Files
@ 834c3a4d591a
Branch filter:
Location: majic-ansible-roles/roles/mail_forwarder/molecule/default/prepare.yml - annotation
834c3a4d591a
4.9 KiB
text/x-yaml
MAR-218: Use built-in module for diverting the ferm binary.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 | 36e1c9460cd6 36e1c9460cd6 694893c0259a 1733003af19f 1733003af19f 1733003af19f 1733003af19f 1733003af19f 1733003af19f c10934519e18 1733003af19f 1b36419c4641 1733003af19f 1733003af19f 1733003af19f c10934519e18 1733003af19f 1733003af19f 1b36419c4641 1733003af19f 1733003af19f 1733003af19f 1733003af19f 1733003af19f 1733003af19f 1733003af19f 1733003af19f 1733003af19f 1733003af19f c10934519e18 1733003af19f 1733003af19f 1733003af19f 1733003af19f fb5e4e372902 fb5e4e372902 694893c0259a 13982172ed2e fb5e4e372902 694893c0259a fb5e4e372902 c10934519e18 13982172ed2e fb5e4e372902 36e1c9460cd6 c10934519e18 13982172ed2e 13982172ed2e 36e1c9460cd6 fb5e4e372902 c10934519e18 fb5e4e372902 fb5e4e372902 36e1c9460cd6 fb5e4e372902 fb5e4e372902 7cabc17c71c3 fb5e4e372902 36e1c9460cd6 c6e9add17764 c6e9add17764 d8e012ba7070 d8e012ba7070 d8e012ba7070 fb5e4e372902 ed73868fa196 c10934519e18 ed73868fa196 ed73868fa196 ed73868fa196 694893c0259a 694893c0259a 13982172ed2e 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 c10934519e18 36e1c9460cd6 13982172ed2e 36e1c9460cd6 36e1c9460cd6 c10934519e18 36e1c9460cd6 13982172ed2e 36e1c9460cd6 36e1c9460cd6 c10934519e18 1733003af19f 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 7cabc17c71c3 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 2d15529786b7 2d15529786b7 2d15529786b7 c10934519e18 36e1c9460cd6 694893c0259a 694893c0259a 13982172ed2e 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 c10934519e18 1733003af19f 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 7cabc17c71c3 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 c10934519e18 1733003af19f 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 7cabc17c71c3 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 c10934519e18 13982172ed2e 13982172ed2e 36e1c9460cd6 36e1c9460cd6 c10934519e18 13982172ed2e 13982172ed2e 13982172ed2e 36e1c9460cd6 36e1c9460cd6 c10934519e18 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 7cabc17c71c3 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 f774e938a4ed c10934519e18 f774e938a4ed 13982172ed2e f774e938a4ed 01f4b619cfa6 c10934519e18 01f4b619cfa6 13982172ed2e 01f4b619cfa6 23a9ea4219dc c10934519e18 13982172ed2e 23a9ea4219dc 36e1c9460cd6 36e1c9460cd6 2d15529786b7 2d15529786b7 2d15529786b7 c10934519e18 36e1c9460cd6 36e1c9460cd6 c10934519e18 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 694893c0259a 694893c0259a 13982172ed2e 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 c10934519e18 36e1c9460cd6 36e1c9460cd6 36e1c9460cd6 c10934519e18 36e1c9460cd6 36e1c9460cd6 | ---
- name: Prepare, test fixtures
hosts: localhost
connection: local
gather_facts: false
tasks:
- name: Initialise CA hierarchy
ansible.builtin.command: "gimmecert init"
args:
creates: ".gimmecert/ca/level1.cert.pem"
chdir: "tests/data/"
- name: Generate server private keys and certificates
ansible.builtin.command:
args:
chdir: "tests/data/"
creates: ".gimmecert/server/{{ item.name }}.cert.pem"
argv:
- "gimmecert"
- "server"
- "{{ item.name }}"
- "{{ item.fqdn }}"
with_items:
- name: mail-server_smtp
fqdn: mail-server
- name: Set-up link to generated X.509 material
ansible.builtin.file:
src: ".gimmecert"
dest: "tests/data/x509"
state: link
- name: Prepare
hosts: all
become: true
gather_facts: false
tasks:
- name: Install python for Ansible
ansible.builtin.raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3-minimal)
changed_when: false
- name: Update all caches to avoid errors due to missing remote archives
ansible.builtin.apt:
update_cache: true
changed_when: false
- name: Set-up the hosts file
ansible.builtin.lineinfile:
path: /etc/hosts
regexp: "^{{ item.key }}"
line: "{{ item.key }} {{ item.value }}"
owner: root
group: root
mode: "0644"
state: present
with_dict:
192.168.56.11: "mail-server domain1"
192.168.56.12: "client1"
192.168.56.21: "parameters-mandatory-bookworm"
192.168.56.22: "parameters-optional-bookworm"
192.168.56.23: "parameters-no-incoming-bookworm"
- name: Install tools for testing
ansible.builtin.apt:
name: gnutls-bin
state: present
- name: Prepare, helpers
hosts: clients
become: true
tasks:
- name: Install SWAKS for testing SMTP capability
ansible.builtin.apt:
name: swaks
state: present
- name: Install tool for testing TCP connectivity
ansible.builtin.apt:
name: hping3
state: present
- name: Deploy CA certificate
ansible.builtin.copy:
src: tests/data/x509/ca/level1.cert.pem
dest: /usr/local/share/ca-certificates/testca.crt
owner: root
group: root
mode: "0644"
notify:
- Update CA certificate cache
handlers:
- name: Update CA certificate cache # noqa no-changed-when
# [no-changed-when] Commands should not change things if nothing needs doing
# Does not matter in test prepare stage.
ansible.builtin.command: /usr/sbin/update-ca-certificates --fresh
- name: Prepare, helpers
hosts: mail-servers
become: true
tasks:
- name: Deploy CA certificate
ansible.builtin.copy:
src: tests/data/x509/ca/level1.cert.pem
dest: /usr/local/share/ca-certificates/testca.crt
owner: root
group: root
mode: "0644"
notify:
- Update CA certificate cache
- name: Deploy SMTP private key and certificate
ansible.builtin.copy:
src: "tests/data/x509/server/{{ item }}"
dest: "/etc/ssl/{{ item }}"
owner: root
group: root
mode: "0600"
with_items:
- mail-server_smtp.cert.pem
- mail-server_smtp.key.pem
- name: Install Postfix
ansible.builtin.apt:
name: "postfix"
state: present
- name: Purge Exim configuration
ansible.builtin.apt:
name: "exim4*"
state: absent
purge: true
- name: Deploy Postfix configuration
ansible.builtin.copy:
src: tests/data/main.cf
dest: /etc/postfix/main.cf
owner: root
group: root
mode: "0644"
notify:
- Restart Postfix
- name: Install tool for testing TCP connectivity
ansible.builtin.apt:
name: hping3
state: present
- name: Install SWAKS for testing SMTP capability
ansible.builtin.apt:
name: swaks
state: present
- name: Set-up port forwarding
ansible.builtin.command: "iptables -t nat -A PREROUTING -p tcp -m tcp --dport 27 -j REDIRECT --to-ports 25"
changed_when: false
handlers:
- name: Update CA certificate cache # noqa no-changed-when
# [no-changed-when] Commands should not change things if nothing needs doing
# Does not matter in test prepare stage.
ansible.builtin.command: /usr/sbin/update-ca-certificates --fresh
- name: Restart Postfix
ansible.builtin.service:
name: postfix
state: restarted
- name: Prepare, test fixtures
hosts: parameters-optional
become: true
tasks:
- name: Create additional group for testing local aliases
ansible.builtin.group:
name: testuser
- name: Create additional user for testing local aliases
ansible.builtin.user:
name: testuser
group: testuser
|