Changeset - 2ada86e90026
Parent rev.
Child rev.
[Not reviewed]
0 12 3
Branko Majic (branko) - 6 years ago 2018-06-03 11:34:50
branko@majic.rs
MAR-129: Updated xmpp_server role for Ansible 2.5.x and new Molecule:

- Include top-level lint configuration in test configuration.
- Fixed linting errors.
- Moved test playbook variables into group_vars and host_vars.
- Fixed deprecation warnings from Ansible.
- Updated how hosts are referenced within tests.
15 files changed with 188 insertions and 173 deletions:
roles/xmpp_server/defaults/main.yml
1
1
roles/xmpp_server/molecule/default/create.yml
1
1
roles/xmpp_server/molecule/default/destroy.yml
1
1
roles/xmpp_server/molecule/default/group_vars/parameters-mandatory.yml
15
roles/xmpp_server/molecule/default/group_vars/parameters-optional.yml
33
roles/xmpp_server/molecule/default/host_vars/ldap-server.yml
98
roles/xmpp_server/molecule/default/molecule.yml
2
roles/xmpp_server/molecule/default/playbook.yml
3
52
roles/xmpp_server/molecule/default/prepare.yml
15
109
roles/xmpp_server/molecule/default/tests/test_backup.py
3
1
roles/xmpp_server/molecule/default/tests/test_client.py
3
1
roles/xmpp_server/molecule/default/tests/test_default.py
3
1
roles/xmpp_server/molecule/default/tests/test_mandatory.py
3
1
roles/xmpp_server/molecule/default/tests/test_optional.py
3
1
roles/xmpp_server/tasks/main.yml
4
4
0 comments (0 inline, 0 general)
roles/xmpp_server/defaults/main.yml
Show inline comments
 
---
 

			




	
	
	
		
 
enable_backup: False

			




	
	
	
		
 
enable_backup: false

			




	
	
	
		
 
xmpp_domains:

			




	
	
	
		
 
  - "{{ ansible_domain }}"

			




	
	
	
		
 
xmpp_tls_certificate: "{{ lookup('file', tls_certificate_dir + '/' + ansible_fqdn + '_xmpp.pem') }}"

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/create.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -2,7 +2,7 @@

			




	
	
	
		
 
- name: Create

			




	
	
	
		
 
  hosts: localhost

			




	
	
	
		
 
  connection: local

			




	
	
	
		
 
  gather_facts: False

			




	
	
	
		
 
  gather_facts: false

			




	
	
	
		
 
  no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"

			




	
	
	
		
 
  vars:

			




	
	
	
		
 
    molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/destroy.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -3,7 +3,7 @@

			




	
	
	
		
 
- name: Destroy

			




	
	
	
		
 
  hosts: localhost

			




	
	
	
		
 
  connection: local

			




	
	
	
		
 
  gather_facts: False

			




	
	
	
		
 
  gather_facts: false

			




	
	
	
		
 
  no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"

			




	
	
	
		
 
  vars:

			




	
	
	
		
 
    molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/group_vars/parameters-mandatory.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
new file 100644

			




	
	
	
		
 
---

			




	
	
	
		
 

			




	
	
	
		
 
xmpp_administrators:

			




	
	
	
		
 
  - john.doe@domain1

			




	
	
	
		
 
xmpp_ldap_base_dn: dc=local

			




	
	
	
		
 
xmpp_ldap_password: prosodypassword

			




	
	
	
		
 
xmpp_ldap_server: ldap-server

			




	
	
	
		
 

			




	
	
	
		
 
# Common parameters (general, not role).

			




	
	
	
		
 
tls_certificate_dir: tests/data/x509/

			




	
	
	
		
 
tls_private_key_dir: tests/data/x509/

			




	
	
	
		
 

			




	
	
	
		
 
# common

			




	
	
	
		
 
ca_certificates:

			




	
	
	
		
 
  testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/group_vars/parameters-optional.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
new file 100644

			




	
	
	
		
 
---

			




	
	
	
		
 

			




	
	
	
		
 
xmpp_administrators:

			




	
	
	
		
 
  - jane.doe@domain2

			




	
	
	
		
 
  - mick.doe@domain3

			




	
	
	
		
 
xmpp_domains:

			




	
	
	
		
 
  - domain2

			




	
	
	
		
 
  - domain3

			




	
	
	
		
 
xmpp_ldap_base_dn: dc=local

			




	
	
	
		
 
xmpp_ldap_password: prosodypassword

			




	
	
	
		
 
xmpp_ldap_server: ldap-server

			




	
	
	
		
 
xmpp_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-optional_xmpp.cert.pem') }}"

			




	
	
	
		
 
xmpp_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-optional_xmpp.key.pem') }}"

			




	
	
	
		
 

			




	
	
	
		
 
# Common parameters (general, not role).

			




	
	
	
		
 
tls_certificate_dir: tests/data/x509/

			




	
	
	
		
 
tls_private_key_dir: tests/data/x509/

			




	
	
	
		
 

			




	
	
	
		
 
# common

			




	
	
	
		
 
ca_certificates:

			




	
	
	
		
 
  testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"

			




	
	
	
		
 

			




	
	
	
		
 
# backup_client

			




	
	
	
		
 
enable_backup: true

			




	
	
	
		
 
backup_client_username: bak-parameters-optional

			




	
	
	
		
 
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"

			




	
	
	
		
 
backup_server: backup-server

			




	
	
	
		
 
backup_server_host_ssh_public_keys:

			




	
	
	
		
 
  - "{{ lookup('file', 'tests/data/ssh/server_dsa.pub') }}"

			




	
	
	
		
 
  - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"

			




	
	
	
		
 
  - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"

			




	
	
	
		
 
  - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"

			




	
	
	
		
 
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/host_vars/ldap-server.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
new file 100644

			




	
	
	
		
 
---

			




	
	
	
		
 

			




	
	
	
		
 
# ldap_server role.

			




	
	
	
		
 
ldap_admin_password: admin

			




	
	
	
		
 
ldap_entries:

			




	
	
	
		
 

			




	
	
	
		
 
  # Users

			




	
	
	
		
 
  - dn: uid=john,ou=people,dc=local

			




	
	
	
		
 
    attributes:

			




	
	
	
		
 
      objectClass:

			




	
	
	
		
 
        - inetOrgPerson

			




	
	
	
		
 
        - simpleSecurityObject

			




	
	
	
		
 
      userPassword: johnpassword

			




	
	
	
		
 
      uid: john

			




	
	
	
		
 
      cn: John Doe

			




	
	
	
		
 
      sn: Doe

			




	
	
	
		
 
      mail: john.doe@domain1

			




	
	
	
		
 
  - dn: uid=jane,ou=people,dc=local

			




	
	
	
		
 
    attributes:

			




	
	
	
		
 
      objectClass:

			




	
	
	
		
 
        - inetOrgPerson

			




	
	
	
		
 
        - simpleSecurityObject

			




	
	
	
		
 
      userPassword: janepassword

			




	
	
	
		
 
      uid: jane

			




	
	
	
		
 
      cn: Jane Doe

			




	
	
	
		
 
      sn: Doe

			




	
	
	
		
 
      mail: jane.doe@domain2

			




	
	
	
		
 
  - dn: uid=mick,ou=people,dc=local

			




	
	
	
		
 
    attributes:

			




	
	
	
		
 
      objectClass:

			




	
	
	
		
 
        - inetOrgPerson

			




	
	
	
		
 
        - simpleSecurityObject

			




	
	
	
		
 
      userPassword: mickpassword

			




	
	
	
		
 
      uid: mick

			




	
	
	
		
 
      cn: Mick Doe

			




	
	
	
		
 
      sn: Doe

			




	
	
	
		
 
      mail: mick.doe@domain3

			




	
	
	
		
 

			




	
	
	
		
 
  - dn: uid=noxmpp,ou=people,dc=local

			




	
	
	
		
 
    attributes:

			




	
	
	
		
 
      objectClass:

			




	
	
	
		
 
        - inetOrgPerson

			




	
	
	
		
 
        - simpleSecurityObject

			




	
	
	
		
 
      userPassword: noxmpppassword

			




	
	
	
		
 
      uid: noxmpp

			




	
	
	
		
 
      cn: No XMPP

			




	
	
	
		
 
      sn: XMPP

			




	
	
	
		
 
      mail: noxmpp@domain1

			




	
	
	
		
 

			




	
	
	
		
 
  # Groups

			




	
	
	
		
 
  - dn: "cn=xmpp,ou=groups,dc=local"

			




	
	
	
		
 
    state: append

			




	
	
	
		
 
    attributes:

			




	
	
	
		
 
      uniqueMember:

			




	
	
	
		
 
        - uid=john,ou=people,dc=local

			




	
	
	
		
 
        - uid=jane,ou=people,dc=local

			




	
	
	
		
 
        - uid=mick,ou=people,dc=local

			




	
	
	
		
 

			




	
	
	
		
 
ldap_server_consumers:

			




	
	
	
		
 
  - name: prosody

			




	
	
	
		
 
    password: prosodypassword

			




	
	
	
		
 

			




	
	
	
		
 
ldap_server_domain: "local"

			




	
	
	
		
 
ldap_server_groups:

			




	
	
	
		
 
  - name: xmpp

			




	
	
	
		
 
ldap_server_organization: "Example"

			




	
	
	
		
 
ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.cert.pem') }}"

			




	
	
	
		
 
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.key.pem') }}"

			




	
	
	
		
 

			




	
	
	
		
 
# common

			




	
	
	
		
 
ca_certificates:

			




	
	
	
		
 
  testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"

			




	
	
	
		
 

			




	
	
	
		
 
# ldap_client

			




	
	
	
		
 
ldap_client_config:

			




	
	
	
		
 
  - comment: CA truststore

			




	
	
	
		
 
    option: TLS_CACERT

			




	
	
	
		
 
    value: /etc/ssl/certs/testca.cert.pem

			




	
	
	
		
 
  - comment: Ensure TLS is enforced

			




	
	
	
		
 
    option: TLS_REQCERT

			




	
	
	
		
 
    value: demand

			




	
	
	
		
 
  - comment: Base DN

			




	
	
	
		
 
    option: BASE

			




	
	
	
		
 
    value: dc=local

			




	
	
	
		
 
  - comment: URI

			




	
	
	
		
 
    option: URI

			




	
	
	
		
 
    value: ldapi:///

			




	
	
	
		
 

			




	
	
	
		
 
# backup_server role.

			




	
	
	
		
 
backup_host_ssh_private_keys:

			




	
	
	
		
 
  dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"

			




	
	
	
		
 
  rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"

			




	
	
	
		
 
  ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"

			




	
	
	
		
 
  ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"

			




	
	
	
		
 
backup_clients:

			




	
	
	
		
 
  - server: parameters-optional

			




	
	
	
		
 
    ip: 10.31.127.31

			




	
	
	
		
 
    public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/molecule.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -9,6 +9,8 @@ driver:

			




	
	
	
		
 

			




	
	
	
		
 
lint:

			




	
	
	
		
 
  name: yamllint

			




	
	
	
		
 
  options:

			




	
	
	
		
 
    config-file: ../../.yamllint.yml

			




	
	
	
		
 

			




	
	
	
		
 
platforms:

			




	
	
	
		
 

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/playbook.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
---

			




	
	
	
		
 

			




	
	
	
		
 
- hosts: parameters-mandatory

			




	
	
	
		
 
  become: yes

			




	
	
	
		
 
- hosts: parameters-mandatory,parameters-optional

			




	
	
	
		
 
  become: true

			




	
	
	
		
 
  roles:

			




	
	
	
		
 
    - role: xmpp_server

			




	
	
	
		
 
      xmpp_administrators:

			




	
	
	
		
 
        - john.doe@domain1

			




	
	
	
		
 
      xmpp_ldap_base_dn: dc=local

			




	
	
	
		
 
      xmpp_ldap_password: prosodypassword

			




	
	
	
		
 
      xmpp_ldap_server: ldap-server

			




	
	
	
		
 

			




	
	
	
		
 
      # Common parameters (general, not role).

			




	
	
	
		
 
      tls_certificate_dir: tests/data/x509/

			




	
	
	
		
 
      tls_private_key_dir: tests/data/x509/

			




	
	
	
		
 

			




	
	
	
		
 
      # common

			




	
	
	
		
 
      ca_certificates:

			




	
	
	
		
 
        testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"

			




	
	
	
		
 

			




	
	
	
		
 
- hosts: parameters-optional

			




	
	
	
		
 
  become: yes

			




	
	
	
		
 
  roles:

			




	
	
	
		
 
    - role: xmpp_server

			




	
	
	
		
 
      xmpp_administrators:

			




	
	
	
		
 
        - jane.doe@domain2

			




	
	
	
		
 
        - mick.doe@domain3

			




	
	
	
		
 
      xmpp_domains:

			




	
	
	
		
 
        - domain2

			




	
	
	
		
 
        - domain3

			




	
	
	
		
 
      xmpp_ldap_base_dn: dc=local

			




	
	
	
		
 
      xmpp_ldap_password: prosodypassword

			




	
	
	
		
 
      xmpp_ldap_server: ldap-server

			




	
	
	
		
 
      xmpp_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-optional_xmpp.cert.pem') }}"

			




	
	
	
		
 
      xmpp_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-optional_xmpp.key.pem') }}"

			




	
	
	
		
 

			




	
	
	
		
 
      # Common parameters (general, not role).

			




	
	
	
		
 
      tls_certificate_dir: tests/data/x509/

			




	
	
	
		
 
      tls_private_key_dir: tests/data/x509/

			




	
	
	
		
 

			




	
	
	
		
 
      # common

			




	
	
	
		
 
      ca_certificates:

			




	
	
	
		
 
        testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"

			




	
	
	
		
 

			




	
	
	
		
 
      # backup_client

			




	
	
	
		
 
      enable_backup: yes

			




	
	
	
		
 
      backup_client_username: bak-parameters-optional

			




	
	
	
		
 
      backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"

			




	
	
	
		
 
      backup_server: backup-server

			




	
	
	
		
 
      backup_server_host_ssh_public_keys:

			




	
	
	
		
 
        - "{{ lookup('file', 'tests/data/ssh/server_dsa.pub') }}"

			




	
	
	
		
 
        - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"

			




	
	
	
		
 
        - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"

			




	
	
	
		
 
        - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"

			




	
	
	
		
 
      backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional' ) }}"

			




	
	
	
		
 
    - xmpp_server

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/prepare.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -2,21 +2,21 @@

			




	
	
	
		
 

			




	
	
	
		
 
- name: Prepare

			




	
	
	
		
 
  hosts: all

			




	
	
	
		
 
  gather_facts: False

			




	
	
	
		
 
  gather_facts: false

			




	
	
	
		
 
  tasks:

			




	
	
	
		
 
    - name: Install python for Ansible

			




	
	
	
		
 
      raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)

			




	
	
	
		
 
      become: True

			




	
	
	
		
 
      changed_when: False

			




	
	
	
		
 
      become: true

			




	
	
	
		
 
      changed_when: false

			




	
	
	
		
 

			




	
	
	
		
 
- hosts: all

			




	
	
	
		
 
  become: yes

			




	
	
	
		
 
  become: true

			




	
	
	
		
 
  tasks:

			




	
	
	
		
 

			




	
	
	
		
 
    - name: Update all caches to avoid errors due to missing remote archives

			




	
	
	
		
 
      apt:

			




	
	
	
		
 
        update_cache: yes

			




	
	
	
		
 
      changed_when: False

			




	
	
	
		
 
        update_cache: true

			




	
	
	
		
 
      changed_when: false

			




	
	
	
		
 

			




	
	
	
		
 
    - name: Set-up the hosts file

			




	
	
	
		
 
      lineinfile:

			




	
	
		
 
@@ -34,13 +34,13 @@

			




	
	
	
		
 
        10.31.127.31: "parameters-optional domain2 proxy.domain2 conference.domain2 domain3 proxy.domain3 conference.domain3"

			




	
	
	
		
 

			




	
	
	
		
 
- hosts: client1

			




	
	
	
		
 
  become: yes

			




	
	
	
		
 
  become: true

			




	
	
	
		
 
  tasks:

			




	
	
	
		
 

			




	
	
	
		
 
    - name: Install tool for testing TCP connectivity

			




	
	
	
		
 
      apt:

			




	
	
	
		
 
        name: hping3

			




	
	
	
		
 
        state: installed

			




	
	
	
		
 
        state: present

			




	
	
	
		
 

			




	
	
	
		
 
    - name: Deploy CA certificate

			




	
	
	
		
 
      copy:

			




	
	
		
 
@@ -55,12 +55,12 @@

			




	
	
	
		
 
    - name: Install console-based XMPP client (for interactive testing)

			




	
	
	
		
 
      apt:

			




	
	
	
		
 
        name: mcabber

			




	
	
	
		
 
        state: installed

			




	
	
	
		
 
        state: present

			




	
	
	
		
 

			




	
	
	
		
 
    - name: Install console-based XMPP tool (for non-interactive testing)

			




	
	
	
		
 
      apt:

			




	
	
	
		
 
        name: sendxmpp

			




	
	
	
		
 
        state: installed

			




	
	
	
		
 
        state: present

			




	
	
	
		
 

			




	
	
	
		
 
    - name: Create dedicated group for testing

			




	
	
	
		
 
      group:

			




	
	
		
 
@@ -108,110 +108,16 @@

			




	
	
	
		
 
      command: /usr/sbin/update-ca-certificates --fresh

			




	
	
	
		
 

			




	
	
	
		
 
- hosts: ldap-server

			




	
	
	
		
 
  become: yes

			




	
	
	
		
 
  become: true

			




	
	
	
		
 
  roles:

			




	
	
	
		
 
    - role: ldap_server

			




	
	
	
		
 
      ldap_admin_password: admin

			




	
	
	
		
 
      ldap_entries:

			




	
	
	
		
 

			




	
	
	
		
 
        # Users

			




	
	
	
		
 
        - dn: uid=john,ou=people,dc=local

			




	
	
	
		
 
          attributes:

			




	
	
	
		
 
            objectClass:

			




	
	
	
		
 
              - inetOrgPerson

			




	
	
	
		
 
              - simpleSecurityObject

			




	
	
	
		
 
            userPassword: johnpassword

			




	
	
	
		
 
            uid: john

			




	
	
	
		
 
            cn: John Doe

			




	
	
	
		
 
            sn: Doe

			




	
	
	
		
 
            mail: john.doe@domain1

			




	
	
	
		
 
        - dn: uid=jane,ou=people,dc=local

			




	
	
	
		
 
          attributes:

			




	
	
	
		
 
            objectClass:

			




	
	
	
		
 
              - inetOrgPerson

			




	
	
	
		
 
              - simpleSecurityObject

			




	
	
	
		
 
            userPassword: janepassword

			




	
	
	
		
 
            uid: jane

			




	
	
	
		
 
            cn: Jane Doe

			




	
	
	
		
 
            sn: Doe

			




	
	
	
		
 
            mail: jane.doe@domain2

			




	
	
	
		
 
        - dn: uid=mick,ou=people,dc=local

			




	
	
	
		
 
          attributes:

			




	
	
	
		
 
            objectClass:

			




	
	
	
		
 
              - inetOrgPerson

			




	
	
	
		
 
              - simpleSecurityObject

			




	
	
	
		
 
            userPassword: mickpassword

			




	
	
	
		
 
            uid: mick

			




	
	
	
		
 
            cn: Mick Doe

			




	
	
	
		
 
            sn: Doe

			




	
	
	
		
 
            mail: mick.doe@domain3

			




	
	
	
		
 

			




	
	
	
		
 
        - dn: uid=noxmpp,ou=people,dc=local

			




	
	
	
		
 
          attributes:

			




	
	
	
		
 
            objectClass:

			




	
	
	
		
 
              - inetOrgPerson

			




	
	
	
		
 
              - simpleSecurityObject

			




	
	
	
		
 
            userPassword: noxmpppassword

			




	
	
	
		
 
            uid: noxmpp

			




	
	
	
		
 
            cn: No XMPP

			




	
	
	
		
 
            sn: XMPP

			




	
	
	
		
 
            mail: noxmpp@domain1

			




	
	
	
		
 

			




	
	
	
		
 
        # Groups

			




	
	
	
		
 
        - dn: "cn=xmpp,ou=groups,dc=local"

			




	
	
	
		
 
          state: append

			




	
	
	
		
 
          attributes:

			




	
	
	
		
 
            uniqueMember:

			




	
	
	
		
 
              - uid=john,ou=people,dc=local

			




	
	
	
		
 
              - uid=jane,ou=people,dc=local

			




	
	
	
		
 
              - uid=mick,ou=people,dc=local

			




	
	
	
		
 

			




	
	
	
		
 
      ldap_server_consumers:

			




	
	
	
		
 
        - name: prosody

			




	
	
	
		
 
          password: prosodypassword

			




	
	
	
		
 

			




	
	
	
		
 
      ldap_server_domain: "local"

			




	
	
	
		
 
      ldap_server_groups:

			




	
	
	
		
 
        - name: xmpp

			




	
	
	
		
 
      ldap_server_organization: "Example"

			




	
	
	
		
 
      ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.cert.pem') }}"

			




	
	
	
		
 
      ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.key.pem') }}"

			




	
	
	
		
 

			




	
	
	
		
 
      # common

			




	
	
	
		
 
      ca_certificates:

			




	
	
	
		
 
        testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"

			




	
	
	
		
 

			




	
	
	
		
 
      # ldap_client

			




	
	
	
		
 
      ldap_client_config:

			




	
	
	
		
 
        - comment: CA truststore

			




	
	
	
		
 
          option: TLS_CACERT

			




	
	
	
		
 
          value: /etc/ssl/certs/testca.cert.pem

			




	
	
	
		
 
        - comment: Ensure TLS is enforced

			




	
	
	
		
 
          option: TLS_REQCERT

			




	
	
	
		
 
          value: demand

			




	
	
	
		
 
        - comment: Base DN

			




	
	
	
		
 
          option: BASE

			




	
	
	
		
 
          value: dc=local

			




	
	
	
		
 
        - comment: URI

			




	
	
	
		
 
          option: URI

			




	
	
	
		
 
          value: ldapi:///

			




	
	
	
		
 

			




	
	
	
		
 
    - role: backup_server

			




	
	
	
		
 
      backup_host_ssh_private_keys:

			




	
	
	
		
 
        dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"

			




	
	
	
		
 
        rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"

			




	
	
	
		
 
        ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"

			




	
	
	
		
 
        ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"

			




	
	
	
		
 
      backup_clients:

			




	
	
	
		
 
        - server: parameters-optional

			




	
	
	
		
 
          ip: 10.31.127.31

			




	
	
	
		
 
          public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"

			




	
	
	
		
 
    - ldap_server

			




	
	
	
		
 
    - backup_server

			




	
	
	
		
 

			




	
	
	
		
 
- hosts: parameters-optional

			




	
	
	
		
 
  become: yes

			




	
	
	
		
 
  become: true

			




	
	
	
		
 
  tasks:

			




	
	
	
		
 

			




	
	
	
		
 
    - name: Install console-based XMPP tool (for non-interactive testing)

			




	
	
	
		
 
      apt:

			




	
	
	
		
 
        name: sendxmpp

			




	
	
	
		
 
        state: installed

			




	
	
	
		
 
        state: present

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/tests/test_backup.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
import os

			




	
	
	
		
 

			




	
	
	
		
 
import testinfra.utils.ansible_runner

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(

			




	
	
	
		
 
    '.molecule/ansible_inventory.yml').get_hosts('parameters-optional')

			




	
	
	
		
 
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-optional'])

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_backup(host):

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/tests/test_client.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
import os

			




	
	
	
		
 

			




	
	
	
		
 
import testinfra.utils.ansible_runner

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(

			




	
	
	
		
 
    '.molecule/ansible_inventory.yml').get_hosts('client1')

			




	
	
	
		
 
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['client1'])

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_connectivity(host):

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/tests/test_default.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
import os

			




	
	
	
		
 

			




	
	
	
		
 
import testinfra.utils.ansible_runner

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(

			




	
	
	
		
 
    '.molecule/ansible_inventory.yml').get_hosts(['parameters-mandatory', 'parameters-optional'])

			




	
	
	
		
 
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-mandatory', 'parameters-optional'])

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_installed_packages(host):

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/tests/test_mandatory.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
import os

			




	
	
	
		
 

			




	
	
	
		
 
import testinfra.utils.ansible_runner

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(

			




	
	
	
		
 
    '.molecule/ansible_inventory.yml').get_hosts('parameters-mandatory')

			




	
	
	
		
 
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-mandatory'])

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_prosody_tls_files(host):

			




        

    


    
    

    

        

                

                    roles/xmpp_server/molecule/default/tests/test_optional.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
import os

			




	
	
	
		
 

			




	
	
	
		
 
import testinfra.utils.ansible_runner

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(

			




	
	
	
		
 
    '.molecule/ansible_inventory.yml').get_hosts('parameters-optional')

			




	
	
	
		
 
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-optional'])

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_prosody_tls_files(host):

			




        

    


    
    

    

        

                

                    roles/xmpp_server/tasks/main.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -17,22 +17,22 @@

			




	
	
	
		
 
- name: Install Lua Sec library (needed for TLS)

			




	
	
	
		
 
  apt:

			




	
	
	
		
 
    name: lua-sec

			




	
	
	
		
 
    state: installed

			




	
	
	
		
 
    state: present

			




	
	
	
		
 

			




	
	
	
		
 
- name: Install Lua LDAP library

			




	
	
	
		
 
  apt:

			




	
	
	
		
 
    name: lua-ldap

			




	
	
	
		
 
    state: installed

			




	
	
	
		
 
    state: present

			




	
	
	
		
 

			




	
	
	
		
 
- name: Install Prosody

			




	
	
	
		
 
  apt:

			




	
	
	
		
 
    name: prosody

			




	
	
	
		
 
    state: installed

			




	
	
	
		
 
    state: present

			




	
	
	
		
 

			




	
	
	
		
 
- name: Allow Prosody user to traverse the directory with TLS private keys

			




	
	
	
		
 
  user:

			




	
	
	
		
 
    name: prosody

			




	
	
	
		
 
    append: yes

			




	
	
	
		
 
    append: true

			




	
	
	
		
 
    groups: ssl-cert

			




	
	
	
		
 

			




	
	
	
		
 
- name: Deploy XMPP TLS private key

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.