majic-ansible-roles Files · roles/xmpp_server/molecule/default/group

Files @ ce5eca25c9d7

Branch filter:

Location: majic-ansible-roles/roles/xmpp_server/molecule/default/group_vars/parameters-optional.yml

ce5eca25c9d7 1.4 KiB text/x-yaml Show Annotation Show as Raw Download as Raw

branko

MAR-230: Updated documentation, inline comments, and some tests related to TLS configuration:

- Documentation and comments should be a bit more consistent across
the roles now.
- Try to follow same rule for inclusion of singular TLSv1.2 cipher
across the board in affected tests.

---

xmpp_administrators:
  - jane.doe@domain2
  - mick.doe@domain3
xmpp_domains:
  - domain2
  - domain3
xmpp_ldap_base_dn: dc=local
xmpp_ldap_password: prosodypassword
xmpp_ldap_server: ldap-server
xmpp_server_archive_expiration: "1w"
xmpp_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_xmpp.cert.pem') }}"
xmpp_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_xmpp.key.pem') }}"
xmpp_server_tls_protocol: "tlsv1_3+"
# At least one non-TLSv1.3 cipher has to be included in order to
# ensure TLSv1.3 gets initialised. TLSv1.3 ciphers (TLS_*) are not
# configurable and listed for documentation/reference purposes.
xmpp_server_tls_ciphers: "\
ECDHE-RSA-CHACHA20-POLY1305:\
TLS_AES_128_GCM_SHA256:\
TLS_AES_256_GCM_SHA384:\
TLS_CHACHA20_POLY1305_SHA256:\
!aNULL:!MD5:!EXPORT"

# common
ca_certificates:
  testca: "{{ lookup('file', 'tests/data/x509/ca/level1.cert.pem') }}"

# backup_client
enable_backup: true
backup_client_username: "bak-parameters-optional-{{ ansible_distribution_release }}"
backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
backup_server: backup-server
backup_server_host_ssh_public_keys:
  - "{{ lookup('file', 'tests/data/ssh/server_rsa.pub') }}"
  - "{{ lookup('file', 'tests/data/ssh/server_ed25519.pub') }}"
  - "{{ lookup('file', 'tests/data/ssh/server_ecdsa.pub') }}"
backup_ssh_key: "{{ lookup('file', 'tests/data/ssh/parameters-optional') }}"