Build Windows Templates in RHV
This commit is contained in:
@@ -0,0 +1,124 @@
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
---
|
||||
- hosts: all
|
||||
vars:
|
||||
interface: 802-1x-test
|
||||
tasks:
|
||||
- name: "INIT: 802.1x tests"
|
||||
debug:
|
||||
msg: "##################################################"
|
||||
- include_tasks: tasks/setup_802.1x.yml
|
||||
- block:
|
||||
- name: "TEST: 802.1x profile with private key password and ca cert"
|
||||
debug:
|
||||
msg: "##################################################"
|
||||
- import_role:
|
||||
name: linux-system-roles.network
|
||||
vars:
|
||||
network_connections:
|
||||
- name: "{{ interface }}"
|
||||
interface_name: veth2
|
||||
state: up
|
||||
type: ethernet
|
||||
ip:
|
||||
address:
|
||||
- 203.0.113.2/24
|
||||
dhcp4: "no"
|
||||
auto6: "no"
|
||||
ieee802_1x:
|
||||
identity: myhost
|
||||
eap: tls
|
||||
private_key: /etc/pki/tls/client.key
|
||||
private_key_password: test
|
||||
private_key_password_flags:
|
||||
- none
|
||||
client_cert: /etc/pki/tls/client.pem
|
||||
ca_cert: /etc/pki/tls/cacert.pem
|
||||
- name: "TEST: I can ping the EAP server"
|
||||
command: ping -c1 203.0.113.1
|
||||
- import_role:
|
||||
name: linux-system-roles.network
|
||||
vars:
|
||||
network_connections:
|
||||
- name: "{{ interface }}"
|
||||
persistent_state: absent
|
||||
state: down
|
||||
- name: >-
|
||||
TEST: 802.1x profile with unencrypted private key,
|
||||
domain suffix match, and system ca certs
|
||||
debug:
|
||||
msg: "##################################################"
|
||||
- name: Copy cacert to system truststore
|
||||
copy:
|
||||
src: cacert.pem
|
||||
dest: /etc/pki/ca-trust/source/anchors/cacert.pem
|
||||
mode: 0644
|
||||
- name: Update ca trust
|
||||
command: update-ca-trust
|
||||
- import_role:
|
||||
name: linux-system-roles.network
|
||||
vars:
|
||||
network_connections:
|
||||
- name: "{{ interface }}"
|
||||
interface_name: veth2
|
||||
state: up
|
||||
type: ethernet
|
||||
ip:
|
||||
address:
|
||||
- 203.0.113.2/24
|
||||
dhcp4: "no"
|
||||
auto6: "no"
|
||||
ieee802_1x:
|
||||
identity: myhost
|
||||
eap: tls
|
||||
private_key: /etc/pki/tls/client.key.nocrypt
|
||||
client_cert: /etc/pki/tls/client.pem
|
||||
private_key_password_flags:
|
||||
- not-required
|
||||
system_ca_certs: True
|
||||
domain_suffix_match: example.com
|
||||
- name: "TEST: I can ping the EAP server"
|
||||
command: ping -c1 203.0.113.1
|
||||
- import_role:
|
||||
name: linux-system-roles.network
|
||||
vars:
|
||||
network_connections:
|
||||
- name: "{{ interface }}"
|
||||
persistent_state: absent
|
||||
state: down
|
||||
|
||||
- include_tasks: tasks/test_802.1x_capath.yml
|
||||
always:
|
||||
- block:
|
||||
- import_role:
|
||||
name: linux-system-roles.network
|
||||
vars:
|
||||
network_connections:
|
||||
- name: "{{ interface }}"
|
||||
persistent_state: absent
|
||||
state: down
|
||||
- name: br1
|
||||
persistent_state: absent
|
||||
state: down
|
||||
ignore_errors: true
|
||||
- include_tasks: tasks/cleanup_802_1x_server.yml
|
||||
- name: Remove test certificates
|
||||
file:
|
||||
state: absent
|
||||
path: "/etc/pki/tls/{{ item }}"
|
||||
with_items:
|
||||
- client.key
|
||||
- client.key.nocrypt
|
||||
- client.pem
|
||||
- cacert.pem
|
||||
- name: Remove test CA
|
||||
file:
|
||||
state: absent
|
||||
path: "{{ item }}"
|
||||
with_items:
|
||||
- /etc/pki/tls/my_ca_certs
|
||||
- /etc/pki/ca-trust/source/anchors/cacert.pem
|
||||
- name: Update ca trust
|
||||
command: update-ca-trust
|
||||
tags:
|
||||
- "tests::cleanup"
|
||||
Reference in New Issue
Block a user