Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/testsite/group_vars/xmpp.yml - annotation
8d272d91d3d2
624 B
text/x-yaml
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
90417b999b1e 90417b999b1e 7ab6518de03b 0f17841d0aad 7ab6518de03b 0f17841d0aad 7ab6518de03b 1b05bae8e440 2285dcdda345 1b76d272e529 0f17841d0aad 90417b999b1e 18cd76ec050d 90417b999b1e 18cd76ec050d 90417b999b1e 1b76d272e529 0f17841d0aad 90417b999b1e 1b76d272e529 90417b999b1e 011f651f90ce 90417b999b1e 011f651f90ce | ---
local_mail_aliases:
root: "root john.doe@{{ testsite_domain }}"
smtp_relay_host: mail.{{ testsite_domain }}
smtp_relay_truststore: "{{ lookup('file', inventory_dir + '/tls/ca.pem') }}"
xmpp_administrators:
- john.doe@{{ testsite_domain }}
xmpp_tls_key: "{{ lookup('file', inventory_dir + '/tls/xmpp.' + testsite_domain + '_xmpp.key') }}"
xmpp_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/xmpp.' + testsite_domain + '_xmpp.pem') }}"
xmpp_domains:
- "{{ testsite_domain }}"
xmpp_ldap_server: ldap.{{ testsite_domain }}
xmpp_ldap_password: prosody
xmpp_ldap_base_dn: "{{ testsite_ldap_base }}"
|