Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/roles/ldap_server/molecule/default/tests/test_backup.py - annotation
8d272d91d3d2
1.7 KiB
text/x-python
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
c082a26b62ff c082a26b62ff 064760bdc9d5 064760bdc9d5 c082a26b62ff 064760bdc9d5 d62b3adec462 064760bdc9d5 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 064760bdc9d5 064760bdc9d5 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 064760bdc9d5 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 d752715bb533 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 064760bdc9d5 ec4e3e91c4d3 064760bdc9d5 d752715bb533 | import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-optional')
def test_database_dump_directory(host):
"""
Tests configuration of the directory where database dumps are stored prior
to running backup.
"""
with host.sudo():
directory = host.file('/srv/backup')
assert directory.is_directory
assert directory.user == 'root'
assert directory.group == 'root'
assert directory.mode == 0o700
def test_database_dump_script(host):
"""
Tests if database dump script is deployed correctly.
"""
with host.sudo():
script = host.file('/etc/duply/main/pre.d/ldapdump.sh')
assert script.is_file
assert script.user == 'root'
assert script.group == 'root'
assert script.mode == 0o700
def test_backup(host):
"""
Tests if LDAP directory is correctly backed-up.
"""
with host.sudo():
# Remove restore directory in order to make sure restore has worked
# correctly.
host.run("rm -rf /root/restore")
backup_run = host.run('duply main backup')
assert backup_run.rc == 0
database_dump = host.file('/srv/backup/slapd.bak')
assert database_dump.is_file
assert 'dn: dc=local' in database_dump.content_string
restore_run = host.run('duply main restore /root/restore')
assert restore_run.rc == 0
restored_database_dump = host.file('/root/restore/srv/backup/slapd.bak')
assert restored_database_dump.is_file
assert restored_database_dump.content_string == database_dump.content_string
|