Files
@ 3dd7f39302f8
Branch filter:
Location: majic-ansible-roles/roles/mail_server/templates/99-local.conf.j2 - annotation
3dd7f39302f8
1.1 KiB
text/plain
MAR-29: Implemented tests for php_website role:
- Install some additional tools for testing everything.
- Updated test playbook to change allowed extensions for running PHP scripts on
parameters-optional.
- Updated error page to use correct extension for parameters-optional test
instance.
- Expanded rewrite configuration slightly for parameters-optional.
- Install libmariadb-client-lgpl-dev-compat to test mysql_config symlink
creation.
- Deploy a number of PHP pages used for testing if pages are served correctly.
- Set file permissions on deployed PHP FPM pool configuraiton files.
- Use expanded syntax when deploying TLS keys/certificates in order to avoid
issues with TAB mangling.
- Fixed set-up of Strict-Transport-Security header when HTTPS enforcement is
disabled.
- Added a number of PHP and static test pages.
- Wrote tests covering full functionality of the role.
- Install some additional tools for testing everything.
- Updated test playbook to change allowed extensions for running PHP scripts on
parameters-optional.
- Updated error page to use correct extension for parameters-optional test
instance.
- Expanded rewrite configuration slightly for parameters-optional.
- Install libmariadb-client-lgpl-dev-compat to test mysql_config symlink
creation.
- Deploy a number of PHP pages used for testing if pages are served correctly.
- Set file permissions on deployed PHP FPM pool configuraiton files.
- Use expanded syntax when deploying TLS keys/certificates in order to avoid
issues with TAB mangling.
- Fixed set-up of Strict-Transport-Security header when HTTPS enforcement is
disabled.
- Added a number of PHP and static test pages.
- Wrote tests covering full functionality of the role.
107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 1b50bc1cc817 107417b217e0 107417b217e0 107417b217e0 1b50bc1cc817 98d0bcf75e46 98d0bcf75e46 98d0bcf75e46 98d0bcf75e46 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 18cd76ec050d 18cd76ec050d f79cc0281c7c f344ed6181a9 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 1bdb64307968 107417b217e0 111e954e826d 111e954e826d 111e954e826d 111e954e826d 111e954e826d | # Authentication configuration.
auth_mechanisms = plain login
passdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf.ext
}
userdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf.ext
default_fields = uid={{ mail_user }} gid={{ mail_user }} home=/var/{{ mail_user}}/%d/%n
}
# Mail storage configuration.
mail_location = maildir:/var/{{ mail_user}}/%d/%n/Maildir
namespace inbox {
inbox = yes
separator = {{ imap_folder_separator }}
}
# Communication with other services.
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}
# TLS configuration.
ssl_cert = </etc/ssl/certs/{{ ansible_fqdn }}_imap.pem
ssl_key = </etc/ssl/private/{{ ansible_fqdn }}_imap.key
ssl_protocols = {{ mail_server_tls_protocols | join(' ') }}
ssl_cipher_list = {{ mail_server_tls_ciphers }}
ssl = required
# Mail delivery.
protocol lda {
mail_plugins = $mail_plugins sieve
postmaster_address = {{ mail_postmaster }}
}
# IMAP configuration.
protocol imap {
mail_max_userip_connections = {{ imap_max_user_connections_per_ip }}
}
|