Files
@ 814be5def61d
Branch filter:
Location: majic-ansible-roles/roles/xmpp_server/molecule/default/group_vars/parameters-optional.yml - annotation
814be5def61d
1.4 KiB
text/x-yaml
MAR-189: Added support for Debian 11 Bullseye to xmpp_server role:
- Roll-out LDAP client configuration since Bullseye does not come with
a stock one at /etc/ldap/ldap.conf that sets the trust anchor
correctly for validating LDAP server certificates.
- Drop the backports pinning in case of Bullseye (for now let's try to
keep the Buster and Bullseye at same versions for simplicity).
- Drop installation of Python apt bindings (no longer used).
- Tests for Buster and Bullseye need to be split-up a bit due to some
differences around backports etc.
- Roll-out LDAP client configuration since Bullseye does not come with
a stock one at /etc/ldap/ldap.conf that sets the trust anchor
correctly for validating LDAP server certificates.
- Drop the backports pinning in case of Bullseye (for now let's try to
keep the Buster and Bullseye at same versions for simplicity).
- Drop installation of Python apt bindings (no longer used).
- Tests for Buster and Bullseye need to be split-up a bit due to some
differences around backports etc.
2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 c95f61f32b67 87f4f8572370 87f4f8572370 52c4a4001c46 52c4a4001c46 52c4a4001c46 52c4a4001c46 2ada86e90026 2ada86e90026 2ada86e90026 87f4f8572370 2ada86e90026 2ada86e90026 2ada86e90026 ceb51ff23ae3 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 | ---
xmpp_administrators:
- jane.doe@domain2
- mick.doe@domain3
xmpp_domains:
- domain2
- domain3
xmpp_ldap_base_dn: dc=local
xmpp_ldap_password: prosodypassword
xmpp_ldap_server: ldap-server
xmpp_server_archive_expiration: "1w"
xmpp_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_xmpp.cert.pem') }}"
xmpp_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_xmpp.key.pem') }}"
xmpp_server_tls_protocol: "tlsv1+"
xmpp_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:\
DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:\
ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:!aNULL:!MD5:!EXPORT"
# common
ca_certificates:
testca: "{{ lookup('file', 'tests/data/x509/ca/level1.cert.pem') }}"
# backup_client
enable_backup: true
backup_client_username: "bak-parameters-optional-{{ ansible_distribution_release }}"
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
backup_server: backup-server
backup_server_host_ssh_public_keys:
- "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"
|