Files
@ 266766821941
Branch filter:
Location: majic-ansible-roles/roles/mail_server/molecule/default/host_vars/ldap-server.yml
266766821941
2.8 KiB
text/x-yaml
MAR-129: Added release note on breaking change in ldap_server role:
- The ldap_entries parameter can't use state "append" - since this was
part of the old m_ldap_entry module implementation.
- The ldap_entries parameter can't use state "append" - since this was
part of the old m_ldap_entry module implementation.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 | ---
# ldap_server role
ldap_admin_password: admin
ldap_entries:
# Users
- dn: uid=john,ou=people,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: johnpassword
uid: john
cn: John Doe
sn: Doe
mail: john.doe@domain1
- dn: uid=jane,ou=people,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: janepassword
uid: jane
cn: Jane Doe
sn: Doe
mail: jane.doe@domain2
- dn: uid=nomail,ou=people,dc=local
attributes:
objectClass:
- inetOrgPerson
- simpleSecurityObject
userPassword: nomailpassword
uid: nomail
cn: No Mail
sn: Mail
mail: nomail@domain1
# Groups
- dn: "cn=mail,ou=groups,dc=local"
state: append
attributes:
uniqueMember:
- uid=john,ou=people,dc=local
- uid=jane,ou=people,dc=local
# Domains
- dn: dc=domain1,ou=domains,ou=mail,ou=services,dc=local
attributes:
objectClass: dNSDomain
dc: domain1
- dn: dc=domain2,ou=domains,ou=mail,ou=services,dc=local
attributes:
objectClass: dNSDomain
dc: domain2
# Aliases
- dn: cn=postmaster@domain1,ou=aliases,ou=mail,ou=services,dc=local
attributes:
objectClass: nisMailAlias
cn: postmaster@domain1
rfc822MailMember: john.doe@domain1
- dn: cn=webmaster@domain2,ou=aliases,ou=mail,ou=services,dc=local
attributes:
objectClass: nisMailAlias
cn: webmaster@domain2
rfc822MailMember: jane.doe@domain2
ldap_server_consumers:
- name: postfix
password: postfixpassword
- name: dovecot
password: dovecotpassword
state: present
ldap_server_domain: "local"
ldap_server_groups:
- name: mail
ldap_server_organization: "Example"
ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/ldap-server_ldap.key.pem') }}"
# common
ca_certificates:
testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
# ldap_client
ldap_client_config:
- comment: CA truststore
option: TLS_CACERT
value: /etc/ssl/certs/testca.cert.pem
- comment: Ensure TLS is enforced
option: TLS_REQCERT
value: demand
- comment: Base DN
option: BASE
value: dc=local
- comment: URI
option: URI
value: ldapi:///
# backup_server role
backup_host_ssh_private_keys:
dsa: "{{ lookup('file', 'tests/data/ssh/server_dsa') }}"
rsa: "{{ lookup('file', 'tests/data/ssh/server_rsa') }}"
ed25519: "{{ lookup('file', 'tests/data/ssh/server_ed25519') }}"
ecdsa: "{{ lookup('file', 'tests/data/ssh/server_ecdsa') }}"
backup_clients:
- server: parameters-optional-j64
ip: 10.31.127.31
public_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional.pub') }}"
|