* ``xmpp_server`` role

  * Drop dependency on the external (Prosody) package

    repository. Install everything using official Debian

    repositories. This should help avoid future issues with Prosody

    project removing older versions of packages or dropping entire

    repository archives for older Debian releases.

  * Prosody package and some of its dependencies are installed from

    Debian backports to get more featureful release installed.

6.0.0

-----

Added support for Debian 10 (Buster), alongside a couple of minor

changes and features/improvements.

**Breaking changes:**

* ``ldap_server`` role

  * Use 2048-bit Diffie-Hellman parameters for relevant TLS

testinfra_hosts += testinfra.utils.ansible_runner.AnsibleRunner(

    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('deprecated')

def test_supporting_packages_installed(host):

    """

    Tests if all the necessary supporting packages have been

    installed.

    """

    assert host.package('python-apt').is_installed

    assert host.package('lua-ldap').is_installed

def test_prosody_user(host):

    """

    Tests if Prosody user has been set-up correctly to access TLS material.

    """

    assert 'ssl-cert' in host.user('prosody').groups

def test_prosody_modules_directory(host):

    """

    """

    Tests if the backports pin for Prosody has been deployed correctly.

    """

    pin = host.file("/etc/apt/preferences.d/prosody")

    assert pin.is_file

    assert pin.user == "root"

    assert pin.group == "root"

    assert pin.mode == 0o644

    prosody_package = host.package("prosody")

    lua_ldap_package = host.package("lua-sec")

    assert "bpo" in prosody_package.version

    assert "bpo" in lua_ldap_package.version

# @TODO: Tests which were not implemented due to lack of out-of-box tools:

#

# - Proxy capability.

# - MUC.

# - Server administration through XMPP.

  apt_key:

    id: "{{ item }}"

    state: absent

  with_items:

    - "107D65A0A148C237FDF00AB47393D7E674D9DBB5"

    - "44AB6DD06DA46979CFAF997F9B1B82786C8F28BA"

- name: Remove Prosody project-provided repository

  apt_repository:

    repo: "deb http://packages.prosody.im/debian {{ ansible_distribution_release }} main"

    state: absent

  apt:

    state: present

  notify:

    - Restart Prosody

- name: Install Prosody

  apt:

    name: prosody

    state: present

  notify:

    - Restart Prosody

- name: Allow Prosody user to traverse the directory with TLS private keys

#

# Pins Prosody and some related packages to Debian backports in order

# to get more up-to-date features and bug/security updates.

#

Pin: release a={{ ansible_distribution_release }}-backports

Pin-Priority: 600