Files
@ f1b75f1d4b5e
Branch filter:
Location: majic-ansible-roles/roles/xmpp_server/molecule/default/host_vars/ldap-server.yml - annotation
f1b75f1d4b5e
2.4 KiB
text/x-yaml
MAR-132: Add support for Debian 9 (Stretch) to ldap_server role:
- Updated Molecule tests to cover Debian 9 as well.
- Remove the ss utility instead of renaming it when preparing for
tests, and make sure the netstat utility is available.
- Duplicate private key/certificate for mandatory parameters testing.
- Updated Molecule tests to cover Debian 9 as well.
- Remove the ss utility instead of renaming it when preparing for
tests, and make sure the netstat utility is available.
- Duplicate private key/certificate for mandatory parameters testing.
2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 2ada86e90026 | ---
# ldap_server role.
ldap_admin_password: admin
ldap_entries:
# Users
- dn: uid=john,ou=people,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: johnpassword
uid: john
cn: John Doe
sn: Doe
mail: john.doe@domain1
- dn: uid=jane,ou=people,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: janepassword
uid: jane
cn: Jane Doe
sn: Doe
mail: jane.doe@domain2
- dn: uid=mick,ou=people,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: mickpassword
uid: mick
cn: Mick Doe
sn: Doe
mail: mick.doe@domain3
- dn: uid=noxmpp,ou=people,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: noxmpppassword
uid: noxmpp
cn: No XMPP
sn: XMPP
mail: noxmpp@domain1
# Groups
- dn: "cn=xmpp,ou=groups,dc=local"
state: append
attributes:
uniqueMember:
- uid=john,ou=people,dc=local
- uid=jane,ou=people,dc=local
- uid=mick,ou=people,dc=local
ldap_server_consumers:
- name: prosody
password: prosodypassword
ldap_server_domain: "local"
ldap_server_groups:
- name: xmpp
ldap_server_organization: "Example"
ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.key.pem') }}"
# common
ca_certificates:
testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
# ldap_client
ldap_client_config:
- comment: CA truststore
option: TLS_CACERT
value: /etc/ssl/certs/testca.cert.pem
- comment: Ensure TLS is enforced
option: TLS_REQCERT
value: demand
- comment: Base DN
option: BASE
value: dc=local
- comment: URI
option: URI
value: ldapi:///
# backup_server role.
backup_host_ssh_private_keys:
dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"
rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
backup_clients:
- server: parameters-optional
ip: 10.31.127.31
public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
|