Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/roles/database/tasks/main.yml - annotation
8d272d91d3d2
587 B
text/x-yaml
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
40689344a8f3 40689344a8f3 40689344a8f3 0ffaf31692ce 0ffaf31692ce 0ffaf31692ce acd104ed9b5e 40689344a8f3 40689344a8f3 0ffaf31692ce 0ffaf31692ce 0ffaf31692ce 0ffaf31692ce 0ffaf31692ce acd104ed9b5e b668f8894d52 b668f8894d52 b668f8894d52 7387caca37f3 7387caca37f3 7387caca37f3 7387caca37f3 fcf5abdd3ad5 7387caca37f3 0ffaf31692ce | ---
- name: "Create database {{ db_name }}"
mysql_db:
name: "{{ db_name }}"
state: present
login_unix_socket: "/var/run/mysqld/mysqld.sock"
- name: "Create database user {{ db_name }}"
mysql_user:
name: "{{ db_name }}"
password: "{{ db_password }}"
priv: "{{ db_name }}.*:ALL"
state: present
login_unix_socket: "/var/run/mysqld/mysqld.sock"
- name: Enable backup
include: backup.yml
when: enable_backup
- name: Explicitly run all handlers
include: ../handlers/main.yml
when: "run_handlers | default(False) | bool()"
tags:
- handlers
|