majic-ansible-roles Files · roles/bootstrap/tasks/main.yml

Files @ 064760bdc9d5

Branch filter:

Location: majic-ansible-roles/roles/bootstrap/tasks/main.yml

064760bdc9d5 755 B text/x-yaml Show Annotation Show as Raw Download as Raw

branko

MAR-26: Implemented tests and fixes ldap_server role:

- Use static network configuration in order to make it easier to test
connectivity from dedicated client.
- Added client machine for testing firewall.
- Added missing LDAP client configuration on instance used for testing of
mandatory options.
- Fixed name of server for backup testing purposes.
- Expanded a bit the cipher configuration for LDAP server for testing optional
parameters.
- Fixed wrongly populated Debian selections setting for LDAP organisation.
- Use templates for deploying LDAP TLS keys and certificates in order to avoid
Ansible munching the TAB characters.
- Implemented tests covering fully functionality of the role.

---

- name: Install sudo
  apt: name=sudo state=installed

- name: Set-up the Ansible group
  group: name=ansible system=yes

- name: Set-up the Ansible user
  user: name=ansible system=yes group=ansible shell=/bin/bash

- name: Set-up authorized key for the Ansible user
  authorized_key: user=ansible key="{{ ansible_key }}"

- name: Set-up password-less sudo for the ansible user
  copy: src=ansible_sudo dest=/etc/sudoers.d/ansible mode=0640 owner=root group=root

- name: Revoke rights for Ansible user to log-in as root to server via ssh
  authorized_key: user=root key="{{ ansible_key }}" state=absent

- name: Explicitly run all handlers
  include: ../handlers/main.yml
  when: "handlers | default(False) | bool() == True"
  tags:
    - handlers