Files
@ c063f27000b9
Branch filter:
Location: majic-ansible-roles/roles/backup_client/handlers/main.yml - annotation
c063f27000b9
1.2 KiB
text/x-yaml
MAR-175: Mail server should be opportunistic in using TLS when delivering mail to remove servers:
- Previously the mail server would only deliver mails over plaintext.
- Deploy a simple SMTP server on both client1/client2
machines. Servers are set-up to require/refuse the STARTTLS over
SMTP.
- Added tests for checking if STARTTLS is used when available for mail
delivery.
- Fixed the wrong configurtion (making sure the TLS security level is
properly set for Postfix).
- Previously the mail server would only deliver mails over plaintext.
- Deploy a simple SMTP server on both client1/client2
machines. Servers are set-up to require/refuse the STARTTLS over
SMTP.
- Added tests for checking if STARTTLS is used when available for mail
delivery.
- Fixed the wrong configurtion (making sure the TLS security level is
properly set for Postfix).
a45dcc06530a a45dcc06530a 75810ce2ad3d 75810ce2ad3d 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 0848aea59392 a45dcc06530a d61d01c00362 364c0adf308e d2a9e41cd838 d2a9e41cd838 d2a9e41cd838 d2a9e41cd838 d2a9e41cd838 d2a9e41cd838 d61d01c00362 d61d01c00362 364c0adf308e 1ac4be13293b | ---
# @TODO: Can't use file module, since one of the files (GnuPG socket)
# seems to disappear in middle of operation).
- name: Remove current keyring
command: "rm -rf /etc/duply/main/gnupg"
args:
warn: false
tags:
# [ANSIBLE0012] Commands should not change things if nothing needs doing
# This task is invoked only if user is very specific about requiring to
# run the handlers manually as a way to bring the system to consistency
# after interrupted runs.
- skip_ansible_lint
- name: Create keyring directory
file:
path: "/etc/duply/main/gnupg"
state: directory
owner: root
group: root
mode: 0700
- name: Import private keys
command: "gpg --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"
tags:
# [ANSIBLE0012] Commands should not change things if nothing needs doing
# This task is invoked only if user is very specific about requiring to
# run the handlers manually as a way to bring the system to consistency
# after interrupted runs.
- skip_ansible_lint
- name: Import public keys
command: "gpg --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"
when: backup_additional_encryption_keys | length > 0
|