Files
@ 502fdc081d35
Branch filter:
Location: majic-ansible-roles/roles/web_server/playbook.yml - annotation
502fdc081d35
2.2 KiB
text/x-yaml
MAR-32: Added initial scaffolding for testing web_server role:
- Added Molecule configuration for for bringing up a couple of instances.
- Added test playbook that sets-up test instances.
- Fixed issues with file mode in tasks (added leading 0).
- Added test data (TLS private keys and certificates).
- Added dummy test file.
- Added Molecule configuration for for bringing up a couple of instances.
- Added test playbook that sets-up test instances.
- Fixed issues with file mode in tasks (added leading 0).
- Added test data (TLS private keys and certificates).
- Added dummy test file.
502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 502fdc081d35 | ---
- hosts: all
tasks:
- name: Update all caches to avoid errors due to missing remote archives
apt:
update_cache: yes
- hosts: all
tasks:
- name: Set-up /etc/hosts entries
lineinfile:
dest: /etc/hosts
line: "{{ item.key }} {{ item.value }}"
with_dict:
10.31.127.20: "client1"
10.31.127.30: "parameters-mandatory"
10.31.127.31: "parameters-optional"
- hosts: client1
tasks:
- name: Install tool for testing TCP connectivity
apt:
name: hping3
state: installed
- name: Install console-based web browser for interactive testing
apt:
name: lynx
state: installed
- name: Deploy CA certificate
copy:
src: tests/data/x509/ca.cert.pem
dest: /usr/local/share/ca-certificates/testca.crt
owner: root
group: root
mode: 0644
notify:
- Update CA certificate cache
handlers:
- name: Update CA certificate cache
command: /usr/sbin/update-ca-certificates --fresh
- hosts: parameters-mandatory
roles:
- role: web_server
# common
ca_certificates:
testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
# Common parameters (general, not role).
tls_certificate_dir: tests/data/x509/
tls_private_key_dir: tests/data/x509/
- hosts: parameters-optional
roles:
- role: web_server
default_enforce_https: no
default_https_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-optional_https.cert.pem') }}"
default_https_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-optional_https.key.pem') }}"
web_default_title: "Optional Welcome"
web_default_message: "Welcome to parameters-optional, default virtual host."
web_server_tls_protocols:
- TLSv1.1
- TLSv1.2
web_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:!aNULL:!MD5:!EXPORT"
# common
ca_certificates:
testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
|