- Reload firewall
handlers:
- name: Reload firewall
service:
name: ferm
state: restarted
- hosts: parameters-mandatory
roles:
- role: backup_client
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-mandatory.asc') }}"
backup_server: backup-server
backup_server_host_ssh_public_keys:
- "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"
- "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-mandatory' ) }}"
- hosts: parameters-optional
roles:
- role: backup_client
backup_additional_encryption_keys:
- "{{ lookup('file', 'tests/data/gnupg/additional_encryption_key_1.asc') }}"
- "{{ lookup('file', 'tests/data/gnupg/additional_encryption_key_2.asc') }}"
- "{{ lookup('file', 'tests/data/gnupg/additional_encryption_key_3.asc') }}"
backup_client_username: backupuser
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
backup_server: backup-server
backup_server_destination: "/home/backupuser"
backup_server_host_ssh_public_keys:
- "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"
- "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
backup_server_port: 3333
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"
|