Files
@ 9ca9c3ada58a
Branch filter:
Location: majic-ansible-roles/roles/ldap_server/molecule/default/group_vars/parameters-optional.yml - annotation
9ca9c3ada58a
2.2 KiB
text/x-yaml
MAR-181: Use Debian-provided Prosody package for testing optional parameter:
- Still properly tests the role, while at the same time making it
possible to use custom apt repository for Debian Buster (due to
Prosody project dropping all repository archives for it).
- Still properly tests the role, while at the same time making it
possible to use custom apt repository for Debian Buster (due to
Prosody project dropping all repository archives for it).
c082a26b62ff c082a26b62ff c082a26b62ff eb03c3b4f367 bba096126140 bba096126140 eb03c3b4f367 c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff | ---
ldap_admin_password: adminpassword
ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_ldap.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_ldap.key.pem') }}"
ldap_entries:
- dn: uid=john,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: johnpassword
uid: john
cn: John Doe
sn: Doe
- dn: uid=jane,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: janepassword
uid: jane
cn: Jane Doe
sn: Doe
ldap_permissions:
- >
to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by self write
by * read
by dn="cn=admin,dc=local" write
by * none
ldap_server_consumers:
- name: consumer1
password: consumer1password
- name: consumer2
password: consumer2password
state: present
- name: consumer3
password: consumer3password
state: absent
ldap_server_groups:
- name: group1
- name: group2
state: present
- name: group3
state: absent
ldap_server_domain: "local"
ldap_server_organization: "Example"
ldap_server_log_level: 0
ldap_server_ssf: 0
ldap_tls_ciphers: "NONE:+VERS-TLS1.1:+VERS-TLS1.2:+CTYPE-X509:+COMP-NULL:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:\
+SIGN-RSA-SHA512:+DHE-RSA:+ECDHE-RSA:+SHA1:+SHA256:+SHA384:+AEAD:+AES-128-GCM:+AES-128-CBC:+AES-256-GCM:+AES-256-CBC:+CURVE-ALL"
# ldap_client
ldap_client_config:
- comment: CA truststore
option: TLS_CACERT
value: /etc/ssl/certs/testca.cert.pem
- comment: Ensure TLS is enforced
option: TLS_REQCERT
value: demand
# backup_client
enable_backup: true
backup_client_username: "bak-localhost"
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
backup_server: localhost
backup_server_host_ssh_public_keys:
- "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"
|