majic-ansible-roles Files · roles/ldap_server/molecule/default/group

Files @ 6bdfd938ef64

Branch filter:

Location: majic-ansible-roles/roles/ldap_server/molecule/default/group_vars/parameters-optional.yml - annotation

6bdfd938ef64 2.6 KiB text/x-yaml Show Source Show as Raw Download as Raw

branko

MAR-242: Document that expiration period is set for uploaded files.

c082a26b62ff
c082a26b62ff
c082a26b62ff
eb03c3b4f367
1e88ff36efbd
1e88ff36efbd
eb03c3b4f367
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c1b844e6a76f
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
a7e783c2d7d6
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
c082a26b62ff
6d61ce0ca2c9

---

ldap_admin_password: adminpassword

ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_ldap.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_ldap.key.pem') }}"

ldap_entries:
  - dn: uid=john,dc=local
    attributes:
      objectClass:
        - inetOrgPerson
        - simpleSecurityObject
      userPassword: johnpassword
      uid: john
      cn: John Doe
      sn: Doe
  - dn: uid=jane,dc=local
    attributes:
      objectClass:
        - inetOrgPerson
        - simpleSecurityObject
      userPassword: janepassword
      uid: jane
      cn: Jane Doe
      sn: Doe
  - dn: uid=blank-optional-country,dc=local
    attributes:
      objectClass:
        - inetOrgPerson
        - optionalCountry
      uid: blank-optional-country
      cn: Blank Optional Country
      sn: Blank Optional Country
  - dn: uid=optional-country,dc=local
    attributes:
      objectClass:
        - inetOrgPerson
        - optionalCountry
      uid: optional-country
      cn: Optional Country
      sn: Optional Country
      c: RS
      co: Serbia

ldap_permissions:
  - >
    to *
    by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
    by self write
    by * read
    by dn="cn=admin,dc=local" write
    by * none

ldap_server_consumers:
  - name: consumer1
    password: consumer1password
  - name: consumer2
    password: consumer2password
    state: present
  - name: consumer3
    password: consumer3password
    state: absent

ldap_server_groups:
  - name: group1
  - name: group2
    state: present
  - name: group3
    state: absent

ldap_server_domain: "local"
ldap_server_organization: "Example"
ldap_server_log_level: 0
ldap_server_ssf: 0
ldap_tls_ciphers: "NONE:+VERS-TLS1.2:+CTYPE-X509:+COMP-NULL:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:\
+SIGN-RSA-SHA512:+DHE-RSA:+ECDHE-RSA:+SHA1:+SHA256:+SHA384:+AEAD:+AES-128-GCM:+AES-128-CBC:+AES-256-GCM:+AES-256-CBC:+CURVE-ALL"

# ldap_client
ldap_client_config:
  - comment: CA truststore
    option: TLS_CACERT
    value: /etc/ssl/certs/testca.cert.pem
  - comment: Ensure TLS is enforced
    option: TLS_REQCERT
    value: demand

# backup_client
enable_backup: true
backup_client_username: "bak-localhost"
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
backup_server: localhost
backup_server_host_ssh_public_keys:
  - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"
  - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"
  - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional') }}"