Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/roles/backup_client/molecule/default/molecule.yml - annotation
8d272d91d3d2
1.9 KiB
text/x-yaml
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 9882e078677e 9882e078677e 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 eeec809e0f90 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 eeec809e0f90 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 1bf0f41d1854 1bf0f41d1854 e75d5d4fba3b 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 88290d45ad87 | ---
dependency: {}
driver:
name: vagrant
provider:
name: virtualbox
lint:
name: yamllint
options:
config-file: ../../.yamllint.yml
# NOTE: Hostnames are shortened because default values for backup
# usernames are calculated by appending hostname to the "bak-" string,
# which will easily exceed the maximum username length of 32. Yay
# stupid legacy design decisions!
platforms:
- name: backup-server
box: debian/contrib-buster64
memory: 512
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.10
network_name: private_network
type: static
- name: parameters-mandatory-b64
groups:
- parameters-mandatory
box: debian/contrib-buster64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.20
network_name: private_network
type: static
- name: parameters-optional-b64
groups:
- parameters-optional
box: debian/contrib-buster64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.21
network_name: private_network
type: static
- name: parameters-mandatory-s64
groups:
- parameters-mandatory
box: debian/contrib-stretch64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.30
network_name: private_network
type: static
- name: parameters-optional-s64
groups:
- parameters-optional
box: debian/contrib-stretch64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.31
network_name: private_network
type: static
provisioner:
name: ansible
config_options:
defaults:
force_valid_group_names: "ignore"
interpreter_python: "/usr/bin/python3"
ssh_connection:
pipelining: "True"
lint:
name: ansible-lint
scenario:
name: default
verifier:
name: testinfra
lint:
name: flake8
|