Files
@ ff510f233909
Branch filter:
Location: majic-ansible-roles/roles/ldap_server/molecule/default/group_vars/parameters-optional.yml - annotation
ff510f233909
2.2 KiB
text/x-yaml
MAR-132: Added support for Debian 9 (Stretch) to php_website role:
- Implemented the necessary changes related to differences between PHP
versions and related paths (PHP 5 vs PHP 7).
- Set the shell for application system account explicitly (workaround
for Debian bug 865762 in Stretch).
- Updated Molecule tests to cover Debian 9.
- Updated Molecule test preparation playbook to account for a number
of differences between Jessie and Stretch (mainly related to mailing
functionality).
- Use more specific host groups in tests.
- Renamed a couple of variables in test for sending out mails to make
it clearer what is being looked up as part of regex matching.
- Updated Molecule tests where certain paths depend on what Debian
release they are ran against.
- Split-up Jessie-specific tests into separate file.
- Implemented the necessary changes related to differences between PHP
versions and related paths (PHP 5 vs PHP 7).
- Set the shell for application system account explicitly (workaround
for Debian bug 865762 in Stretch).
- Updated Molecule tests to cover Debian 9.
- Updated Molecule test preparation playbook to account for a number
of differences between Jessie and Stretch (mainly related to mailing
functionality).
- Use more specific host groups in tests.
- Renamed a couple of variables in test for sending out mails to make
it clearer what is being looked up as part of regex matching.
- Updated Molecule tests where certain paths depend on what Debian
release they are ran against.
- Split-up Jessie-specific tests into separate file.
c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff c082a26b62ff | ---
ldap_admin_password: adminpassword
ldap_entries:
- dn: uid=john,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: johnpassword
uid: john
cn: John Doe
sn: Doe
- dn: uid=jane,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: janepassword
uid: jane
cn: Jane Doe
sn: Doe
ldap_permissions:
- >
to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by self write
by * read
by dn="cn=admin,dc=local" write
by * none
ldap_server_consumers:
- name: consumer1
password: consumer1password
- name: consumer2
password: consumer2password
state: present
- name: consumer3
password: consumer3password
state: absent
ldap_server_groups:
- name: group1
- name: group2
state: present
- name: group3
state: absent
ldap_server_domain: "local"
ldap_server_organization: "Example"
ldap_server_log_level: 0
ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-optional.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-optional.key.pem') }}"
ldap_server_ssf: 0
ldap_tls_ciphers: "NONE:+VERS-TLS1.1:+VERS-TLS1.2:+CTYPE-X509:+COMP-NULL:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:\
+SIGN-RSA-SHA512:+DHE-RSA:+ECDHE-RSA:+SHA1:+SHA256:+SHA384:+AEAD:+AES-128-GCM:+AES-128-CBC:+AES-256-GCM:+AES-256-CBC:+CURVE-ALL"
# ldap_client
ldap_client_config:
- comment: CA truststore
option: TLS_CACERT
value: /etc/ssl/certs/testca.cert.pem
- comment: Ensure TLS is enforced
option: TLS_REQCERT
value: demand
# backup_client
enable_backup: true
backup_client_username: "bak-localhost"
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
backup_server: localhost
backup_server_host_ssh_public_keys:
- "{{ lookup('file', 'tests/data/ssh/server_dsa.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"
- "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"
|