From 3d7effd414c9cf0316437a4f331f1680909fa519 2023-12-02 21:27:37 From: Branko Majic Date: 2023-12-02 21:27:37 Subject: [PATCH] MAR-189: Dropped deprecation-related tasks and tests for xmpp_server role: - Migration from Prosody project repositories should have been done already as part of the 7.0.1 release. - Simplifies the code a bit. - Drop leftover deprecated library plugin path. --- diff --git a/roles/xmpp_server/molecule/default/files/lua_ldap_backports_pin b/roles/xmpp_server/molecule/default/files/lua_ldap_backports_pin deleted file mode 100644 index b4a6225d422dec0f39930322222c13eb0e7545e9..0000000000000000000000000000000000000000 --- a/roles/xmpp_server/molecule/default/files/lua_ldap_backports_pin +++ /dev/null @@ -1,9 +0,0 @@ -# -# This file contains pinning information for deploying the backported -# version of lud-ldap that supports Lua 5.2 (for use with the Prosody -# XMPP server). -# - -Package: lua-ldap -Pin: release a=buster-backports -Pin-Priority: 600 diff --git a/roles/xmpp_server/molecule/default/files/prosody-debian-gpg-key.asc b/roles/xmpp_server/molecule/default/files/prosody-debian-gpg-key.asc deleted file mode 100644 index 7fb26f5d677695dc5f84751465555cace7d10319..0000000000000000000000000000000000000000 --- a/roles/xmpp_server/molecule/default/files/prosody-debian-gpg-key.asc +++ /dev/null @@ -1,41 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v2 - -mQGiBEoXOjERBAD2ygmSdiqsRmrTqUqcGoWmTU90DrikaYb3/rwwMhSloXT9qNuD -aOdJb/LNfwhiSbKF35JHgYV4+RIdwDLv4wNqmsQH1ZYOUi3j/1O5w2LV8lG816X2 -NdGni+fGArtM68C9ZxdIDweo2V5G5StHINcKP/Cab08sUjyrrCpwO/Z5xwCg9H8L -PsFYns6RcnM7f6A6x5NHEVsEAL9RYChhkecv/+qnbDlKHOJT8TQT4S8p6RYtaZHE -XR73vvvj0P/6Lxw+tKZJqQmVpNaLXztLSNW3KfAR+Jz4SLBJoSP4uXJ5UVIUnqbp -HCUZ3BnDGeHuTplxtrYWmznE34KMks6riXoUApU/kmo8TFqh8aTEp1F/Zd9TdriQ -c0iCA/42SBlM3Ax0cbi2thHSEhUV6aCbs9R9H2Tmke0LswpUMTfxUT37b8t5ocbZ -iHoGdEVIC3ZK2Usu6IS5uhY4245iECafLUX4LF4uY17IHj713yOHZ8T9t2LAGFu9 -oxM7EEoDyVK8Jg0fRn7srBC/p7MdBD1kwVaQOnIjqjiqf3e9sLQyUHJvc29keSBJ -TSBEZWJpYW4gUGFja2FnZXMgPGRldmVsb3BlcnNAcHJvc29keS5pbT6IYAQTEQIA -IAUCShc6MQIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEHOT1+Z02du11MQA -nRsq54C4D1k/s0i0Tg41h1LDbAFtAKC2g53DYE3X8jPVJVBTFeHsnkztfLkEDQRK -FzsAEBAAwd9OI2tmqS0DR3Z8vxpio0eV/0+G4OObYEzjq4Keohw8u4qGVoDO4LPB -pyseNPv6J+eu+F2ONa04L1eODPAYprzjxU6gFgt+X2u7kjERybFDXBlVHUNDQIUM -hqpVHhslLGAk1tLJ0anIVwn7Lh4ft7IZq2/LrAb5SR1sSml4q6352jwqyxsNZv71 -R+xHjVfj4SqE2FQ63YpQQQtKiPIc/u876m1bxC04KuR1buEjA0KlPHARjGW9dGf/ -SzEy4FYcuLyNPUiRRH2AJ+b8wocefpXnbKKfHs+zL0j2KApAvSiiW0MN3qvXiXV5 -aer7DVubXpzrS7VAeBJ6yzjqQTUWbYhmg2MKn6JixYI9y4w9ENGhkHcKp8RjOgdP -+hdzoyKQNSE51y1NzujQCefs85BaXKrImUvJJVziWEsTAiy0rT55+juDenjAmGlC -mCkNCTB0fbWI3HH3P6WdT3ft+jZkVuxHWTbyogGVYyVy3et29HnI+KJ4+94FbWvd -WdEOA2HD1EaPbkUtN1J39PoP0iDx0V1eKBrLGqMGXmDUAYjXBy9sEJz2CpLwzx3S -wizIgUv5hogLILassF05YB08DtLDk1EB7D+TSkBWG+G33r6DljTk5hrjWJCE1DK4 -OfwGkwV9J75mDS36eTknEn4hxt2NSDOwXD/u0KeEKrrGGBZt918AAwUP/38LeUAs -c+7HeQmuWItZvTjAeQd71ECi0G/iIO+ccGYFvIKEMMUrJZQaGJpa3h8j1Eu8usEE -+3UULn6Wl5YpiCpIBpEystxnmqn2bxaKtDdFtD43hHV/eaCQuuLKN9qmx6VspdqH -SqN+1xbtkBqIBxONBLNusafByWUs15AUxFbLYqS5dPw3PNooHGLRvLtq3prO0F2j -BLKiujpNSWG/Q6u/AbxIn3qNiYOl201bKBQiYD/xCZEQZAfJSWC+EvU0fpDrTNy+ -MArZniAGltAR4UyhJcqS3RAsB6b12ZpgreOpbTAJ3hET6bYmIwVPQfE/OfIRkZMm -jldn4zzRjMn9HiJjc/lvWJecmdzZ1NOKFCigz8luOHZeSXCS34THhi4fHZBzSKfD -FJXOmq79ouHTY0hyvVksk/tj3g7Oz3obFYDbb86XmAVlPvsmWTFO83DFS2ohA6ai -lvbRhTMOED4y5Ed5abFcfrziCTyPtZgm1OpeNibrOp85D2IzMHlqZTG/RWl5LtVU -wFSrv0OlEz2xD9RyrlIg9c4BUJNybErX1oZ08FVWQdmgff59XNNLv7bPPHYKCnaE -ou6SAY1PeEgmbONRJ6cR6dSVIMEAl8rFCIcL7jz/6S4CjMqST4D9MqDOeoDdl2Zm -ohKViNdLF+P2Oha6djBTxEjz1qhfcu7OVjGaiEkEGBECAAkFAkoXOwACGwwACgkQ -c5PX5nTZ27WmTQCg32XtVZ1E9KIPDpcpMrhV+4wpt50AnjSYtDgDGoWbRxhGDNK3 -UqwePNWL -=/y9s ------END PGP PUBLIC KEY BLOCK----- diff --git a/roles/xmpp_server/molecule/default/files/workaround_prosody_repository_signing_key.asc b/roles/xmpp_server/molecule/default/files/workaround_prosody_repository_signing_key.asc deleted file mode 100644 index 38f70ee336ec1264b31b300637f336a779205d9d..0000000000000000000000000000000000000000 --- a/roles/xmpp_server/molecule/default/files/workaround_prosody_repository_signing_key.asc +++ /dev/null @@ -1,146 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBFGxsHYBEACvNlEQjaLNsSUpSYCBrILhDpazsw0hmXNjIMvjDsKPuT9nY1Cn -pBXqNRlrlNgGcsvaYnWC2Z2P8Oi5TRaG0N0iYe7sNWKv61+M0OyVMALK4ngls8si -fxFwjPRJIY15/cCO4VI62F6ctq086KlOo9KnJmxeX7eTaCaHPuMjj0+pmjjGVbc9 -GhVe7XMgCHa85bfaY3FC6yCnF81FaiBAhhEafpOMEwmlfiVJCSrlutCdzQvEBZDQ -YVwCT15mQ/KbwA5HBY7BaO7ohyUTRSDoLcDmrUp/pGFmFjRayh6hqIk28z0BLD71 -+7h2/5oshRJON/efmI1zqS4PFL33WkEmAkmpmwm84MVSfKPySdznAYZS3gBnJfx/ -FM+kbyVrO0DAUCKC1NPzqfagiwB6tH2pY+t9TFQWS118FlgxuWEgbgKWXGxjd8tG -nUcQV3p630gw1r0nyaGzJNRBYjVJc2ziiX4Ft6lwUSXUJInVDSAAfx6aVJG1pm0G -vNywJ5w5v+zQ+3lVwORfiGxMAW40Idsc/Gy6HLRAGZjFMJjsLN3chDGpcib0sosW -9DyB0Wu+sQ/MFVC9Xv29CjR3XME4vueg1wn+3wtRwsrn7bSUjsOAOVr8QBEjjY9Q -Buyuf/eD7563Ge021OoTopEEIapg2HECzuRGtfPT+33FXZ7WJipzNBQTNwARAQAB -tCVCcmFua28gTWFqaWMgKGhvbWUpIDxicmFua29AbWFqaWMucnM+iQJBBBMBAgAr -AhsDBQkcMgSABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCUbOR1gIZAQAKCRD1 -Bji4vGrwEnErD/9HoSfTGN8Ya4UoAa/E4hRRHe4mL/ia29zG9uVDnRjB7T9r+3eY -sMRR0WBuCLSJDoSMmOxIqRbKkg1Wc2FGQ2ppVa8R6htxx2Gg72SeYQWx5aF++IVY -RCkly9V+Bi8eNmOAdrf2y+9ToWG8Hdv8peQqEAJS5x+2REG4uNyoiT3uGAu6XH09 -r+psgtClg1+VoidjhOIfSOD5i7Hp/ZVO1MdjOOfhQQK6qepjC0z13eIyWn4lRvxV -g3+XDd1pUvY5aNR1Jal6ys9FFWi1SKmMYK3RMxL6lsOsExbsMbV3R86tC2c/ZChQ -prBN9bOHpQ7TGBDpvmfsnZa++6yHbJ0KYmREFHsDYNWlX4QtNLN6fqbCz/X9cLeW -T/WE0MuU2lI7n1pFbmTEn7PEcUkWthvPemqQBeDAtMBQz2W8AjrLs/4oH/qHSq+8 -gR/02NpFFKS0MUgOG4NTYMT1gGQzmfhp1iBHNSC3cwPs5mdG3sxm5mh6faMH++TO -+3ALCTehSQhdEi+cz+SFzUD9gPdHEjoY4BXs6yMCFMNiw7OJSWGXoX3fwrzT8fzI -AlLu6YC264rmEnz27dkXU6JXGK98zssjM1B6G04KZvqHJF+nJRdX/8fTcYXBNCZD -bWHjgX7gkGq4GvW6BR62+bpiW7RXbjXheo7SVfzjA9Mcyg47rjbLUvQzvIkCHAQQ -AQIABgUCUbOHNQAKCRDSTMVgScM3B7djD/4uS6DCNWcMrSTJ/bc8+rjrFlamJq6K -gdEmTHPsqDduWFw+3iCiP4TlCWG8vrWIv90sznKYFW/roRapEMCnfJZXNv8bJdIk -WjCxhl+u9W5AaTOFXD9f9uqyapk4DMa2A1o3yWSphsmqY89u7tNx2fx0spDClryI -a3P4xgnsQldVEwjo5SGXgPe8EfYBIdr+njYZzpWhbRsCKuvWBN10VVnAG6JsG2ZI -uVsI9AqAkKdnt0Is9nAql8vdCsZOGD7GRCEnnE1w+iN3zOhSoWxHGOimsZsKmXHi -/PlTVwUuCIUCuXJL1ZYlI+q76nMLchPO/xzP5FENU9BgI4WDFdKcVMjaNvNnT7Ej -DUsu4F7f0QQVWdeXR/KVoSrkRz2Pso6W/rC1OwJ+vnWBAivoRTWe2xHk56GjN9P7 -M9rIAky6gXYQAq7Fn/bm4Wu0iZMOFduSHQZkPW1MR8HGUvo9tKZbmxiEU8s0E9IS -qD9TJI/IWKEo283qYiY2FFeYsAXSoZrMtrc3gWS8ZZaVUnnu0DmY+hBfQDtTv+aR -ch9z4Ljar+I05E6Qp79eIqefE0kGIVjf6UnO3BDVan7vl3YdaCYGTa6xeNaNrsfe -Oztj1O8iZHSAKHcZO+xbmeuajxuP9BDvE7x8sCraBPDIXnSCgaVGJqMyKzTSTbkR -BJHknNRNS3mZNokCPgQTAQIAKAUCUbJLwQIbAwUJHDIEgAYLCQgHAwIGFQgCCQoL -BBYCAwECHgECF4AACgkQ9QY4uLxq8BK6YA//aBiJeTED4IofYXW/23o8+9R2ySqi -5fZL2rWeViv8J+M/TX6jgw4Nw86Bf5kRzMdHlIv/90mFMJ9+nkMq+dG/o1Ffl6nQ -mBoH/EFmkVQIIZMw5jpb+7nCP75LS6c2menSv2esyCNEQVc+BgJiHYyRRv1LHh06 -Ke0tnFrd9RkO0WU3+sSXMgdzh/3hyBWMSclftW8Im2kZayPThYvplVQUnJN57QZZ -2TcV3jICykap+d6tbATtIzLQ2/5VMObZxnmN9lHT6XOr97JFzgkjLdCbqJPJ153V -tIlh2a1lgcoATmrV7HBPEe0wvZkWNkkxhbtRG8se49wm+ECcEYy4EEfLI375xjVB -fkGsMsVvB+WFbI1IKfebI1y9JZ6uTJCND/e4fXslztdekrQUFLjTts1vnSk8ePSE -8hkR0FlyXExX1rE5mmDxNJFUMENM947CXXzulKIXiTl/oOspSQO8A8q3a/Xw6ihu -A0KbLhlvexPIqhwL23mantjNUdmWOD4lW/WO+PhBildZftVPAv+xkDyB99A2HHKR -ChPIu0sSn+Tpm6pV3lL6ggMsKLMnVD7ouvQn8dYk/Bxw1r4CXMOjn+eHz+LSe9ly -lwhgppOgvDgN+yGxmXRnkeTz3ufSmOvjpI7B+zmq8i9VvV8CyMaq7UJBMoTZjTYC -mgrIl4ctVxaNKmeIZAQTEQoADAUCU0KXOgWDB4YfgAAKCRBVz+2/lezyRnLeAQCl -B4j0ceEsXB9N6kepJdgemkl3I97+d7KC6aAOFlMHxwD+KMnSHL1eYvGyp65/qDXk -80IWMIS9kAJUpWgXFdhQrEWJARwEEgECAAYFAlJlovEACgkQWpmjIX5CAidCzwf+ -OvQD3dL9J8W8ZQf3PvVRFwWe1SQgtfBaHlIEs1nHQnnK9ByAqghXs3IclLxHl98h -z9HOE9jQhS3sugQpph8mh8AlVXhZjwxHMXYbm1Zb2EGI0ZaooNrJO13Iad5BzALy -2eLEG4zwxaKcPbfd3N9Ti4n3bGEPsJeddC603rJu2KTZGKXP7Xae8Go4itBcrnTl -d3LyyXMLpwsxOnjKG7ORF+g4qtI/PNGqZWJzxcSx86WQ7NEHx4mPKY/JXsCOdVsk -rWZ4vs67sk1240Q37/dX7qdF44TjDdEyI0yy6iPihdX4ceoVvFMYohjlkbezk8nR -0O/W8/XvwFLLjewcXTyIb4kCHAQTAQgABgUCWLPpSQAKCRBe4+L5dkCJuDJQEADG -ZF7htY5YLozRq9ZmBA6NXwmlIXtmWJ5iGciT68yGEAWkTYgXwkAKEnM3NuiCRjka -v7ccTFGmFAvk0p7Q8HKj5XtY8t0VUyqJqKhtezmFlzRfGo6V2kXH7gRkV4Yj7aNU -SFlGifWBlQmWzEgM3dm+GVkid3kxz27nTi54cFOprNz1jEQvp13VrRWnDZEXrNRd -FNphrdPOBaYb+fgoNHzmTlBDa2M9V19TfN6l0zmanx6scsmfnpEbgl6rZPWLU7OV -JB+vKEJcY1/8n7l7V5opIeDm7TzSk+RuEGH4427IPWOTzNig/Shi5Ub2GTzdJ2k2 -C/9gkPinaxWaItvLKLgykbSNMTNTkLHgb4P2OXPmtvmujhKaqMFwEgSrVCb2ynvs -2hYcpBjGddb+JQaj/ttFR7djEDL+H66Udvtm07yrOD3ZQD8tMJPcyt0mZ7WT+j/C -V8bp8hff9RtkNVqoylxM2lhc4SW5cKRt9PO6Gg0soAlINrPCRpt6LsSTXQQGr7dE -I7B1GYsq1xjuern8TaOVn7xRbEJZNlEyUi0HmDIxxPzICpjB7n83BmRztlcBHgYT -ClFSCMS8/d7T0GqbNnFxLLds9k2ml2n57EyZ3zs5HEfxpPeyYKks/jjj29zR5wg9 -4j4+4lpYF5bbI7YZc5JVoFUwSntXGylgcM8b/1TfZLQMQnJhbmtvIE1hamljiQI+ -BBMBAgAoBQJRswvBAhsDBQkcMgSABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK -CRD1Bji4vGrwEoJ1D/921XQVT04T7vPNQ3MW7zDBSOg2aEyTWKsQ1bdezc3YoeYm -oL1T0xfRcfx0uIokbRsIEIdxV7LFUJr6pR9TS9svZ6i2Mkh/iquA8UQpNAWEDNhn -GGK1u49A1pMZw45Sk0K57rscrZ2k4pWrqMARqk68XBxOoXuOnIskio2x6FsF7L8q -2Q2ikqjM33Xpm5Edmb5/6QXVg+40aBRZVq2y3PQD9NZU+/wgdMbFrawrSLjAtzh0 -US3qTlZAPsfkZ1EWtTWjnzyRuBkCBGFAsAY6eBY3aGlNSaCwVqraXHVqxF0RC+rQ -5U9/KEyDsKGlDrNEJ+6SXns3DMWnXZ2gXfLOwpQlU1CgdVsJiEr0a5Rs9/Q2JBCq -Re0UAoJ6vNZN/WvSnVbirfHWimpZYWpUjV17QPCrumz7mJAtBqQdG9ruakx5mZ6N -l5k0LiHg/UGbsiGGWYEsWaE/r4XggtiQPijtD2qdpUINZw+sPpLk9T1J0MCf9Syl -JZYehcIKd7cJE6QcHt42LOiLEJJZJa6YvhpG4hgvIUOyS640wTWUp0K2QQpFfYGE -TJ2EM5brLKZufWQRxXrWPHDigBEs/R3j+luAcbcevr47VWrvGg/Z320d543FAZVp -l/sseL5Hk8LIOucH07s3MfdqVpFari4FJJ3lIJLRMF4A0F+vc/nK31HkfuQeNIkC -HAQQAQIABgUCUbOHMAAKCRDSTMVgScM3B6fkD/0XEyOn0GVRC3xda6mJMYh4y6uE -sxLp0zVwkje1R3R9hsYJEP9RYBKdIsVqSOFn514Dv9udyrlo4Yji6QRuYQpZYqR+ -hpwiLlCQG0yA6Rkb3y4ewJusOyMlxT+OWiQrR5nPKuf0nTNbbtBVBf7D5WWyk+ot -4pk8r1HY1A3ky4hQ2aLeawyClirvW5oM1nRmJGDc7pfB1oloVCnpYlNqcs1T1dNy -2QNU3zFCUlisJwkGQuQe4ZVe93mVlIx83r21MDn1wxq/+eKi2CqB9Q9gQHNgaNPg -6lgvLQwdBJ7flRmqGpyXPWOp05Z5IZRq5r+nRtt2R2lQSxXJJj//7eHptUVWTt5Q -06qR6uggUwKoPDpD2ncWZ0WBwmzSFfpk+cYuMhKuMzhEk2FC2CxaEc6R69pyvLb/ -1OBNofbApqgE9p1OzY4/AJlSID/I1niNCoUudQ7fPuDBOmbBLw30PfJ6eyNPUOIL -pycBK2j/yeLYE0HtjAAMX5VTbSA0/chCsBVH7bjKh9LLijkGgMwkYmnptb6AvmSt -b5vVZTRa+i5Jk2GU4EJjPvulAM9ZTouNLIDnhwh2eZRxJYgfWZ6ONbNbigUmBoOa -+njn2TEzBtndlYKAvJ0FcQfxhMh6DOdYQfn9g7N9gq8m3Z1RNZP2Snw8pmyFOKhF -ZhwXxnXLt+3t70Zq0okBHAQSAQIABgUCUmWi8QAKCRBamaMhfkICJ6ayB/4kAg/Q -y9hyNZ1YM8aSvpfvdNasJsBow3J20BZiPmTuMd4y1oDFf56tsCoXg64L3WJP+ynS -jMM6+zGYG8qkyha61GdsGlIxCBuVqZpDd7FwD1/6YiSgYBqF7ZJ4u2NSJeMFpjmL -vMmuglj+eza4GM7KvDsn2PjuPsEMHU42xM2dha1MA81rGpIX+gizv4w91S71FC0x -0KWLDf9KZtgHQIcyrA7IYAiDnNeXaDnSdYLPoRCFSfCPIWnlFW6i1qcOlhqYyd1Y -ommTv1ittF68cDxg1AyMdhSSfJgVCBSdw+7uJBNXqbzFPfk8zElCcCBjTErCTjmF -nCTJK/UlRUOIB2WHiQIcBBMBCAAGBQJYs+lSAAoJEF7j4vl2QIm4BNYP/0KUBZI1 -Z+lj+xAfRKwxCiKcWBhNdc+WLrtO7AvGs71yHu+s9a0L77lmBl3Doz29AEhh4pmw -aU3JLu+od1SmIuMmTSUw8AG3Btgc1FtxrfYoaKHnQkiq2Alt7r5kHbi7Z+HkRD+f -Vz6OK9MA5iBmvevzA+/c4O9XpOR6sxyJcQzLPfTb9swDcylGuX4ge6WiLNUFuWKf -0BqEF5FrfVik3u679kj64xh2xYHfwPFEL0QLL8iSzeio9mfIx3JwIrLVeoakMJ3H -LfqmSVMBlhEGkMZfrEo+ekHt4uv8blvM2RRokExHtHodz33m+HECxktxn8S9RLmo -8JXSGpXu+9L1qSf3DEgi1VvSVa5lH5j1ogxtaeK4nWE7y/HgW5jQhm68idfnboFw -XWW7UqJtAIwv6izJK27ELvms5D4YY/J2sncf0XG3QdLhCOwEB2XYhSjvzsMdWM1D -mWetZAFFQo2LTbX7DR7OAjr/CP16xAuY9AVgrW4cYqcdURax2hDkrHWKskhP5Xgv -RwsA9fiWcn3TqKMUErwu8D08xUtbjoJrl1xLkmUrek9WbFhfJKwNIIWOIBZ7+IE7 -WXOkp5Sg8it/k6Gx/U2P79clmM0lexC5s+ZtO/7bW2jSb+nxGki+nT4oDKxlM2/N -WIDiQ7DrbxYrWwX+Pna7UMj1XCPjs0fZFPusuQINBFGxsVIBEADPtyQhoi9/awxX -air84D2/sbsQkVwgB9e+bW38DB00Ld9XnqLEJ8V0gSI1DSXJbjU1HBL+s3of9NGn -11De9pmvdhUpiaj7ITT7StF5sJMwThrtmfknrCICt+RD+S9pLUSahssIs2wRZ8lA -e1xW7oWsqTG1eVpMu+CqZBD6Aorm//PfROfHzo/huuLTexS+kvh6ZXu+8ajfQDVm -HH+m54bxWMYj/pCPNvV/kHk/UA+V1rsdQ7qx/bUeDFhCU5dNSmR/hvG+M3MY8SQF -1k44Z5DPtZ4pEBJlSJu1itVNzFdM3lyYGG2TDdJZoPO/mJh3xfzEQ8xG26iZU+A7 -48Asjiin+USRW4j1H8Ugo7mW2nJQPWSF3OeN4xLu685zmaXvxfL58P3V71gIW2U7 -aanEUjkJD3hkYw0HbXeIR1MC1R1QtGeEVDr9K2XyNwRFKvYCC6fRdq/8BE6z+YJf -nRC2u1VDZNuK4ILpLRoE+CkjdP3hYeJG4ox4F0cSF8mpr2b4xB/2GRPg7ElXeuke -O+2s70fL9nE8ECxQ9vGqQ5zR8lKe8M8GHz8p+v6oaBTKgk6mB6qdjHaD30qLWSPE -vn4l1qXXe0ug/0hts1RpFlSOwJh5djhJVtW0YWGESjkeNyFTk+Xab7gWoVO4/kkq -oXrt4GG66MeIJIRZG9Z5us3nmBNu+QARAQABiQRbBBgBCgAmAhsCFiEE/bUwzApE -rFFu+QbM9QY4uLxq8BIFAmSGN8EFCRS1ue8CKcFdIAQZAQIABgUCUbGxUgAKCRAr -RqWmB2pmsZTYD/9p0QDvN/8t1vMQOqTwIX0h7uw+ucjbWGP4S2fA8o6DHblOFxOO -2f67nEbeBAfJEh+zSFeCvwagoEyn3R5shNYcFo1bVrqWL4SOH7hRLlJ+Nrikiwzt -KEw9IhVl2EUZT9Pye46o2vdpnFTvUWh/FXuosOcaMgHvcf1tvi0vJvQJQ98DQSPq -1QXrPBN1D9azBcRu/rZwn1RWeJlQee6G3xMNGX6v7x6cSinmLxQIXg3QDK9U/RjF -Fwk+OfCeHxtipE4b2w8TAJqtumqotcpi50xWrSzZOWn2F/V3T+Ne1/uqaZtxBKre -fhA6iRWTBsnIJtp+3N9JDvIZHGM+ulgd/Rje2bpVXjOXsOEdmAAyVB+kAr5C7RBE -VlQR1WmpWmKfXz9Iq2GoxzYTgiOxyhs/n657hWFGodA+DdifhjPsDpDeFRbzl6Be -Pnkq/uEwkPyHP2ZSSM5/OI/ba2Xcuiqy+b1SpszEgJfZWzSmRN5dzbQK+sQT5k7+ -X0DFaJnvYHgkDDhFH+bPvTNKGSgYADoyAYZQSqXuhQ6f0lyBUL8g2jQmhA8MyAUA -C81Y+5V6vgFuiXJnufBFTKv33xPjH9Yn6nokpxMcQ9IXDgJS06oCWGwfO9UXIInF -LHiar2W/ZG87nkkZhO4KICsdf7l5oqDioK3LvvZnbxlt5blJaM1q5DC47QkQ9QY4 -uLxq8BIQiA//ZBuDFVcUZgRgY6B2oQ/YgtXziCEo6Uv1uuz6cf9Og/Srfu5aicu7 -VZEN2tiXv8R41c9VodII7dSmHHxgIyJmjUAcC+5tzD06Nde2oABmEA+jVfZ0x3bI -e9g6bjdwFiSNSynCzaqjqAQVelJAVsn3d3oaykQmninTdpqE96kZKQE5bTXeJC+a -dhbY+Gv0R9SgzFCqONuv2kgiGW+VygcKb1e9XG9W6fGAtfh+5njdSkNx9XBUaWkJ -OUeF+q3PKG8e17fLfSt+kVyMsUQdq2hdKp+x5e/AuSFuikZjbuMO5vHCCrcARTmK -SOf+uJB+mwi1M1+3LIm1ctg2Xg3G0H+ggwNoaeccUF1dJa0P+3CUqi4BjbtUt9rF -nkdyPjqRF6gWY+T5s7U4hjo4t7S10+vUeOUXSvwFfdBx94mSy/1KzK5qh/P2y3XU -tRCPEB2odjFSZVns1f4gg2qjqO/rDVjZSYNoNDsKUHxda6lP9HNIXOJ2Qc7jfmQO -0PKpTi7brOc4QzcoYHmwdCSUsDljBkyGe1dUhjLwp7JbU88c6s9t4pd8pC/22/83 -2nfrTzhky3hXrEWpRFLSJUZBIOpADLOC6Ol+9nAszi3GRmoNALxDDnJRex0Ox9E5 -1eEYT/58c5dsF+yiEIJyiGEEC3rnSVf3fgugEUdAkcGfVNq9SkJDzL8= -=rzMU ------END PGP PUBLIC KEY BLOCK----- diff --git a/roles/xmpp_server/molecule/default/group_vars/deprecated.yml b/roles/xmpp_server/molecule/default/group_vars/deprecated.yml deleted file mode 100644 index d823799e1d34a15f792e09136ffbe2708b75fce7..0000000000000000000000000000000000000000 --- a/roles/xmpp_server/molecule/default/group_vars/deprecated.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- - -xmpp_administrators: - - eve.doe@domain4 -xmpp_domains: - - domain4 -xmpp_ldap_base_dn: dc=local -xmpp_ldap_password: prosodypassword -xmpp_ldap_server: ldap-server -xmpp_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_xmpp.cert.pem') }}" -xmpp_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_xmpp.key.pem') }}" - -# common -ca_certificates: - testca: "{{ lookup('file', 'tests/data/x509/ca/level1.cert.pem') }}" diff --git a/roles/xmpp_server/molecule/default/molecule.yml b/roles/xmpp_server/molecule/default/molecule.yml index 4ee4c079d87fde8c8058892047d134c5676154b1..101c39707f8b05792e53b2d4851181233f95e610 100644 --- a/roles/xmpp_server/molecule/default/molecule.yml +++ b/roles/xmpp_server/molecule/default/molecule.yml @@ -63,19 +63,6 @@ platforms: network_name: private_network type: static - - name: deprecated-buster64 - groups: - - deprecated - - buster - box: debian/contrib-buster64 - memory: 512 - cpus: 1 - interfaces: - - auto_config: true - ip: 192.168.56.33 - network_name: private_network - type: static - provisioner: name: ansible playbooks: diff --git a/roles/xmpp_server/molecule/default/playbook.yml b/roles/xmpp_server/molecule/default/playbook.yml index 6a054690180ae917260e163c1483db00ed9725ef..28027f6e59874d5ac59044ec106661d2b9e80c76 100644 --- a/roles/xmpp_server/molecule/default/playbook.yml +++ b/roles/xmpp_server/molecule/default/playbook.yml @@ -1,6 +1,6 @@ --- -- hosts: parameters-mandatory,parameters-optional,deprecated +- hosts: parameters-mandatory,parameters-optional become: true roles: - xmpp_server diff --git a/roles/xmpp_server/molecule/default/prepare.yml b/roles/xmpp_server/molecule/default/prepare.yml index 4ac6b06cf5da8e9a75f84063618d2be551305dc5..6d4e6d58b234b6eabd522d16d02a99106ff4ac24 100644 --- a/roles/xmpp_server/molecule/default/prepare.yml +++ b/roles/xmpp_server/molecule/default/prepare.yml @@ -37,12 +37,6 @@ - domain3 - proxy.domain3 - conference.domain3 - - name: deprecated-buster64_xmpp - fqdn: - - deprecated - - domain4 - - proxy.domain4 - - conference.domain4 - name: Set-up link to generated X.509 material file: @@ -99,7 +93,6 @@ 192.168.56.21: "client-buster" 192.168.56.31: "parameters-mandatory domain1 proxy.domain1 conference.domain1" 192.168.56.32: "parameters-optional domain2 proxy.domain2 conference.domain2 domain3 proxy.domain3 conference.domain3" - 192.168.56.33: "deprecated domain4 proxy.domain4 conference.domain4" - name: Enable TLSv1.0+ in global OpenSSL configuration file in order to be able to test the xmpp_server_tls_protocol parameter lineinfile: @@ -111,65 +104,6 @@ mode: 0644 state: present - # @WORKAROUND: Prosody repository override - # - # Prosody project has killed off Debian Buster repositories. Trick - # the system to install packages from custom repository location - # instead. - - name: Override server IP for Prosody repository via hosts file - lineinfile: - path: /etc/hosts - regexp: - line: "{{ lookup('dig', 'prosody.repo.majic.rs') }} packages.prosody.im" - owner: root - group: root - mode: 0644 - state: present - tags: - - workaround:prosody_repository_override - - - name: Add workaround Prosody repository signing key - apt_key: - data: "{{ lookup('file', 'workaround_prosody_repository_signing_key.asc') }}" - state: present - tags: - - workaround:prosody_repository_override - -- hosts: deprecated - become: true - tasks: - - - name: Add Prosody repository signing key - apt_key: - data: "{{ lookup('file', 'prosody-debian-gpg-key.asc') }}" - state: present - - - name: Add Prosody repository - apt_repository: - repo: "deb http://packages.prosody.im/debian {{ ansible_distribution_release }} main" - state: present - - - name: Install Prosody (from Prosody repository) - apt: - name: prosody-0.11 - state: present - - - name: Set-up directory for storing additional Prosody modules - file: - path: "/usr/local/lib/prosody/modules/" - state: directory - owner: root - group: root - mode: 0755 - - - name: Invalidate the Prosody repository URL for testing if the file gets dropped at correct time during initial converge - copy: - content: "deb http://invalidname/debian buster main" - dest: "/etc/apt/sources.list.d/packages_prosody_im_debian.list" - owner: root - group: root - mode: 0644 - - hosts: clients become: true tasks: @@ -238,11 +172,6 @@ server: domain1 security: tls nickname: noxmpp - - jid: eve.doe@domain4 - password: evepassword - server: domain4 - security: tls - nickname: eve.doe handlers: @@ -309,17 +238,6 @@ sn: XMPP mail: noxmpp@domain1 - - dn: uid=eve,ou=people,dc=local - objectClass: - - inetOrgPerson - - simpleSecurityObject - attributes: - userPassword: evepassword - uid: eve - cn: Eve Doe - sn: Doe - mail: eve.doe@domain4 - - name: Add test accounts to correct group ldap_attr: dn: "cn=xmpp,ou=groups,dc=local" @@ -331,7 +249,7 @@ - uid=mick,ou=people,dc=local - uid=eve,ou=people,dc=local -- hosts: parameters-mandatory,parameters-optional,deprecated +- hosts: parameters-mandatory,parameters-optional become: true tasks: diff --git a/roles/xmpp_server/molecule/default/tests/test_client.py b/roles/xmpp_server/molecule/default/tests/test_client.py index d6319f243280118931d51cac735699645547b5da..c2b8cc3151d5b2edcd19c498d56bceeee790f0d0 100644 --- a/roles/xmpp_server/molecule/default/tests/test_client.py +++ b/roles/xmpp_server/molecule/default/tests/test_client.py @@ -28,7 +28,6 @@ def test_connectivity(host): @pytest.mark.parametrize("username, password, domain", [ ["john.doe", "johnpassword", "domain1"], ["jane.doe", "janepassword", "domain2"], - ["eve.doe", "evepassword", "domain4"], ]) def test_tls(host, username, password, domain): """ @@ -47,7 +46,6 @@ def test_tls(host, username, password, domain): @pytest.mark.parametrize("username, password, domain", [ ["john.doe", "johnpassword", "domain1"], ["jane.doe", "janepassword", "domain2"], - ["eve.doe", "evepassword", "domain4"], ]) def test_authentication_requires_tls(host, username, password, domain): """ @@ -63,7 +61,6 @@ def test_authentication_requires_tls(host, username, password, domain): ["john.doe", "johnpassword", "domain1"], ["jane.doe", "janepassword", "domain2"], ["mick.doe", "mickpassword", "domain3"], - ["eve.doe", "evepassword", "domain4"], ]) def test_authentication(host, username, password, domain): """ @@ -82,7 +79,6 @@ def test_authentication(host, username, password, domain): @pytest.mark.parametrize("target_username, target_domain", [ ["john.doe", "domain1"], ["jane.doe", "domain2"], - ["eve.doe", "domain4"], ]) def test_unauthorized_users_rejected(host, target_username, target_domain): """ diff --git a/roles/xmpp_server/molecule/default/tests/test_default.py b/roles/xmpp_server/molecule/default/tests/test_default.py index f67dcf71fd751980c9504ce4eadb5d018f87b3e7..69e5ce1252871a2cbcc8654a3e7bae65c56df400 100644 --- a/roles/xmpp_server/molecule/default/tests/test_default.py +++ b/roles/xmpp_server/molecule/default/tests/test_default.py @@ -6,9 +6,6 @@ import testinfra.utils.ansible_runner testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-*') -testinfra_hosts += testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('deprecated') - def test_installed_packages(host): """ diff --git a/roles/xmpp_server/molecule/default/tests/test_deprecated.py b/roles/xmpp_server/molecule/default/tests/test_deprecated.py deleted file mode 100644 index 819a1a5b2531bb9d845ed7e3aedb85e12c6635b5..0000000000000000000000000000000000000000 --- a/roles/xmpp_server/molecule/default/tests/test_deprecated.py +++ /dev/null @@ -1,168 +0,0 @@ -import os - -import defusedxml.ElementTree as ElementTree - -import pytest - -import testinfra.utils.ansible_runner - - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('deprecated') - - -def test_prosody_configuration_file_content(host): - """ - Tests if Prosody configuration file has correct content. - """ - - hostname = host.run('hostname').stdout.strip() - - with host.sudo(): - - config = host.file('/etc/prosody/prosody.cfg.lua') - - assert "admins = { \"eve.doe@domain4\", }" in config.content_string - assert "key = \"/etc/ssl/private/%s_xmpp.key\";" % hostname in config.content_string - assert "certificate = \"/etc/ssl/certs/%s_xmpp.pem\";" % hostname in config.content_string - assert "ldap_server = \"ldap-server\"" in config.content_string - assert "ldap_rootdn = \"cn=prosody,ou=services,dc=local\"" in config.content_string - assert "ldap_password = \"prosodypassword\"" in config.content_string - assert "ldap_filter = \"(&(mail=$user@$host)(memberOf=cn=xmpp,ou=groups,dc=local))\"" in config.content_string - assert "ldap_base = \"ou=people,dc=local\"" in config.content_string - assert "archive_expires_after = \"never\"" in config.content_string - - assert """VirtualHost "domain4" -Component "conference.domain4" "muc" - restrict_room_creation = "local" -Component "proxy.domain4" "proxy65" - proxy65_acl = { "domain4" }""" in config.content_string - - -def test_correct_prosody_package_installed(host): - """ - Tests if correct Prosody package has been installed. - """ - - assert host.package('prosody').is_installed - - -@pytest.mark.parametrize("port", [ - 5222, - 5223 -]) -def test_xmpp_c2s_tls_version_and_ciphers(host, port): - """ - Tests if the correct TLS version and ciphers have been enabled for - XMPP C2S ports. - """ - - expected_tls_versions = ["TLSv1.2"] - - expected_tls_ciphers = [ - "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", - "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", - "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", - ] - - # Run the nmap scanner against the server, and fetch the results. - nmap = host.run("nmap -sV --script ssl-enum-ciphers -p %s domain4 -oX /tmp/report.xml", str(port)) - assert nmap.rc == 0 - report_content = host.file('/tmp/report.xml').content_string - - report_root = ElementTree.fromstring(report_content) - - tls_versions = [] - tls_ciphers = set() - - for child in report_root.findall("./host/ports/port/script[@id='ssl-enum-ciphers']/table"): - tls_versions.append(child.attrib['key']) - - for child in report_root.findall(".//table[@key='ciphers']/table/elem[@key='name']"): - tls_ciphers.add(child.text) - - tls_versions.sort() - tls_ciphers = sorted(list(tls_ciphers)) - - assert tls_versions == expected_tls_versions - assert tls_ciphers == expected_tls_ciphers - - -def test_dependent_packages_not_installed_from_prosody_repository(host): - """ - Tests if no dependent packages have been installed from the - Prosody project repository. - - This tests exists primarily to check if the Ansible code will - switch over correctly to using the stock Debian packages instead, - since upstream has a tendency to drop repositories for old Debian - releases (they do not support Debian LTS releases). - """ - - # Retrieve list of all packages except Prosody itself, and check - # if any of them mention prosody in the version string. - packages = host.run("dpkg-query --show --showformat '${db:Status-Status} ${Package} ${Version}\n' |" - "grep '^installed' | grep -v '^installed prosody' | grep prosody").stdout - assert packages == "" - - -def test_prosody_package_not_installed_from_prosody_repository(host): - """ - Tests if Prosody package itself has not been installed from the - project repository" - - This tests exists primarily to check if the Ansible code will - switch over correctly to using the stock Debian packages instead, - since upstream has a tendency to drop repositories for old Debian - releases (they do not support Debian LTS releases). - """ - - # Extract name of package providing Prosody XMPP server. - package_name = host.run(" dpkg-query --show --showformat '${db:Status-Status} ${Package}: ${Provides} \n'" - "| grep '^installed' | grep ': .*xmpp-server'" - "| sed -e 's/installed //;s/:.*//'").stdout.strip() - - assert package_name != "", "Failed to extract name of package providing Prosody." - - package_info = host.run("dpkg-query --show --showformat 'Package: ${Package}\nVersion: ${Version}\nMaintainer: ${Maintainer}\n' %s", package_name) - - assert package_info.rc == 0, "Failed to retrieve information about package: %s " % package_name - - assert "nightly" not in package_info.stdout - assert "Matthew James Wild" not in package_info.stdout - - -@pytest.mark.parametrize("apt_key", [ - "107D 65A0 A148 C237 FDF0 0AB4 7393 D7E6 74D9 DBB5", - "44AB 6DD0 6DA4 6979 CFAF 997F 9B1B 8278 6C8F 28BA" -]) -def test_prosody_apt_key_is_absent(host, apt_key): - """ - Tests if Prosody repository signing key has been removed. - """ - - keys = host.run("apt-key adv --fingerprint --fingerprint prosody") - - assert apt_key not in keys.stdout - - -def test_prosody_repository_is_absent(host): - """ - Tests if Prosody repository is absent. - """ - - assert not host.file("/etc/apt/sources.list.d/packages_prosody_im_debian.list").exists - - -def test_prosody_modules_directory_is_absent(host): - """ - Tests if directory for storing deprecated Prosody modules has been - correctly removed. - """ - - directory = host.file('/usr/local/lib/prosody/') - - assert not directory.exists diff --git a/roles/xmpp_server/tasks/main.yml b/roles/xmpp_server/tasks/main.yml index a1b29a99df79174affce1030031ce84d9dc916eb..63b229010ba263360df11e837bad65590374b289 100644 --- a/roles/xmpp_server/tasks/main.yml +++ b/roles/xmpp_server/tasks/main.yml @@ -8,63 +8,6 @@ name: python-apt -# Deprecation -# =========== - -- name: Drop directory for storing custom Prosody modules - file: - path: "/usr/local/lib/prosody/" - state: absent - notify: - - Restart Prosody - -- name: Collect information about installed packages - package_facts: - -- name: Uninstall Prosody from project-provided repository - apt: - name: prosody - state: absent - when: - - "ansible_facts.packages['prosody'] is defined" - - "'nightly' in ansible_facts.packages['prosody'][0].version" - -- name: Uninstall Prosody dependencies from project-provided repository - apt: - name: - - lua-expat - - lua-filesystem - - lua-sec - - lua-socket - state: absent - when: >- - (ansible_facts.packages['lua-expat'] is defined and 'prosody' in ansible_facts.packages['lua-expat'][0].version) - or (ansible_facts.packages['lua-filesystem'] is defined and 'prosody' in ansible_facts.packages['lua-filesystem'][0].version) - or (ansible_facts.packages['lua-sec'] is defined and 'prosody' in ansible_facts.packages['lua-sec'][0].version) - or (ansible_facts.packages['lua-socket'] is defined and 'prosody' in ansible_facts.packages['lua-socket'][0].version) - -- name: Remove Prosody project-provided apt key - apt_key: - id: "{{ item }}" - state: absent - with_items: - - "107D65A0A148C237FDF00AB47393D7E674D9DBB5" - - "44AB6DD06DA46979CFAF997F9B1B82786C8F28BA" - -- name: Remove Prosody project-provided repository - apt_repository: - repo: "deb http://packages.prosody.im/debian {{ ansible_distribution_release }} main" - state: absent - -# Remove the repository configuration file based on path as well, just -# to be on the safe side (in case the file was manually modified, and -# did not get detected properly by apt_repository module). -- name: Remove Prosody project-provided repository (double-tap) - file: - path: "/etc/apt/sources.list.d/packages_prosody_im_debian.list" - state: absent - - # Main implementation # =================== diff --git a/roles/xmpp_server/templates/prosody.cfg.lua.j2 b/roles/xmpp_server/templates/prosody.cfg.lua.j2 index 17f4c1e63fb2f305083e711d629782532a4cefd4..ba312efa3b16d6e0408057c02608bdd6f231d0b3 100644 --- a/roles/xmpp_server/templates/prosody.cfg.lua.j2 +++ b/roles/xmpp_server/templates/prosody.cfg.lua.j2 @@ -1,6 +1,3 @@ --- Additional paths to search for modules. -plugin_paths = { "/usr/local/lib/prosody/modules/" } - -- List of server administrators. admins = { {% for admin in xmpp_administrators %}"{{ admin }}", {% endfor %} }