Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/roles/common/molecule/default/molecule.yml
8d272d91d3d2
2.3 KiB
text/x-yaml
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 | ---
dependency: {}
driver:
name: vagrant
provider:
name: virtualbox
lint:
name: yamllint
options:
config-file: ../../.yamllint.yml
platforms:
- name: helper
box: debian/contrib-stretch64
memory: 512
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.2
network_name: private_network
type: static
- name: client1-stretch64
groups:
- client
- client-allowed
box: debian/contrib-stretch64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.3
network_name: private_network
type: static
- name: client2-stretch64
groups:
- client
- client-disallowed
box: debian/contrib-stretch64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.4
network_name: private_network
type: static
- name: parameters-mandatory-stretch64
groups:
- parameters-mandatory
box: debian/contrib-stretch64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.11
network_name: private_network
type: static
- name: parameters-optional-stretch64
groups:
- parameters-optional
box: debian/contrib-stretch64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.12
network_name: private_network
type: static
- name: parameters-mandatory-buster64
groups:
- parameters-mandatory
box: debian/contrib-buster64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.21
network_name: private_network
type: static
- name: parameters-optional-buster64
groups:
- parameters-optional
box: debian/contrib-buster64
memory: 256
cpus: 1
interfaces:
- auto_config: true
ip: 10.31.127.22
network_name: private_network
type: static
provisioner:
name: ansible
playbooks:
cleanup: cleanup.yml
config_options:
defaults:
force_valid_group_names: "ignore"
interpreter_python: "/usr/bin/python3"
ssh_connection:
pipelining: "True"
lint:
name: ansible-lint
scenario:
name: default
verifier:
name: testinfra
lint:
name: flake8
|