Files
@ 814be5def61d
Branch filter:
Location: majic-ansible-roles/roles/backup_client/handlers/main.yml - annotation
814be5def61d
1.2 KiB
text/x-yaml
MAR-189: Added support for Debian 11 Bullseye to xmpp_server role:
- Roll-out LDAP client configuration since Bullseye does not come with
a stock one at /etc/ldap/ldap.conf that sets the trust anchor
correctly for validating LDAP server certificates.
- Drop the backports pinning in case of Bullseye (for now let's try to
keep the Buster and Bullseye at same versions for simplicity).
- Drop installation of Python apt bindings (no longer used).
- Tests for Buster and Bullseye need to be split-up a bit due to some
differences around backports etc.
- Roll-out LDAP client configuration since Bullseye does not come with
a stock one at /etc/ldap/ldap.conf that sets the trust anchor
correctly for validating LDAP server certificates.
- Drop the backports pinning in case of Bullseye (for now let's try to
keep the Buster and Bullseye at same versions for simplicity).
- Drop installation of Python apt bindings (no longer used).
- Tests for Buster and Bullseye need to be split-up a bit due to some
differences around backports etc.
a45dcc06530a a45dcc06530a 75810ce2ad3d 75810ce2ad3d 605cdbaf9717 945973223a21 945973223a21 945973223a21 945973223a21 605cdbaf9717 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 a45dcc06530a 605cdbaf9717 945973223a21 945973223a21 945973223a21 945973223a21 605cdbaf9717 d61d01c00362 d61d01c00362 364c0adf308e 1ac4be13293b | ---
# @TODO: Can't use file module, since one of the files (GnuPG socket)
# seems to disappear in middle of operation).
- name: Remove current keyring # noqa 301
# [301] Commands should not change things if nothing needs doing
# This task is invoked only if user is very specific about requiring to
# run the handlers manually as a way to bring the system to consistency
# after interrupted runs.
command: "rm -rf /etc/duply/main/gnupg"
args:
warn: false
- name: Create keyring directory
file:
path: "/etc/duply/main/gnupg"
state: directory
owner: root
group: root
mode: 0700
- name: Import private keys # noqa 301
# [301] Commands should not change things if nothing needs doing
# This task is invoked only if user is very specific about requiring to
# run the handlers manually as a way to bring the system to consistency
# after interrupted runs.
command: "gpg --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"
- name: Import public keys
command: "gpg --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"
when: backup_additional_encryption_keys | length > 0
|