majic-ansible-roles Changeset

Changeset - 114f02e67a4d

Parent rev.

Child rev.

[Not reviewed]

0 4 1

Branko Majic (branko) - 3 years ago 2020-11-17 15:28:34
branko@majic.rs

MAR-173: Switch to using Prosody 0.11 as default version in the xmpp_server role:

- Updated default value for the Prosody package parameters.
- Configure the backports repository on the server, and pin the
lua-ldap package to be installed from the backports
repository (needed for Lua 5.2 support).
- Drop the explicit installation of lua-sec library - it is already
installed as pre-requisite for the Prosody package.

5 files changed with 75 insertions and 9 deletions:

roles/xmpp_server/defaults/main.yml

roles/xmpp_server/molecule/default/tests/test_default.py

roles/xmpp_server/molecule/default/tests/test_mandatory.py

roles/xmpp_server/tasks/main.yml

roles/xmpp_server/templates/lua_ldap_backports_pin.j2

0 comments (0 inline, 0 general)

roles/xmpp_server/defaults/main.yml

➞

Show inline comments

 ---
 enable_backup: false
-xmpp_prosody_package: "prosody-0.10"
+xmpp_prosody_package: "prosody-0.11"
 xmpp_server_tls_protocol: "tlsv1_2+"
 xmpp_server_tls_ciphers: "\
 DHE-RSA-AES128-GCM-SHA256:\

roles/xmpp_server/molecule/default/tests/test_default.py

➞

Show inline comments

@@ @@ -14,7 +14,6 @@ def test_supporting_packages_installed(host): @@
     """
     assert host.package('python-apt').is_installed
     assert host.package('lua-sec').is_installed
     assert host.package('lua-ldap').is_installed
@@ @@ -235,6 +234,44 @@ def test_tls_connectivity(host): @@
     assert 'not-well-formed' in s2s.stdout
 def test_backports_repository(host):
     """
     Tests if backports repository has been added.
     """
     repository = host.file("/etc/apt/sources.list.d/backports.list")
     distribution_release = host.ansible("setup")["ansible_facts"]["ansible_distribution_release"]
     expected_content = "deb http://ftp.debian.org/debian %s-backports main\n" % distribution_release
     assert repository.is_file
     assert repository.user == 'root'
     assert repository.group == 'root'
     assert repository.mode == 0o644
     assert repository.content_string == expected_content
 def test_lua_ldap_pin_and_version(host):
     """
     Tests if lua-ldap package has been correctly pinned to the
     backports repository.
     """
     distribution_major_version = host.ansible("setup")["ansible_facts"]["ansible_distribution_major_version"]
     backports_version_suffix = "bpo%s" % distribution_major_version
     pin_configuration_file = host.file("/etc/apt/preferences.d/lua-ldap")
     lua_ldap = host.package("lua-ldap")
     assert pin_configuration_file.is_file
     assert pin_configuration_file.user == 'root'
     assert pin_configuration_file.group == 'root'
     assert pin_configuration_file.mode == 0o644
     assert backports_version_suffix in lua_ldap.version
 # @TODO: Tests which were not implemented due to lack of out-of-box tools:
+#
 # - Proxy capability.

roles/xmpp_server/molecule/default/tests/test_mandatory.py

➞

Show inline comments

@@ @@ -43,7 +43,7 @@ def test_correct_prosody_package_installed(host): @@
     Tests if correct Prosody package has been installed.
     """
-    assert host.package('prosody-0.10').is_installed
+    assert host.package('prosody-0.11').is_installed
 @pytest.mark.parametrize("port", [

roles/xmpp_server/tasks/main.yml

➞

Show inline comments

@@ @@ -4,6 +4,23 @@ @@
   apt:
     name: python-apt
 - name: Add Debian backports repository for Debian Stretch
   apt_repository:
     repo: "deb http://ftp.debian.org/debian {{ ansible_distribution_release }}-backports main"
     filename: "backports"
     state: present
     mode: 0644
   when: "ansible_distribution_release == 'stretch'"
 - name: Pin the lua-ldap package to backports repository for Debian Stretch
   template:
     src: "lua_ldap_backports_pin.j2"
     dest: "/etc/apt/preferences.d/lua-ldap"
     owner: root
     group: root
     mode: 0644
   when: "ansible_distribution_release == 'stretch'"
 - name: Add Prosody repository apt key
   apt_key:
     data: "{{ lookup('file', 'prosody-debian-packages.gpg') }}"
@@ @@ -14,15 +31,18 @@ @@
     repo: "deb http://packages.prosody.im/debian {{ ansible_distribution_release }} main"
     state: present
 - name: Install Lua Sec library (needed for TLS)
   apt:
     name: lua-sec
     state: present
 # Stick to the 'latest' state to ensure we get pinned package
 # installed in case of distribution upgrades.
 - name: Install Lua LDAP library
   apt:
     name: lua-ldap
     state: present
     # [403] Package installs should not use latest
     #   The latest has to be used when upgrading existing systems to get
     #   the correct version of lua-ldap with support for Lua 5.2 from
     #   the backports repository.
     state: latest  # noqa 403
   notify:
     - Restart Prosody
 - name: Install Prosody
   apt:

roles/xmpp_server/templates/lua_ldap_backports_pin.j2

➞

Show inline comments

@@ new file 100644 @@
+#
 # This file contains pinning information for deploying the backported
 # version of lud-ldap that supports Lua 5.2 (for use with the Prosody
 # XMPP server).
+#
 Package: lua-ldap
 Pin: release a={{ ansible_distribution_release }}-backports
 Pin-Priority: 600
@@ \ No newline at end of file @@

0 comments (0 inline, 0 general)