Files
@ 36e1c9460cd6
Branch filter:
Location: majic-ansible-roles/testsite/playbooks/tls.yml - annotation
36e1c9460cd6
2.1 KiB
text/x-yaml
MAR-27: Added initial scaffolding for testing mail_forwarder role:
- Fixed issues reported by Ansible linting check (some mode-related syntax and
one ignore.
- Added Molecule configuration for testing mandatory and optional
parameters. Covers both Debian Jessie and Debian Stretch.
- Added test playbook for setting-up the test instances. A helper relay mail
server.
- Updated both mail_server and mail_forwarder to fall-back to using
native (/etc/hosts) resolving if DNS fails. Solves issue with test environment
not having proper DNS set-up for all domains etc.
- Added a number of data/config files associated with tests.
- Added dummy test file.
- Fixed issues reported by Ansible linting check (some mode-related syntax and
one ignore.
- Added Molecule configuration for testing mandatory and optional
parameters. Covers both Debian Jessie and Debian Stretch.
- Added test playbook for setting-up the test instances. A helper relay mail
server.
- Updated both mail_server and mail_forwarder to fall-back to using
native (/etc/hosts) resolving if DNS fails. Solves issue with test environment
not having proper DNS set-up for all domains etc.
- Added a number of data/config files associated with tests.
- Added dummy test file.
70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 2b3af82bc50e 2b3af82bc50e 2b3af82bc50e 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 70733167cdf8 | ---
- hosts: preseed
vars:
host_tls_info:
- hostname: ldap
service: ldap
name: LDAP
- hostname: mail
service: imap
name: IMAP
- hostname: mail
service: smtp
name: SMTP
- hostname: phpinfo
service: https
name: PHP Info
- hostname: web
service: https
name: Web
- hostname: wsgi
service: https
name: WSGI Hello World
- hostname: wsgireq
service: https
name: WSGI Hello World
- hostname: xmpp
service: xmpp
name: XMPP
tasks:
- name: Create GnuTLS certificate templates for all hosts
template: src="../tls/gnutls_server_certificate.cfg.j2" dest="../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.cfg"
with_items: host_tls_info
- name: Create the CA key
command: certtool --sec-param high --generate-privkey --outfile ../tls/ca.key
args:
creates: ../tls/ca.key
- name: Create the CA certificate
command: certtool --template ../tls/ca.cfg --generate-self-signed --load-privkey ../tls/ca.key --outfile ../tls/ca.pem
args:
creates: ../tls/ca.pem
- name: Create private keys for all hosts
command: certtool --sec-param normal --generate-privkey --outfile "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key"
with_items: host_tls_info
args:
creates: "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key"
- name: Issue certificates for all hosts
shell: sleep 1 && certtool --generate-certificate
--load-ca-privkey "../tls/ca.key" --load-ca-certificate "../tls/ca.pem"
--template "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.cfg"
--load-privkey "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.key"
--outfile "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.pem"
with_items: host_tls_info
args:
creates: "../tls/{{ item.hostname }}.{{ testsite_domain }}_{{ item.service }}.pem"
|