LILiK
/
lilik_playbook
5
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Playbooks to a new Lilik
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
228 Commits
12 Branches
967 KiB
Tree: c2a578f2d6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c2a578f2d6'
${ noResults }
lilik_playbook/roles/ldap/tasks/main.yaml

112 lines
2.6 KiB
Raw Normal View History

move service task and handler to a separate role (see ansible issue 23389, 20603, 15902)
8 years ago
add nscd package to ldap task
8 years ago
move service task and handler to a separate role (see ansible issue 23389, 20603, 15902)
8 years ago
Some playbooks full of joy.
9 years ago
fix destroy container and ldap role
9 years ago
Some playbooks full of joy.
9 years ago
store ldap secret
7 years ago
fix destroy container and ldap role
9 years ago
update ldap playbook
9 years ago
store ldap secret
7 years ago
fix destroy container and ldap role
9 years ago
store ldap secret
7 years ago
update ldap playbook
9 years ago
move service task and handler to a separate role (see ansible issue 23389, 20603, 15902) Resolves #13
8 years ago
huge refactoring on services
9 years ago
update ldap playbook
9 years ago
fix service handler name in ldap role
8 years ago
add memberof to ldap
8 years ago
LDAP playbook updates, default tree.
9 years ago
fix service handler name in ldap role
8 years ago
update ldap playbook
9 years ago
 
  1. - include_role:

  2.     name: service

  3.   vars:

  4.     service_name: nscd

  5.     service_packages: nscd

  6. 

  7. - name: configure OpenLDAP (domain)

  8.   debconf:

  9.       name: 'slapd'

  10.       question: 'slapd/domain'

  11.       vtype: 'string'

  12.       value: '{{ ldap_domain }}'

  13. - name: configure OpenLDAP (configure)

  14.   debconf:

  15.       name: 'slapd'

  16.       question: 'slapd/dump_database'

  17.       vtype: 'string'

  18.       value: 'when needed'

  19. - name: configure OpenLDAP (organization)

  20.   debconf:

  21.       name: 'slapd'

  22.       question: 'shared/organization'

  23.       vtype: 'string'

  24.       value: '{{ ldap_organization }}'

  25. 

  26. - name: slurp slap secret file

  27.   slurp:

  28.     src: /etc/slapd.secret

  29.   register: slapdsecret

  30.   failed_when: false

  31.   changed_when: false

  32. 

  33. - set_fact:

  34.     slapd_passwd: "{{ slapdsecret['content'] | b64decode }}"

  35.   when: '"content" in slapdsecret'

  36. 

  37. - block:

  38.   - name: generate admin password

  39.     gen_passwd: length=20

  40.     register: new_passwd

  41. 

  42.   - name: store slapd secret

  43.     copy:

  44.       content : "{{ new_passwd.passwd }}"

  45.       dest: /etc/slapd.secret

  46. 

  47.   - set_fact:

  48.       slapd_passwd: "{{ new_passwd.passwd }}"

  49.   when: 'not "content" in slapdsecret'

  50. 

  51. - name: configure OpenLDAP (password1)

  52.   debconf:

  53.       name: 'slapd'

  54.       question: 'slapd/password1'

  55.       vtype: 'string'

  56.       value: '{{ slapd_passwd }}'

  57. - name: configure OpenLDAP (password2)

  58.   debconf:

  59.       name: 'slapd'

  60.       question: 'slapd/password2'

  61.       vtype: 'string'

  62.       value: '{{ slapd_passwd }}'

  63. - name: configure phamm-ldap

  64.   debconf:

  65.       name: 'phamm-ldap'

  66.       question: 'phamm-ldap/init_base_ldap'

  67.       vtype: 'boolean'

  68.       value: false

  69. - include_role:

  70.     name: service

  71.   vars:

  72.     service_name: slapd

  73.     service_packages:

  74.         - slapd

  75.         - ldap-utils

  76.         - phamm-ldap

  77.         - sudo

  78. - name: upload slapd config

  79.   template:

  80.       src: slapd.conf.j2

  81.       dest: "/etc/ldap/slapd.conf"

  82. - name: update slapd config

  83.   shell: slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d

  84.   args:

  85.       creates: "/etc/ldap/slapd.d/cn=config/cn=schema/cn={4}phamm.ldif"

  86.   become: true

  87.   become_method: sudo

  88.   become_user: openldap

  89.   notify: restart slapd

  90. 

  91. - name: fix missing memberOf module load

  92.   lineinfile:

  93.     dest: /etc/ldap/slapd.d/cn=config/cn=module{0}.ldif

  94.     line: "olcModuleLoad: {1}memberof"

  95.   notify: restart slapd

  96. - name: upload default tree

  97.   template:

  98.     dest=/etc/ldap/default_tree.ldif

  99.     src=default_tree.ldif.j2

  100.     owner=root

  101.     group=root

  102.     mode=0400

  103.   register: upload_default_tree

  104. - name: create default tree

  105.   shell: slapadd -l /etc/ldap/default_tree.ldif

  106.   when: upload_default_tree.changed

  107.   notify: restart slapd

  108. - name: enable OpenLDAP server

  109.   service:

  110.       name: 'slapd'

  111.       enabled: true

  112.       state: started