Files @ ff510f233909
Branch filter:

Location: majic-ansible-roles/roles/ldap_server/defaults/main.yml - annotation

ff510f233909 1.2 KiB text/x-yaml Show Source Show as Raw Download as Raw
branko
MAR-132: Added support for Debian 9 (Stretch) to php_website role:

- Implemented the necessary changes related to differences between PHP
versions and related paths (PHP 5 vs PHP 7).
- Set the shell for application system account explicitly (workaround
for Debian bug 865762 in Stretch).
- Updated Molecule tests to cover Debian 9.
- Updated Molecule test preparation playbook to account for a number
of differences between Jessie and Stretch (mainly related to mailing
functionality).
- Use more specific host groups in tests.
- Renamed a couple of variables in test for sending out mails to make
it clearer what is being looked up as part of regex matching.
- Updated Molecule tests where certain paths depend on what Debian
release they are ran against.
- Split-up Jessie-specific tests into separate file.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
99edcba90842
99edcba90842
c082a26b62ff
99edcba90842
ddfeb485fb84
99edcba90842
99edcba90842
99edcba90842
99edcba90842
1b05bae8e440
1b05bae8e440
99edcba90842
9f804c9501da
9f804c9501da
99edcba90842
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
63d26c0b3d86
55dd00900508
63d26c0b3d86
430eb250e244
c082a26b62ff
c082a26b62ff

---

enable_backup: false
ldap_entries: []
ldap_server_domain: "{{ ansible_domain }}"
# Internal value, base DN.
ldap_server_int_basedn: "{{ ldap_server_domain | regex_replace('\\.', ',dc=') | regex_replace('^', 'dc=') }}"
ldap_server_organization: "Private"
ldap_server_log_level: 256
ldap_server_tls_certificate: "{{ lookup('file', tls_certificate_dir + '/' + ansible_fqdn + '_ldap.pem') }}"
ldap_server_tls_key: "{{ lookup('file', tls_private_key_dir + '/' + ansible_fqdn + '_ldap.key') }}"
ldap_server_ssf: 128
ldap_server_consumers: []
ldap_server_groups: []
ldap_permissions:
  - >
    to *
    by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
    by dn="cn=admin,{{ ldap_server_int_basedn }}" manage
    by * break
  - >
    to attrs=userPassword,shadowLastChange
    by self write
    by anonymous auth
    by * none
  - >
    to dn.base=""
    by * read
  - >
    to *
    by self write
    by dn="cn=admin,{{ ldap_server_int_basedn }}" write
    by users read
    by * none

ldap_tls_ciphers: "NONE:+VERS-TLS1.2:+CTYPE-X509:+COMP-NULL:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:\
+SIGN-RSA-SHA512:+DHE-RSA:+ECDHE-RSA:+SHA256:+SHA384:+AEAD:+AES-128-GCM:+AES-128-CBC:+AES-256-GCM:+AES-256-CBC:+CURVE-ALL"
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.