Added ipa- prefix to krb5 and sssd roles as these are ansible-freeipa specific

These roles will most likely not work in the common case. Therefore the roles have been renamed. The ipa-krpb5 role is used by ipcalient, but the ipa-sssd role is currently not used.
2026-06-11 19:25:54 +00:00 · 2018-07-17 18:27:54 +02:00
parent eced45bb53
commit 0154f36a69
11 changed files with 2 additions and 2 deletions
--- a/roles/ipa-krb5/templates/krb5.conf.j2
+++ b/roles/ipa-krb5/templates/krb5.conf.j2
@@ -0,0 +1,39 @@
+includedir {{ krb5_conf_d }}
+includedir {{ krb5_include_d }}
+
+[libdefaults]
+  default_realm = {{ krb5_realm | upper }}
+  dns_lookup_realm = {{ krb5_dns_lookup_realm }}
+  dns_lookup_kdc = {{ krb5_dns_lookup_kdc }}
+  rdns = false
+{% if krb5_dns_canonicalize_hostname is defined %}
+  dns_canonicalize_hostname = {{ krb5_dns_canonicalize_hostname }}
+{% endif %}
+  ticket_lifetime = 24h
+  forwardable = true
+  udp_preference_limit = 0
+  default_ccache_name = {{ krb5_default_ccache_name }}
+
+[realms]
+  {{ krb5_realm | upper }} = {
+{% for server in krb5_servers %}
+    kdc = {{ server }}:88
+    master_kdc = {{ server }}:88
+    admin_server = {{ server }}:749
+    kpasswd_server = {{ server }}:464
+{% endfor %}
+{% if krb5_no_default_domain | bool %}
+    default_domain = {{ krb5_realm | lower }}
+{% endif %}
+{% if krb5_pkinit_anchors is defined %}
+    pkinit_anchors = {{ krb5_pkinit_anchors }}
+{% endif %}
+{% if krb5_pkinit_pool is defined %}
+    pkinit_pool = {{ krb5_pkinit_pool }}
+{% endif %}
+  }
+
+[domain_realm]
+  .{{ krb5_realm | lower }} = {{ krb5_realm | upper }}
+  {{ krb5_realm | lower }} = {{ krb5_realm | upper }}
+  {{ ansible_host | lower }} = {{ krb5_realm | upper }}