Files
@ cec1a992909c
Branch filter:
Location: majic-ansible-roles/roles/web_server/molecule/default/prepare.yml - annotation
cec1a992909c
3.3 KiB
text/x-yaml
MAR-181: Drop support for Debian 9 Stretch from ldap_client role.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 | eee778bc2d7c eee778bc2d7c 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 70ed9e45e116 eee778bc2d7c eee778bc2d7c a5f4c1ec6853 eee778bc2d7c eee778bc2d7c e75d5d4fba3b a5f4c1ec6853 a5f4c1ec6853 eee778bc2d7c eee778bc2d7c a5f4c1ec6853 eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c a5f4c1ec6853 a5f4c1ec6853 eee778bc2d7c a8ad1fdf6f60 a8ad1fdf6f60 f7c1f4c841f8 f7c1f4c841f8 f7c1f4c841f8 a8ad1fdf6f60 a8ad1fdf6f60 a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f a52f9fdabd0f eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c a5f4c1ec6853 eee778bc2d7c 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 34dffc4a5ea3 a52f9fdabd0f a5f4c1ec6853 eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c a5f4c1ec6853 eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c a5f4c1ec6853 eee778bc2d7c eee778bc2d7c eee778bc2d7c 70ed9e45e116 eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c eee778bc2d7c | ---
- name: Set-up fixtures
hosts: localhost
connection: local
gather_facts: false
tasks:
- name: Initialise CA hierarchy
command: "gimmecert init"
args:
creates: ".gimmecert/ca/level1.cert.pem"
chdir: "tests/data/"
- name: Generate server private keys and certificates
command:
args:
chdir: "tests/data/"
creates: ".gimmecert/server/{{ item.name }}.cert.pem"
argv:
- "gimmecert"
- "server"
- "{{ item.name }}"
- "{{ item.fqdn }}"
with_items:
- name: parameters-mandatory-stretch64_https
fqdn: parameters-mandatory
- name: parameters-optional-stretch64_https
fqdn: parameters-optional
- name: parameters-mandatory-buster64_https
fqdn: parameters-mandatory
- name: parameters-optional-buster64_https
fqdn: parameters-optional
- name: Set-up link to generated X.509 material
file:
src: ".gimmecert"
dest: "tests/data/x509"
state: link
- name: Prepare
hosts: all
gather_facts: false
tasks:
- name: Install python for Ansible
raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3-minimal)
become: true
changed_when: false
- hosts: all
become: true
tasks:
- name: Update all caches to avoid errors due to missing remote archives
apt:
update_cache: true
changed_when: false
- name: Install tools for testing
apt:
name:
- gnutls-bin
- nmap
state: present
- hosts: stretch
become: true
tasks:
- name: Set-up the hosts file
lineinfile:
path: /etc/hosts
regexp: "^{{ item.key }}"
line: "{{ item.key }} {{ item.value }}"
owner: root
group: root
mode: 0644
state: present
with_dict:
10.31.127.21: "client1"
10.31.127.32: "parameters-mandatory"
10.31.127.33: "parameters-optional"
- name: Install curl for testing redirects and webpage content
apt:
name: curl
state: present
- hosts: buster
become: true
tasks:
- name: Set-up the hosts file
lineinfile:
path: /etc/hosts
regexp: "^{{ item.key }}"
line: "{{ item.key }} {{ item.value }}"
owner: root
group: root
mode: 0644
state: present
with_dict:
10.31.127.20: "client1"
10.31.127.30: "parameters-mandatory"
10.31.127.31: "parameters-optional"
- name: Install curl for testing redirects and webpage content
apt:
name: curl
state: present
- hosts: client
become: true
tasks:
- name: Install tool for testing TCP connectivity
apt:
name: hping3
state: present
- name: Install console-based web browser for interactive testing
apt:
name: lynx
state: present
- name: Deploy CA certificate
copy:
src: tests/data/x509/ca/level1.cert.pem
dest: /usr/local/share/ca-certificates/testca.crt
owner: root
group: root
mode: 0644
notify:
- Update CA certificate cache
handlers:
- name: Update CA certificate cache
command: /usr/sbin/update-ca-certificates --fresh
|