majic-ansible-roles Files · roles/bootstrap/molecule/default/prepare.yml

Files @ c2f446ec7e2a

Branch filter:

Location: majic-ansible-roles/roles/bootstrap/molecule/default/prepare.yml

c2f446ec7e2a 824 B text/x-yaml Show Annotation Show as Raw Download as Raw

branko

MAR-158: Update default TLS ciphers configuration in the mail_server role:

- Updated the default value for parameter mail_server_tls_ciphers.
- Updated tests, making them explicitly test for enabled and disabled
ciphers.
- Refactored tests for TLS to use nmap ssl-enum-ciphers script for
listing available TLS versions and ciphers.
- Install nmap as part of preparation step.
- Updated role reference documentation.

---

- name: Prepare
  hosts: all
  gather_facts: false
  tasks:
    - name: Install python for Ansible
      raw: test -e /usr/bin/python3 || (apt -y update && apt install -y python3-minimal)
      become: true
      changed_when: false

# Put Ansible key into root's authorized_keys to test its removal.
- hosts: parameters-mandatory
  become: true
  tasks:

    - name: Deploy authorized_keys to mimic set-up via preseed file
      authorized_key:
        user: root
        key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"

# Put Ansible key into root's authorized_keys to test its removal.
- hosts: parameters-optional
  become: true
  tasks:

    - name: Deploy authorized_keys to mimic set-up via preseed file
      authorized_key:
        user: root
        key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"