Files
@ 4b5ca3dcf102
Branch filter:
Location: majic-ansible-roles/roles/ldap_server/molecule/default/group_vars/parameters-optional.yml - annotation
4b5ca3dcf102
2.2 KiB
text/x-yaml
MAR-197: Implement environment indicator for the web_server role:
- Now the environment indicator will also cover the default landing
page for the web server.
- Tweaked the landing page to look a bit better in terms of
margins (particularly important for the environment indicator).
- Now the environment indicator will also cover the default landing
page for the web server.
- Tweaked the landing page to look a bit better in terms of
margins (particularly important for the environment indicator).
c082a26b62ff c082a26b62ff c082a26b62ff eb03c3b4f367 bba096126140 bba096126140 eb03c3b4f367 c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff | ---
ldap_admin_password: adminpassword
ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_ldap.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_ldap.key.pem') }}"
ldap_entries:
- dn: uid=john,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: johnpassword
uid: john
cn: John Doe
sn: Doe
- dn: uid=jane,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: janepassword
uid: jane
cn: Jane Doe
sn: Doe
ldap_permissions:
- >
to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by self write
by * read
by dn="cn=admin,dc=local" write
by * none
ldap_server_consumers:
- name: consumer1
password: consumer1password
- name: consumer2
password: consumer2password
state: present
- name: consumer3
password: consumer3password
state: absent
ldap_server_groups:
- name: group1
- name: group2
state: present
- name: group3
state: absent
ldap_server_domain: "local"
ldap_server_organization: "Example"
ldap_server_log_level: 0
ldap_server_ssf: 0
ldap_tls_ciphers: "NONE:+VERS-TLS1.1:+VERS-TLS1.2:+CTYPE-X509:+COMP-NULL:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:\
+SIGN-RSA-SHA512:+DHE-RSA:+ECDHE-RSA:+SHA1:+SHA256:+SHA384:+AEAD:+AES-128-GCM:+AES-128-CBC:+AES-256-GCM:+AES-256-CBC:+CURVE-ALL"
# ldap_client
ldap_client_config:
- comment: CA truststore
option: TLS_CACERT
value: /etc/ssl/certs/testca.cert.pem
- comment: Ensure TLS is enforced
option: TLS_REQCERT
value: demand
# backup_client
enable_backup: true
backup_client_username: "bak-localhost"
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
backup_server: localhost
backup_server_host_ssh_public_keys:
- "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"
|