* Deploy the requirement files used for upgrade checks to correct

    location when using Python 3. Previously the files would get

    deployed to directory dedicated to Python 2 version, which means

    the checks would be performed using Python 2 instead of Python 3.

**New features/improvements:**

* Tests have been updated to work with latest Molecule/Testinfra as

  part of the Ansible upgrade process.

* X.509 artefacts used during testing are now generated on the fly

  using `Gimmecert <https://gimmecert.readthedocs.io/>`_.

* ``mail_forwader`` role

  * The role now supports specifying the maximum mail message size

    limit for the SMTP server to accept via

    ``mail_message_size_limit`` role parameter.

* ``mail_server`` role

  * The role now supports specifying the maximum mail message size

    limit for the SMTP server to accept via

    ``mail_message_size_limit`` role parameter.

**Deprecations:**

* ``backup_server`` and ``backup_client`` role

  * Officially dropped support for DSA keys (this was mainly remnant

    from Debian 8 Jessie support, on Debian 9 Stretch and upwards the

    DSA keys were not supported at all).

4.0.0

-----

A couple of smaller bug-fixes, and introduction of (minor) breaking

change related to handling of pip requirements upgrade checks in the

``common`` role (see below).

Breaking changes:

* ``common`` role:

  * Added separate parameter (``pip_check_requirements_py3``) for

    specifying dedicated Python 3 virtual environment package

    requirements used for package upgrade checks on (other

    user-provided) Python 3 virtual environments. If the existing

    assert backports_version_suffix in lua_ldap.version

def test_prosody_configuration_validity(host):

    """

    Tests the Prosody configuration file using the 'prosodyctl check'

    command.

    """

    with host.sudo():

        check_config = host.run("prosodyctl check config")

    assert check_config.rc == 0, check_config.stdout

def test_enabled_modules(host):

    """

    Tests if correct modules have been enabled.

    """

    expected_modules = [

        "admin_adhoc",

        "announce",

        "dialback",

        "disco",

        "legacyauth",

        "pep",

        "ping",

        "posix",

        "private",

        "register",

        "roster",

        "saslauth",

        "time",

        "tls",

        "uptime",

        "vcard",

        "version",

    ]

    with host.sudo():

        module_list_command = host.run("/usr/local/bin/list_prosody_modules.lua")

    enabled_modules = sorted(module_list_command.stdout.strip().splitlines())

    assert enabled_modules == expected_modules

-- Additional paths to search for modules.

plugin_paths = { "/usr/local/lib/prosody/modules/" }

-- List of server administrators.

admins = { {% for admin in xmpp_administrators %}"{{ admin }}", {% endfor %} }

-- List of modules to load on startup.

modules_enabled = {

  -- Generally required

    "roster"; -- Allow users to have a roster. Recommended ;)

    "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.

    "tls"; -- Add support for secure TLS on c2s/s2s connections

    "dialback"; -- s2s dialback support

    "disco"; -- Service discovery

    "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.

  -- Not essential, but recommended

    "private"; -- Private XML storage (for room bookmarks, etc.)

    "vcard"; -- Allow users to set vCards

  -- Nice to have

    "version"; -- Replies to server version requests

    "uptime"; -- Report how long server has been running

    "time"; -- Let others know the time here on this server

    "ping"; -- Replies to XMPP pings with pongs

    "pep"; -- Enables users to publish their mood, activity, playing music and more

    "register"; -- Allow users to register on this server using a client and change passwords

  -- Admin interfaces

    "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands

  -- Other specific functionality

    "announce"; -- Send announcement to all online users

    "legacyauth"; -- Allow legacy authentication and SSL

};

-- Disable account creation by default, for security

-- For more information see http://prosody.im/doc/creating_accounts

allow_registration = false;

-- These are the SSL/TLS-related settings. If you don't want

-- to use SSL/TLS, you may comment or remove this