majic-ansible-roles Changeset

Changeset - 2d7abfa9286a

Parent rev.

Child rev.

[Not reviewed]

0 4 0

Branko Majic (branko) - 2 years ago 2023-11-19 13:10:30
branko@majic.rs

MAR-181: Deploy Prosody modules (in order to use the LDAP authentcation):

- Replaces the rolled-out-by-hand authentication module, making it
less dependent on upstream repository.

4 files changed with 12 insertions and 3 deletions:

docs/releasenotes.rst

roles/xmpp_server/molecule/default/tests/test_default.py

roles/xmpp_server/tasks/main.yml

roles/xmpp_server/templates/prosody_backports_pin.j2

0 comments (0 inline, 0 general)

docs/releasenotes.rst

➞

Show inline comments

@@ @@ -28,12 +28,16 @@ run applications using Debian-only repositories. @@
     project removing older versions of packages or dropping entire
     repository archives for older Debian releases.
   * Prosody package and some of its dependencies are installed from
     Debian backports to get more featureful release installed.
   * Role no longer depends on fetching external Prosody modules from
     project code repository, and instead relies on the prosody-modules
     package for LDAP authentication module.
 .0.0
 -----
 Added support for Debian 10 (Buster), alongside a couple of minor
 changes and features/improvements.

roles/xmpp_server/molecule/default/tests/test_default.py

➞

Show inline comments

@@ @@ -15,12 +15,13 @@ def test_supporting_packages_installed(host): @@
     Tests if all the necessary supporting packages have been
     installed.
     """
     assert host.package('python-apt').is_installed
     assert host.package('lua-ldap').is_installed
     assert host.package('prosody-modules').is_installed
 def test_prosody_user(host):
     """
     Tests if Prosody user has been set-up correctly to access TLS material.
     """
@@ @@ -328,15 +329,17 @@ def test_backports_prosody_pinning(host): @@
     assert pin.is_file
     assert pin.user == "root"
     assert pin.group == "root"
     assert pin.mode == 0o644
     prosody_package = host.package("prosody")
     prosody_modules_package = host.package("prosody-modules")
     lua_ldap_package = host.package("lua-sec")
     assert "bpo" in prosody_package.version
     assert "bpo" in prosody_modules_package.version
     assert "bpo" in lua_ldap_package.version
 # @TODO: Tests which were not implemented due to lack of out-of-box tools:
+#
 # - Proxy capability.

roles/xmpp_server/tasks/main.yml

➞

Show inline comments

@@ @@ -61,15 +61,17 @@ @@
 - name: Remove Prosody project-provided repository
   apt_repository:
     repo: "deb http://packages.prosody.im/debian {{ ansible_distribution_release }} main"
     state: absent
-- name: Install Lua LDAP library
+- name: Install additional Prosody dependencies
   apt:
     name: lua-ldap
     name:
       - lua-ldap
       - prosody-modules
     state: present
   notify:
     - Restart Prosody
 - name: Install Prosody
   apt:

roles/xmpp_server/templates/prosody_backports_pin.j2

➞

Show inline comments

+#
 # Pins Prosody and some related packages to Debian backports in order
 # to get more up-to-date features and bug/security updates.
+#
 Package: prosody lua-sec
+Package: prosody prosody-modules lua-sec
 Pin: release a={{ ansible_distribution_release }}-backports
 Pin-Priority: 600

0 comments (0 inline, 0 general)