majic-ansible-roles Files · roles/xmpp_server/molecule/default/host

Files @ ceb51ff23ae3

Branch filter:

Location: majic-ansible-roles/roles/xmpp_server/molecule/default/host_vars/ldap-server.yml - annotation

ceb51ff23ae3 1.4 KiB text/x-yaml Show Source Show as Raw Download as Raw

branko

MAR-132: Added support to xmpp_server role for Debian 9 (Stretch):

- Updated tests to include Debian 9 in testing. Existing private keys
are reused where possible (since most of the naming is identical
between the machines with jessie/stretch).
- Updated invocation of sendxmpp in tests as workaround for
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854210.
- Updated testing of imported keys to accomodate differences between
gpg/gpg2 (used by apt-key in Jessie/Stretch).

2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
2ada86e90026
ceb51ff23ae3
2ada86e90026
2ada86e90026
ceb51ff23ae3
ceb51ff23ae3
ceb51ff23ae3

---

# ldap_server role.
ldap_admin_password: admin

ldap_server_consumers:
  - name: prosody
    password: prosodypassword

ldap_server_domain: "local"
ldap_server_groups:
  - name: xmpp
ldap_server_organization: "Example"
ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.key.pem') }}"

# common
ca_certificates:
  testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"

# ldap_client
ldap_client_config:
  - comment: CA truststore
    option: TLS_CACERT
    value: /etc/ssl/certs/testca.cert.pem
  - comment: Ensure TLS is enforced
    option: TLS_REQCERT
    value: demand
  - comment: Base DN
    option: BASE
    value: dc=local
  - comment: URI
    option: URI
    value: ldapi:///

# backup_server role.
backup_host_ssh_private_keys:
  dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"
  rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
  ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
  ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
backup_clients:
  - server: parameters-optional-jessie
    ip: 10.31.127.31
    public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
  - server: parameters-optional-stretch
    ip: 10.31.127.33
    public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"