majic-ansible-roles Files · roles/mail_server/molecule/default/group

Files @ e0dc1c1cfaa8

Branch filter:

Location: majic-ansible-roles/roles/mail_server/molecule/default/group_vars/parameters-optional.yml - annotation

e0dc1c1cfaa8 2.2 KiB text/x-yaml Show Source Show as Raw Download as Raw

branko

MAR-189: Added support for Debian 11 Bullseye to mail_server role:

- Shorten the backup client username so it would be under 32
characters.
- Switch all helper VMs to using the Debian 11 Bullseye as well.
- Drop the architecture suffix from hostnames.
- Update the hostname for client VMs.
- Fix the incorrect format for the message ID used in various mail
delivery tests.

b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
6844c0a01173
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
6844c0a01173
6844c0a01173
b0c92677ba93
b0c92677ba93
6844c0a01173
6844c0a01173
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
7d9696a7b5cc
35fff2909917
f425c5d31475
f425c5d31475
f425c5d31475
b0c92677ba93
7d9696a7b5cc
7d9696a7b5cc
cc53faac4b27
e0dc1c1cfaa8
7d9696a7b5cc
b0c92677ba93
b0c92677ba93
6844c0a01173
b0c92677ba93
e0dc1c1cfaa8
b0c92677ba93
e0dc1c1cfaa8
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93
b0c92677ba93

---

mail_ldap_base_dn: dc=local
mail_ldap_url: ldap://ldap-server/
mail_ldap_tls_truststore: "{{ lookup('file', 'tests/data/x509/ca/chain-full.cert.pem') }}"
mail_ldap_postfix_password: postfixpassword
mail_ldap_dovecot_password: dovecotpassword
mail_server_tls_protocols:
  - TLSv1.2
  - TLSv1.1
mail_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:\
DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:\
ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:!aNULL:!MD5:!EXPORT"
mail_user: virtmail
mail_user_uid: 5000
mail_user_gid: 5000
imap_max_user_connections_per_ip: 2
imap_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_imap.cert.pem') }}"
imap_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_imap.key.pem') }}"
local_mail_aliases:
  root: "john.doe@domain1"
smtp_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_smtp.cert.pem') }}"
smtp_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_smtp.key.pem') }}"
imap_folder_separator: "."
smtp_rbl:
  - bl.spamcop.net
  - zen.spamhaus.org

mail_postmaster: "webmaster@parameters-optional"
smtp_allow_relay_from:
  - "{{ release_based_smtp_allow_relay_from[ansible_distribution_release] }}"
mail_message_size_limit: 20480001
mail_server_smtp_additional_configuration: |
  smtpd_banner = $myhostname ESMTP My SMTP Server
  smtp_skip_5xx_greeting = no

# Variables dependant on distribution release.
release_based_smtp_allow_relay_from:
  buster: "192.168.56.21"
  bullseye: "192.168.56.41"

# common
ca_certificates:
  testca: "{{ lookup('file', 'tests/data/x509/ca/level1.cert.pem') }}"

# backup_client
enable_backup: true
backup_client_username: "bak-param-optional-{{ ansible_distribution_release }}"
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
backup_server: ldap-server
backup_server_host_ssh_public_keys:
  - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"
  - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"
  - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"