majic-ansible-roles Changeset

Changeset - 6d46b300aa0b

Parent rev.

Child rev.

[Not reviewed]

0 4 0

Branko Majic (branko) - 4 years ago 2020-05-06 00:50:31
branko@majic.rs

MAR-152: Drop support for Debian 8 Jessie from the backup_server role.

4 files changed with 1 insertions and 36 deletions:

docs/rolereference.rst

roles/backup_server/molecule/default/molecule.yml

roles/backup_server/molecule/default/tests/test_default.py

roles/backup_server/molecule/default/tests/test_parameters_optional.py

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -2146,13 +2146,12 @@ Parameters @@
     SSH public key used by backup client to connect to the backup server.
 **backup_host_ssh_private_keys** (dictionary, mandatory)
   Defines host keys used for the dedicated OpenSSH server instance for
   backup. Key values that must be provided are:
   - **dsa** (only on Debian Jessie)
   - **rsa**
   - **ed25519**
   - **ecdsa**
   Values for each key should be the corresponding private key
   generated using the appropriate algorithm. Keys for this purpose can
@@ @@ -2166,13 +2165,12 @@ Parameters @@
 Distribution compatibility
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 Role is compatible with the following distributions:
 - Debian 8 (Jessie)
 - Debian 9 (Stretch)
 Examples
 ~~~~~~~~

roles/backup_server/molecule/default/molecule.yml

➞

Show inline comments

@@ @@ -11,36 +11,12 @@ lint: @@
   name: yamllint
   options:
     config-file: ../../.yamllint.yml
 platforms:
   - name: parameters-mandatory-jessie64
     groups:
       - parameters-mandatory
     box: debian/contrib-jessie64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.10
         network_name: private_network
         type: static
   - name: parameters-optional-jessie64
     groups:
       - parameters-optional
     box: debian/contrib-jessie64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.11
         network_name: private_network
         type: static
   - name: parameters-mandatory-stretch64
     groups:
       - parameters-mandatory
     box: debian/contrib-stretch64
     memory: 256
     cpus: 1

roles/backup_server/molecule/default/tests/test_default.py

➞

Show inline comments

@@ @@ -77,14 +77,12 @@ def test_backup_ssh_server_configuration(host): @@
     """
     Tests if the backup SSH server configuration file has been set-up correctly.
     """
     with host.sudo():
         ansible_facts = host.ansible("setup")["ansible_facts"]
         config_file = host.file('/etc/ssh-backup/sshd_config')
         assert config_file.is_file
         assert config_file.user == 'root'
         assert config_file.group == 'root'
         assert config_file.mode == 0o600
@@ @@ -95,14 +93,12 @@ def test_backup_ssh_server_configuration(host): @@
         assert "PasswordAuthentication no" in config_file.content
         assert "PubkeyAuthentication yes" in config_file.content
         assert "PermitRootLogin no" in config_file.content
         assert "HostKey /etc/ssh-backup/ssh_host_rsa_key" in config_file.content
         assert "HostKey /etc/ssh-backup/ssh_host_ecdsa_key" in config_file.content
         assert "HostKey /etc/ssh-backup/ssh_host_ed25519_key" in config_file.content
         if ansible_facts['ansible_distribution_release'] == 'jessie':
             assert "HostKey /etc/ssh-backup/ssh_host_dsa_key" in config_file.content
 def test_backup_ssh_server_keys(host):
     """
     Tests if the backup SSH server private keys have been deployed correctly.
     """

roles/backup_server/molecule/default/tests/test_parameters_optional.py

➞

Show inline comments

@@ @@ -210,18 +210,13 @@ def test_backup_ssh_service_connectivity(host): @@
 def test_backup_ssh_service_key_fingerprints(host):
     """
     Tests fingerprints of backup SSH server in order to ensure correct keys are
     in use.
     """
     ansible_facts = host.ansible("setup")["ansible_facts"]
     if ansible_facts['ansible_distribution_release'] == 'jessie':
         key_types = ['ssh-dss', 'ssh-rsa', 'ssh-ed25519', 'ecdsa-sha2-nistp256']
     elif ansible_facts['ansible_distribution_release'] == 'stretch':
         key_types = ['ssh-rsa', 'ssh-ed25519', 'ecdsa-sha2-nistp256']
     key_types = ['ssh-rsa', 'ssh-ed25519', 'ecdsa-sha2-nistp256']
     # Extract first non-IPv6 IP. Crude test, but it should work.
     remote_ip = next(a for a in host.interface("eth1").addresses if ":" not in a)
     local = host.get_host("local://")

0 comments (0 inline, 0 general)