Files
@ 2d7abfa9286a
Branch filter:
Location: majic-ansible-roles/roles/mail_server/molecule/default/group_vars/parameters-optional.yml - annotation
2d7abfa9286a
2.1 KiB
text/x-yaml
MAR-181: Deploy Prosody modules (in order to use the LDAP authentcation):
- Replaces the rolled-out-by-hand authentication module, making it
less dependent on upstream repository.
- Replaces the rolled-out-by-hand authentication module, making it
less dependent on upstream repository.
b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 6844c0a01173 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 6844c0a01173 6844c0a01173 b0c92677ba93 b0c92677ba93 6844c0a01173 6844c0a01173 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 7d9696a7b5cc 35fff2909917 b0c92677ba93 7d9696a7b5cc 7d9696a7b5cc 01e9035dac41 7d9696a7b5cc b0c92677ba93 b0c92677ba93 6844c0a01173 b0c92677ba93 01e9035dac41 b0c92677ba93 5c5d8636f699 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 b0c92677ba93 | ---
mail_ldap_base_dn: dc=local
mail_ldap_url: ldap://ldap-server/
mail_ldap_tls_truststore: "{{ lookup('file', 'tests/data/x509/ca/chain-full.cert.pem') }}"
mail_ldap_postfix_password: postfixpassword
mail_ldap_dovecot_password: dovecotpassword
mail_server_tls_protocols:
- TLSv1.2
- TLSv1.1
mail_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:\
DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:\
ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:!aNULL:!MD5:!EXPORT"
mail_user: virtmail
mail_user_uid: 5000
mail_user_gid: 5000
imap_max_user_connections_per_ip: 2
imap_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_imap.cert.pem') }}"
imap_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_imap.key.pem') }}"
local_mail_aliases:
root: "john.doe@domain1"
smtp_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_smtp.cert.pem') }}"
smtp_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_smtp.key.pem') }}"
imap_folder_separator: "."
smtp_rbl:
- bl.spamcop.net
- zen.spamhaus.org
mail_postmaster: "webmaster@parameters-optional"
smtp_allow_relay_from:
- "{{ release_based_smtp_allow_relay_from[ansible_distribution_release] }}"
mail_message_size_limit: 20480001
# Variables dependant on distribution release.
release_based_smtp_allow_relay_from:
buster: "192.168.56.20"
# common
ca_certificates:
testca: "{{ lookup('file', 'tests/data/x509/ca/level1.cert.pem') }}"
# backup_client (backup username should end in -b64 for Buster).
enable_backup: true
backup_client_username: "bak-parameters-optional-{{ ansible_distribution_release[0] }}64"
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
backup_server: ldap-server
backup_server_host_ssh_public_keys:
- "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"
|