- ---
- host_fqdn: '{{ ansible_hostname }}.dmz.{{ domain }}'
-
- ldap_domain: '{{ domain }}'
- ldap_organization: '{{ organization }}'
- ldap_check_tree: true
- ldap_tls_enabled: true
-
- ldap_syncrepl_is_consumer: false
- ldap_syncrepl_is_provider: false
- ldap_syncrepl_target_providers: []
-
- ldap_tls_server_ca: '{{ tls_intermediate_server_ca }}'
- ldap_tls_user_ca: '{{ tls_intermediate_user_ca }}'
-
- ldap_server_accounts:
- - 'projects.dmz.{{ domain }}'
- - 'login.dmz.{{ domain }}'
- - 'nextcloud.dmz.{{ domain }}'
- - 'matrix.dmz.{{ domain }}'
- - 'status.dmz.{{ domain }}'
- - 'etherpad.dmz.{{ domain }}'
-
- ldap_groups_name:
- - 'admin'
-
- ldap_groups_posix:
- stduser: 5000
- user_sites: 900
-
- ldap_users_admin:
- test_admin:
- password: 'pippopippo'
- sn: 'Test Admin User'
- mail: 'admin@zolfa.nl'
- authorizedServices:
- - 'icinga2'
-
- ldap_users_common:
- test_user:
- password: 'pippopippo'
- sn: 'Utente Pippo'
- mail: 'pippo@zolfa.nl'
- authorizedServices:
- - 'nextcloud'
- - 'matrix'
- - 'gitlab'
- - 'etherpad'
- - 'icinga2'
-
- ldap_basedn: 'dc={{ ldap_domain.replace(".", ",dc=") }}'
- ldap_x509_suffix: >-
- {% for k, v in x509_subj_prefix.items()|reverse %}{{k|lower}}={{v}}{{ ',' if not loop.last }}{% endfor %}
- ...
|
