From 7d9696a7b5cc2f2097bc7a6052a192a16af16635 2021-01-14 23:50:11
From: Branko Majic <branko@majic.rs>
Date: 2021-01-14 23:50:11
Subject: [PATCH] MAR-151: Added support for Debian 10 Buster to mail_server role:

- Updated role reference documentaiton.
- Updated role meta information.
- Updated tests.
- Improve handling of configured IP in tests to avoid hard-coding the
  value in the relevant test for Postfix configuration file content.

---

diff --git a/docs/rolereference.rst b/docs/rolereference.rst
index 8c67b45c9ab022026ae3258242109320d224e757..605c4627f920d9e5a0b01fde7bdc321b6675fe61 100644
--- a/docs/rolereference.rst
+++ b/docs/rolereference.rst
@@ -1239,6 +1239,7 @@ Distribution compatibility
 Role is compatible with the following distributions:
 
 - Debian 9 (Stretch)
+- Debian 10 (Buster)
 
 
 Examples
diff --git a/roles/mail_server/meta/main.yml b/roles/mail_server/meta/main.yml
index 2bfe5104bd7daef14b7cf50d305140f2dc0176f5..77309db93eeee164ad59ce6696f99c764f91220d 100644
--- a/roles/mail_server/meta/main.yml
+++ b/roles/mail_server/meta/main.yml
@@ -16,5 +16,5 @@ galaxy_info:
   platforms:
     - name: Debian
       versions:
-        - 8
         - 9
+        - 10
diff --git a/roles/mail_server/molecule/default/group_vars/parameters-optional.yml b/roles/mail_server/molecule/default/group_vars/parameters-optional.yml
index 000ec39fd46f9d6cf261f68d72a88d5dc28969d3..75de4e2778e997ae39f05f8864b0393e88c46f10 100644
--- a/roles/mail_server/molecule/default/group_vars/parameters-optional.yml
+++ b/roles/mail_server/molecule/default/group_vars/parameters-optional.yml
@@ -28,9 +28,14 @@ smtp_rbl:
 
 mail_postmaster: "webmaster@parameters-optional"
 smtp_allow_relay_from:
-  - "10.31.127.22"
+  - "{{ release_based_smtp_allow_relay_from[ansible_distribution_release] }}"
 mail_message_size_limit: 20480001
 
+# Variables dependant on distribution release.
+release_based_smtp_allow_relay_from:
+  stretch: "10.31.127.22"
+  buster: "10.31.127.20"
+
 # common
 ca_certificates:
   testca: "{{ lookup('file', 'tests/data/x509/ca/level1.cert.pem') }}"
diff --git a/roles/mail_server/molecule/default/host_vars/ldap-server.yml b/roles/mail_server/molecule/default/host_vars/ldap-server.yml
index a4bba319945577af97899dc9de15ab7d6245749c..29861c658662ba08ba3205c7527bef272aef5455 100644
--- a/roles/mail_server/molecule/default/host_vars/ldap-server.yml
+++ b/roles/mail_server/molecule/default/host_vars/ldap-server.yml
@@ -43,10 +43,10 @@ backup_host_ssh_private_keys:
   ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
 backup_clients:
 
-  - server: parameters-optional-j64
-    ip: 10.31.127.31
-    public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
-
   - server: parameters-optional-s64
     ip: 10.31.127.33
     public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
+
+  - server: parameters-optional-b64
+    ip: 10.31.127.31
+    public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
diff --git a/roles/mail_server/molecule/default/molecule.yml b/roles/mail_server/molecule/default/molecule.yml
index 5e35f624f714a827dc09ec3ba99ff0dafcf21474..b7182f8b63c6c770ca320ee91bf0106789d64f2a 100644
--- a/roles/mail_server/molecule/default/molecule.yml
+++ b/roles/mail_server/molecule/default/molecule.yml
@@ -80,6 +80,62 @@ platforms:
         network_name: private_network
         type: static
 
+  - name: client1-buster
+    groups:
+      - client
+      - client-relay-allowed
+      - buster
+      - smtp-server-requiring-tls
+    box: debian/contrib-buster64
+    memory: 256
+    cpus: 1
+    interfaces:
+      - auto_config: true
+        ip: 10.31.127.20
+        network_name: private_network
+        type: static
+
+  - name: client2-buster
+    groups:
+      - client
+      - client-relay-forbidden
+      - buster
+      - smtp-server-refusing-tls
+    box: debian/contrib-buster64
+    memory: 256
+    cpus: 1
+    interfaces:
+      - auto_config: true
+        ip: 10.31.127.21
+        network_name: private_network
+        type: static
+
+  - name: parameters-mandatory-buster64
+    groups:
+      - parameters-mandatory
+      - buster
+    box: debian/contrib-buster64
+    memory: 1536
+    cpus: 1
+    interfaces:
+      - auto_config: true
+        ip: 10.31.127.30
+        network_name: private_network
+        type: static
+
+  - name: parameters-optional-buster64
+    groups:
+      - parameters-optional
+      - buster
+    box: debian/contrib-buster64
+    memory: 1536
+    cpus: 1
+    interfaces:
+      - auto_config: true
+        ip: 10.31.127.31
+        network_name: private_network
+        type: static
+
 provisioner:
   name: ansible
   playbooks:
diff --git a/roles/mail_server/molecule/default/prepare.yml b/roles/mail_server/molecule/default/prepare.yml
index 011685d4206f4dc5163cde258b41cc42ec4d6a20..fa5b9fb3c9d2cfdbc3ef1d85ac97e663136823f5 100644
--- a/roles/mail_server/molecule/default/prepare.yml
+++ b/roles/mail_server/molecule/default/prepare.yml
@@ -34,6 +34,14 @@
           fqdn: parameters-optional-stretch64
         - name: parameters-optional-stretch64_smtp
           fqdn: parameters-optional-stretch64
+        - name: parameters-mandatory-buster64_imap
+          fqdn: parameters-mandatory-buster64
+        - name: parameters-mandatory-buster64_smtp
+          fqdn: parameters-mandatory-buster64
+        - name: parameters-optional-buster64_imap
+          fqdn: parameters-optional-buster64
+        - name: parameters-optional-buster64_smtp
+          fqdn: parameters-optional-buster64
 
     - name: Set-up link to generated X.509 material
       file:
@@ -86,6 +94,26 @@
         10.31.127.32: "parameters-mandatory parameters-mandatory-stretch64"
         10.31.127.33: "parameters-optional parameters-optional-stretch64"
 
+- hosts: buster
+  become: true
+  tasks:
+
+    - name: Set-up the hosts file
+      lineinfile:
+        path: /etc/hosts
+        regexp: "^{{ item.key }}"
+        line: "{{ item.key }} {{ item.value }}"
+        owner: root
+        group: root
+        mode: 0644
+        state: present
+      with_dict:
+        10.31.127.10: "ldap-server backup-server"
+        10.31.127.20: "client1 smtp-server-requiring-tls"
+        10.31.127.21: "client2 smtp-server-refusing-tls"
+        10.31.127.30: "parameters-mandatory parameters-mandatory-buster64"
+        10.31.127.31: "parameters-optional parameters-optional-buster64"
+
 - hosts: client
   become: true
   tasks:
diff --git a/roles/mail_server/molecule/default/tests/test_optional.py b/roles/mail_server/molecule/default/tests/test_optional.py
index 405fa457e7a34347e023125e10f74d66519ba1b1..a0c1fa4812a43a3f646f15f40dcac53854f83fcb 100644
--- a/roles/mail_server/molecule/default/tests/test_optional.py
+++ b/roles/mail_server/molecule/default/tests/test_optional.py
@@ -30,7 +30,9 @@ def test_postfix_main_cf_file_content(host):
     Tests if the Postfix main configuration file content is correct.
     """
 
-    allow_relay_from_ip = "10.31.127.22"
+    host_variables = host.ansible.get_variables()
+
+    allow_relay_from_ip = host_variables["smtp_allow_relay_from"]
 
     hostname = host.run('hostname').stdout.strip()