diff --git a/roles/mail_server/molecule/default/prepare.yml b/roles/mail_server/molecule/default/prepare.yml index d17af227f5c44ae7dd3c4e8d6f5d6b45b0191156..c9823d72283b1eb0647fb900d13625b121cbabae 100644 --- a/roles/mail_server/molecule/default/prepare.yml +++ b/roles/mail_server/molecule/default/prepare.yml @@ -7,13 +7,13 @@ tasks: - name: Initialise CA hierarchy - command: "gimmecert init" + ansible.builtin.command: "gimmecert init" args: creates: ".gimmecert/ca/level1.cert.pem" chdir: "tests/data/" - name: Generate server private keys and certificates - command: + ansible.builtin.command: args: chdir: "tests/data/" creates: ".gimmecert/server/{{ item.name }}.cert.pem" @@ -39,7 +39,7 @@ fqdn: parameters-optional-bookworm - name: Set-up link to generated X.509 material - file: + ansible.builtin.file: src: ".gimmecert" dest: "tests/data/x509" state: link @@ -50,16 +50,16 @@ gather_facts: false tasks: - name: Install python for Ansible - raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3-minimal) + ansible.builtin.raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3-minimal) changed_when: false - name: Update all caches to avoid errors due to missing remote archives - apt: + ansible.builtin.apt: update_cache: true changed_when: false - name: Install tools for testing - apt: + ansible.builtin.apt: name: - gnutls-bin - nmap @@ -71,14 +71,14 @@ tasks: - name: Install system packages for hosting the ClamAV database - apt: + ansible.builtin.apt: name: - nginx - virtualenv state: present - name: Set-up directory for ClamAV database sync tool virtual environment - file: + ansible.builtin.file: path: /var/lib/cvdupdate state: directory owner: vagrant @@ -88,12 +88,12 @@ - name: Create virtual environment for running ClamAV database sync tool become: true become_user: vagrant - command: + ansible.builtin.command: cmd: "/usr/bin/virtualenv --python /usr/bin/python3 --prompt '(cvdupdate) ' /var/lib/cvdupdate" creates: "/var/lib/cvdupdate" - name: Deploy pip requirements file for running the ClamAV database sync tool - copy: + ansible.builtin.copy: src: cvdupdate-requirements.txt dest: /var/lib/cvdupdate/requirements.txt owner: vagrant @@ -103,17 +103,17 @@ - name: Install requirements in the pipreqcheck virtual environment become: true become_user: vagrant - pip: + ansible.builtin.pip: requirements: /var/lib/cvdupdate/requirements.txt virtualenv: /var/lib/cvdupdate - name: Allow traversal of Vagrant directory by the http server user - file: + ansible.builtin.file: path: /vagrant/ mode: "0711" - name: Create directory for storing ClamAV database files - file: + ansible.builtin.file: path: /vagrant/clamav-database state: directory owner: vagrant @@ -125,23 +125,23 @@ # Does not matter in test prepare step. become: true become_user: vagrant - command: "/var/lib/cvdupdate/bin/cvd config set --dbdir /vagrant/clamav-database/" + ansible.builtin.command: "/var/lib/cvdupdate/bin/cvd config set --dbdir /vagrant/clamav-database/" - name: Download/update the ClamAV database files # noqa no-changed-when # [no-changed-when] Commands should not change things if nothing needs doing # Does not matter in test prepare stage. become: true become_user: vagrant - command: "/var/lib/cvdupdate/bin/cvd update" + ansible.builtin.command: "/var/lib/cvdupdate/bin/cvd update" - name: Allow all users to read ClamAV database files - file: + ansible.builtin.file: path: "/vagrant/clamav-database/" mode: "g=u-w,o=u-w" recurse: true - name: Deploy nginx TLS private key - copy: + ansible.builtin.copy: dest: "/etc/ssl/private/nginx_https.key" content: "{{ clamav_database_http_server_tls_key }}" mode: "0640" @@ -151,7 +151,7 @@ - Restart nginx - name: Deploy nginx TLS certificate - copy: + ansible.builtin.copy: dest: "/etc/ssl/certs/nginx_https.pem" content: "{{ clamav_database_http_server_tls_certificate }}" mode: "0644" @@ -161,7 +161,7 @@ - Restart nginx - name: Deploy nginx configuration for serving the ClamAV database files - copy: + ansible.builtin.copy: src: clamav-database-nginx.conf dest: /etc/nginx/sites-available/default owner: root @@ -173,7 +173,7 @@ handlers: - name: Restart nginx - service: + ansible.builtin.service: name: nginx state: restarted @@ -183,7 +183,7 @@ tasks: - name: Enable TLSv1.0+ in global OpenSSL configuration file in order to be able to test the web_server_tls_protocols parameter - blockinfile: + ansible.builtin.blockinfile: path: "/etc/ssl/openssl.cnf" block: | [openssl_init] @@ -201,7 +201,7 @@ state: present - name: Set-up the hosts file - lineinfile: + ansible.builtin.lineinfile: path: /etc/hosts regexp: "^{{ item.key }}" line: "{{ item.key }} {{ item.value }}" @@ -224,7 +224,7 @@ tasks: - name: Install tool for testing SMTP capability - apt: + ansible.builtin.apt: name: swaks state: present @@ -232,17 +232,17 @@ block: - name: Install required system packages - apt: + ansible.builtin.apt: name: python3-venv state: present - name: Set-up dedicated Python virtual environment for running the tool - command: "python3 -m venv /opt/imap-cli" + ansible.builtin.command: "python3 -m venv /opt/imap-cli" args: creates: /opt/imap-cli/bin/python - name: Install IMAP CLI - pip: + ansible.builtin.pip: name: - Imap-CLI==0.7 - six @@ -250,7 +250,7 @@ virtualenv: /opt/imap-cli - name: Set-up symlinks for running the tool - file: + ansible.builtin.file: src: "/opt/imap-cli/bin/{{ item }}" dest: "/usr/local/bin/{{ item }}" owner: root @@ -270,17 +270,17 @@ - imap-cli-list - name: Install tool for testing SIEVE - apt: + ansible.builtin.apt: name: sieve-connect state: present - name: Install tool for testing TCP connectivity - apt: + ansible.builtin.apt: name: hping3 state: present - name: Deploy IMAP CLI configuration - copy: + ansible.builtin.copy: src: "tests/data/{{ item }}" dest: "/home/vagrant/{{ item }}" owner: vagrant @@ -293,7 +293,7 @@ - imapcli-parameters-optional-jane_doe.conf - name: Deploy CA certificate - copy: + ansible.builtin.copy: src: tests/data/x509/ca/level1.cert.pem dest: /usr/local/share/ca-certificates/testca.crt owner: root @@ -306,18 +306,18 @@ block: - name: Install Postfix - apt: + ansible.builtin.apt: name: postfix state: present - name: Purge Exim - apt: + ansible.builtin.apt: name: "exim4*" state: absent purge: true - name: Configure Postfix - template: + ansible.builtin.template: src: "helper_smtp_main.cf.j2" dest: "/etc/postfix/main.cf" owner: root @@ -327,7 +327,7 @@ - Restart Postfix - name: Enable Postfix service - service: + ansible.builtin.service: name: postfix state: started enabled: true @@ -335,12 +335,12 @@ handlers: - name: Update CA certificate cache # noqa no-changed-when - command: /usr/sbin/update-ca-certificates --fresh + ansible.builtin.command: /usr/sbin/update-ca-certificates --fresh # [no-changed-when] Commands should not change things if nothing needs doing # Does not matter in test prepare stage. - name: Restart Postfix - service: + ansible.builtin.service: name: postfix state: restarted @@ -357,7 +357,7 @@ tasks: - name: Create LDAP accounts for testing - ldap_entry: + community.general.ldap_entry: dn: "{{ item.dn }}" objectClass: "{{ item.objectClass }}" attributes: "{{ item.attributes }}" @@ -436,10 +436,10 @@ tasks: - name: Create group for user used for local mail delivery testing - group: + ansible.builtin.group: name: localuser - name: Create user for local mail delivery testing - user: + ansible.builtin.user: name: localuser group: localuser