mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-03-26 21:33:05 +00:00
ipa[server,replica]: Calm down ansible and yaml lint in ansible-galaxy
This commit is contained in:
Thomas Woerner
@@ -36,11 +36,13 @@
|
||||
- name: Install - Replica installation test
|
||||
ipareplica_test:
|
||||
### basic ###
|
||||
#dm_password: "{{ ipadm_password | default(omit) }}"
|
||||
#password: "{{ ipaadmin_password | default(omit) }}"
|
||||
# dm_password: "{{ ipadm_password | default(omit) }}"
|
||||
# password: "{{ ipaadmin_password | default(omit) }}"
|
||||
ip_addresses: "{{ ipareplica_ip_addresses | default([]) }}"
|
||||
domain: "{{ ipareplica_domain | default(ipaserver_domain) | default(omit) }}"
|
||||
servers: "{{ groups.ipaservers | default(groups.ipaserver) | default(omit) }}"
|
||||
domain: "{{ ipareplica_domain | default(ipaserver_domain) |
|
||||
default(omit) }}"
|
||||
servers: "{{ groups.ipaservers | default(groups.ipaserver) |
|
||||
default(omit) }}"
|
||||
realm: "{{ ipareplica_realm | default(omit) }}"
|
||||
hostname: "{{ ipareplica_hostname | default(ansible_fqdn) }}"
|
||||
ca_cert_files: "{{ ipareplica_ca_cert_files | default([]) }}"
|
||||
@@ -83,15 +85,8 @@
|
||||
ipaclient_realm: "{{ result_ipareplica_test.realm }}"
|
||||
ipaclient_servers: ["{{ result_ipareplica_test.server }}"]
|
||||
ipaclient_hostname: "{{ result_ipareplica_test.hostname }}"
|
||||
#ipaclient_keytab: "{{ ipaclient_keytab }}"
|
||||
#ipaclient_mkhomedir: "{{ ipaclient_mkhomedir }}"
|
||||
#ipaclient_force_join: "{{ ipaclient_force_join }}"
|
||||
##ipaclient_no_ntp: "{{ ipaclient_no_ntp }}"
|
||||
ipaclient_no_ntp: "{{ result_ipareplica_test.ipa_python_version < 40690 }}"
|
||||
#ipaclient_ssh_trust_dns: "{{ ipaclient_ssh_trust_dns }}"
|
||||
##ipaclient_no_ssh: "{{ ipaclient_no_ssh }}"
|
||||
##ipaclient_no_sshd: "{{ ipaclient_no_sshd }}"
|
||||
##ipaclient_no_dns_sshfp: "{{ ipaclient_no_dns_sshfp }}"
|
||||
ipaclient_no_ntp: "{{ result_ipareplica_test.ipa_python_version
|
||||
< 40690 }}"
|
||||
ipaclient_install_packages: "{{ ipareplica_install_packages }}"
|
||||
when: not result_ipareplica_test.client_enrolled
|
||||
|
||||
@@ -173,7 +168,8 @@
|
||||
### server ###
|
||||
setup_kra: "{{ result_ipareplica_test.setup_kra }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
installer_ccache: "{{ result_ipareplica_prepare.installer_ccache }}"
|
||||
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
|
||||
@@ -189,7 +185,8 @@
|
||||
- name: Install - Set dirman password
|
||||
no_log: yes
|
||||
set_fact:
|
||||
ipareplica_dirman_password: "{{ result_ipareplica_master_password.password }}"
|
||||
ipareplica_dirman_password:
|
||||
"{{ result_ipareplica_master_password.password }}"
|
||||
|
||||
- name: Install - Setup certmonger
|
||||
ipareplica_setup_certmonger:
|
||||
@@ -234,7 +231,8 @@
|
||||
_subject_base: "{{ result_ipareplica_prepare._subject_base }}"
|
||||
dirman_password: "{{ ipareplica_dirman_password }}"
|
||||
config_setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_ca_host_name: "{{ result_ipareplica_prepare.config_ca_host_name }}"
|
||||
config_ips: "{{ result_ipareplica_prepare.config_ips }}"
|
||||
register: result_ipareplica_install_ca_certs
|
||||
@@ -280,7 +278,8 @@
|
||||
_subject_base: "{{ result_ipareplica_prepare._subject_base }}"
|
||||
dirman_password: "{{ ipareplica_dirman_password }}"
|
||||
config_setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_ca_host_name: "{{ result_ipareplica_prepare.config_ca_host_name }}"
|
||||
config_ips: "{{ result_ipareplica_prepare.config_ips }}"
|
||||
register: result_ipareplica_setup_ds
|
||||
@@ -310,7 +309,8 @@
|
||||
secondary_rid_base: "{{ ipareplica_secondary_rid_base | default(omit) }}"
|
||||
### additional ###
|
||||
server: "{{ result_ipareplica_test.server }}"
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
installer_ccache: "{{ result_ipareplica_prepare.installer_ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
@@ -334,7 +334,8 @@
|
||||
### certificate system ###
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_pkinit_pkcs12_info: "{{ result_ipareplica_prepare._pkinit_pkcs12_info }}"
|
||||
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
|
||||
@@ -349,7 +350,8 @@
|
||||
### certificate system ###
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
_ca_file: "{{ result_ipareplica_prepare._ca_file }}"
|
||||
@@ -368,7 +370,8 @@
|
||||
### certificate system ###
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_ca_host_name: "{{ result_ipareplica_prepare.config_ca_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
@@ -387,7 +390,8 @@
|
||||
### certificate system ###
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
_ca_file: "{{ result_ipareplica_prepare._ca_file }}"
|
||||
@@ -404,7 +408,8 @@
|
||||
### certificate system ###
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
_ca_file: "{{ result_ipareplica_prepare._ca_file }}"
|
||||
@@ -431,8 +436,10 @@
|
||||
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
|
||||
dirman_password: "{{ ipareplica_dirman_password }}"
|
||||
config_setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_ca_host_name: "{{ result_ipareplica_install_ca_certs.config_ca_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_ca_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_ca_host_name }}"
|
||||
config_ips: "{{ result_ipareplica_prepare.config_ips }}"
|
||||
when: result_ipareplica_prepare._ca_enabled
|
||||
|
||||
@@ -442,11 +449,12 @@
|
||||
setup_ca: "{{ ipareplica_setup_ca }}"
|
||||
setup_kra: "{{ result_ipareplica_test.setup_kra }}"
|
||||
no_pkinit: "{{ ipareplica_no_pkinit }}"
|
||||
#no_ui_redirect: "{{ ipareplica_no_ui_redirect }}"
|
||||
# no_ui_redirect: "{{ ipareplica_no_ui_redirect }}"
|
||||
### certificate system ###
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
_ca_file: "{{ result_ipareplica_prepare._ca_file }}"
|
||||
@@ -465,7 +473,8 @@
|
||||
### certificate system ###
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
_ca_file: "{{ result_ipareplica_prepare._ca_file }}"
|
||||
@@ -498,7 +507,8 @@
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
server: "{{ result_ipareplica_test.server }}"
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
installer_ccache: "{{ result_ipareplica_prepare.installer_ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
@@ -522,11 +532,12 @@
|
||||
### certificate system ###
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_install_ca_certs.config_master_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
_ca_file: "{{ result_ipareplica_prepare._ca_file }}"
|
||||
#_pkinit_pkcs12_info: "{{ result_ipareplica_prepare._pkinit_pkcs12_info }}"
|
||||
# _pkinit_pkcs12_info: "{{ result_ipareplica_prepare._pkinit_pkcs12_info }}"
|
||||
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
|
||||
dirman_password: "{{ ipareplica_dirman_password }}"
|
||||
|
||||
@@ -540,7 +551,8 @@
|
||||
### certificate system ###
|
||||
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
|
||||
### additional ###
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_ca_host_name: "{{ result_ipareplica_prepare.config_ca_host_name }}"
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
|
||||
@@ -560,7 +572,8 @@
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
|
||||
config_setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
|
||||
- name: Install - Promote openldap.conf
|
||||
ipareplica_promote_openldap_conf:
|
||||
@@ -572,7 +585,8 @@
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
|
||||
config_setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
|
||||
- name: Install - Setup DNS
|
||||
ipareplica_setup_dns:
|
||||
@@ -585,13 +599,16 @@
|
||||
### dns ###
|
||||
zonemgr: "{{ ipareplica_zonemgr | default(omit) }}"
|
||||
forwarders: "{{ ipareplica_forwarders | default([]) }}"
|
||||
forward_policy: "{{ result_ipareplica_prepare.forward_policy if result_ipareplica_prepare.forward_policy is not none else omit }}"
|
||||
forward_policy: "{{ result_ipareplica_prepare.forward_policy if
|
||||
result_ipareplica_prepare.forward_policy is
|
||||
not none else omit }}"
|
||||
no_dnssec_validation: "{{ ipareplica_no_dnssec_validation }}"
|
||||
### additional ###
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
|
||||
setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
|
||||
- name: Install - Setup adtrust
|
||||
ipareplica_setup_adtrust:
|
||||
@@ -607,13 +624,16 @@
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
|
||||
setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
adtrust_netbios_name: "{{ result_ipareplica_prepare.adtrust_netbios_name }}"
|
||||
adtrust_reset_netbios_name: "{{ result_ipareplica_prepare.adtrust_reset_netbios_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
adtrust_netbios_name:
|
||||
"{{ result_ipareplica_prepare.adtrust_netbios_name }}"
|
||||
adtrust_reset_netbios_name:
|
||||
"{{ result_ipareplica_prepare.adtrust_reset_netbios_name }}"
|
||||
when: result_ipareplica_test.setup_adtrust
|
||||
|
||||
#- name: Install - Disconnect backend
|
||||
# ipareplica_backend_disconnect:
|
||||
# - name: Install - Disconnect backend
|
||||
# ipareplica_backend_disconnect:
|
||||
|
||||
- name: Install - Enable IPA
|
||||
ipareplica_enable_ipa:
|
||||
@@ -624,7 +644,8 @@
|
||||
ccache: "{{ result_ipareplica_prepare.ccache }}"
|
||||
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
|
||||
setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
|
||||
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
config_master_host_name:
|
||||
"{{ result_ipareplica_prepare.config_master_host_name }}"
|
||||
register: result_ipareplica_enable_ipa
|
||||
|
||||
- name: Install - Cleanup root IPA cache
|
||||
@@ -633,4 +654,6 @@
|
||||
state: absent
|
||||
when: result_ipareplica_enable_ipa.changed
|
||||
|
||||
when: not ansible_check_mode and not (result_ipareplica_test.client_already_configured is defined or result_ipareplica_test.server_already_configured is defined)
|
||||
when: not ansible_check_mode and
|
||||
not (result_ipareplica_test.client_already_configured is defined or
|
||||
result_ipareplica_test.server_already_configured is defined)
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
---
|
||||
- block:
|
||||
- name: Verify Python3 import
|
||||
script: py3test.py
|
||||
@@ -13,7 +14,8 @@
|
||||
|
||||
- name: Fail for IPA 4.5.90
|
||||
fail: msg="You need to install python2 bindings for ipa server usage"
|
||||
when: result_py3test.rc != 0 and "not usable with python3" in result_py3test.stdout
|
||||
when: result_py3test.rc != 0 and "not usable with python3" in
|
||||
result_py3test.stdout
|
||||
|
||||
- name: Set python interpreter to 2
|
||||
set_fact:
|
||||
|
||||
@@ -1,22 +1,26 @@
|
||||
---
|
||||
# tasks to uninstall IPA replica
|
||||
|
||||
#- name: Uninstall - Include Python2/3 import test
|
||||
# import_tasks: "{{ role_path }}/tasks/python_2_3_test.yml"
|
||||
# - name: Uninstall - Include Python2/3 import test
|
||||
# import_tasks: "{{ role_path }}/tasks/python_2_3_test.yml"
|
||||
|
||||
- name: Uninstall - Uninstall IPA replica
|
||||
command: >
|
||||
/usr/sbin/ipa-server-install
|
||||
--uninstall
|
||||
-U
|
||||
{{ "--ignore-topology-disconnect" if ipareplica_ignore_topology_disconnect | bool else "" }}
|
||||
{{ "--ignore-last-of-role" if ipareplica_ignore_last_of_role | bool else "" }}
|
||||
{{ "--ignore-topology-disconnect" if
|
||||
ipareplica_ignore_topology_disconnect | bool else "" }}
|
||||
{{ "--ignore-last-of-role" if ipareplica_ignore_last_of_role | bool
|
||||
else "" }}
|
||||
register: result_uninstall
|
||||
# 2 means that uninstall failed because IPA replica was not configured
|
||||
failed_when: result_uninstall.rc != 0 and "'Env' object has no attribute 'basedn'" not in result_uninstall.stderr
|
||||
#IPA server is not configured on this system" not in result_uninstall.stdout_lines
|
||||
#changed_when: result_uninstall.rc == 0
|
||||
#until: result_uninstall.rc == 0
|
||||
failed_when: result_uninstall.rc != 0 and "'Env' object
|
||||
has no attribute 'basedn'" not in result_uninstall.stderr
|
||||
# IPA server is not configured on this system" not in
|
||||
# result_uninstall.stdout_lines
|
||||
# changed_when: result_uninstall.rc == 0
|
||||
# until: result_uninstall.rc == 0
|
||||
retries: 2
|
||||
delay: 1
|
||||
|
||||
@@ -30,8 +34,8 @@
|
||||
failed_when: False
|
||||
delegate_to: "{{ groups.ipaserver[0] | default(fail) }}"
|
||||
|
||||
#- name: Remove IPA replica packages
|
||||
# package:
|
||||
# name: "{{ item }}"
|
||||
# state: absent
|
||||
# with_items: "{{ ipareplica_packages }}"
|
||||
# - name: Remove IPA replica packages
|
||||
# package:
|
||||
# name: "{{ item }}"
|
||||
# state: absent
|
||||
# with_items: "{{ ipareplica_packages }}"
|
||||
|
||||
@@ -111,7 +111,8 @@
|
||||
- name: Install - Use new master password
|
||||
no_log: yes
|
||||
set_fact:
|
||||
ipaserver_master_password: "{{ result_ipaserver_master_password.password }}"
|
||||
ipaserver_master_password:
|
||||
"{{ result_ipaserver_master_password.password }}"
|
||||
|
||||
when: ipaserver_master_password is undefined
|
||||
|
||||
@@ -120,7 +121,7 @@
|
||||
### basic ###
|
||||
dm_password: "{{ ipadm_password }}"
|
||||
password: "{{ ipaadmin_password }}"
|
||||
#ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
domain: "{{ result_ipaserver_test.domain }}"
|
||||
realm: "{{ result_ipaserver_test.realm }}"
|
||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||
@@ -155,30 +156,31 @@
|
||||
|
||||
- name: Install - Setup NTP
|
||||
ipaserver_setup_ntp:
|
||||
when: not ipaclient_no_ntp | bool and (ipaserver_external_cert_files is undefined or ipaserver_external_cert_files|length < 1)
|
||||
when: not ipaclient_no_ntp | bool and (ipaserver_external_cert_files
|
||||
is undefined or ipaserver_external_cert_files|length < 1)
|
||||
|
||||
- name: Install - Setup DS
|
||||
ipaserver_setup_ds:
|
||||
dm_password: "{{ ipadm_password }}"
|
||||
password: "{{ ipaadmin_password }}"
|
||||
#master_password: "{{ ipaserver_master_password }}"
|
||||
# master_password: "{{ ipaserver_master_password }}"
|
||||
domain: "{{ result_ipaserver_test.domain }}"
|
||||
realm: "{{ result_ipaserver_test.realm | default(omit) }}"
|
||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||
#ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
#reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
||||
#setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
||||
#setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
||||
#setup_dns: "{{ ipaserver_setup_dns }}"
|
||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
# reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
||||
# setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
||||
# setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
||||
# setup_dns: "{{ ipaserver_setup_dns }}"
|
||||
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
|
||||
#no_host_dns: "{{ result_ipaserver_test.no_host_dns }}"
|
||||
# no_host_dns: "{{ result_ipaserver_test.no_host_dns }}"
|
||||
dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
|
||||
dirsrv_cert_files: "{{ ipaserver_dirsrv_cert_files | default([]) }}"
|
||||
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
|
||||
subject_base: "{{ result_ipaserver_test.subject_base }}"
|
||||
ca_subject: "{{ result_ipaserver_test.ca_subject }}"
|
||||
#no_reverse: "{{ ipaserver_no_reverse }}"
|
||||
#auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
||||
# no_reverse: "{{ ipaserver_no_reverse }}"
|
||||
# auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
||||
no_pkinit: "{{ result_ipaserver_test.no_pkinit }}"
|
||||
no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
|
||||
idstart: "{{ result_ipaserver_test.idstart }}"
|
||||
@@ -192,7 +194,7 @@
|
||||
domain: "{{ result_ipaserver_test.domain }}"
|
||||
realm: "{{ result_ipaserver_test.realm }}"
|
||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||
#ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
||||
setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
||||
setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
||||
@@ -221,7 +223,7 @@
|
||||
dm_password: "{{ ipadm_password }}"
|
||||
password: "{{ ipaadmin_password }}"
|
||||
master_password: "{{ ipaserver_master_password }}"
|
||||
#ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
domain: "{{ result_ipaserver_test.domain }}"
|
||||
realm: "{{ result_ipaserver_test.realm }}"
|
||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||
@@ -243,7 +245,8 @@
|
||||
_subject_base: "{{ result_ipaserver_test._subject_base }}"
|
||||
ca_subject: "{{ result_ipaserver_test.ca_subject }}"
|
||||
_ca_subject: "{{ result_ipaserver_test._ca_subject }}"
|
||||
ca_signing_algorithm: "{{ ipaserver_ca_signing_algorithm | default(omit) }}"
|
||||
ca_signing_algorithm: "{{ ipaserver_ca_signing_algorithm |
|
||||
default(omit) }}"
|
||||
reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
||||
no_reverse: "{{ ipaserver_no_reverse }}"
|
||||
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
||||
@@ -262,7 +265,7 @@
|
||||
domain: "{{ result_ipaserver_test.domain }}"
|
||||
realm: "{{ result_ipaserver_test.realm }}"
|
||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||
#ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
||||
reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
||||
setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
||||
setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
||||
@@ -318,7 +321,8 @@
|
||||
secondary_rid_base: "{{ result_ipaserver_test.secondary_rid_base }}"
|
||||
### additional ###
|
||||
adtrust_netbios_name: "{{ result_ipaserver_test.adtrust_netbios_name }}"
|
||||
adtrust_reset_netbios_name: "{{ result_ipaserver_test.adtrust_reset_netbios_name }}"
|
||||
adtrust_reset_netbios_name:
|
||||
"{{ result_ipaserver_test.adtrust_reset_netbios_name }}"
|
||||
when: result_ipaserver_test.setup_adtrust
|
||||
|
||||
- name: Install - Set DS password
|
||||
@@ -346,25 +350,27 @@
|
||||
ipaclient_on_master: yes
|
||||
ipaclient_domain: "{{ result_ipaserver_test.domain }}"
|
||||
ipaclient_realm: "{{ result_ipaserver_test.realm }}"
|
||||
ipaclient_servers: [ "{{ result_ipaserver_test.hostname }}" ]
|
||||
ipaclient_servers: ["{{ result_ipaserver_test.hostname }}"]
|
||||
ipaclient_hostname: "{{ result_ipaserver_test.hostname }}"
|
||||
ipaclient_no_ntp: "{{ 'true' if result_ipaserver_test.ipa_python_version >= 40690 else 'false' }}"
|
||||
ipaclient_no_ntp:
|
||||
"{{ 'true' if result_ipaserver_test.ipa_python_version >= 40690
|
||||
else 'false' }}"
|
||||
ipaclient_install_packages: "{{ ipaserver_install_packages }}"
|
||||
|
||||
#- name: Install - Setup client
|
||||
# command: >
|
||||
# /usr/sbin/ipa-client-install
|
||||
# --unattended
|
||||
# --on-master
|
||||
# --domain "{{ result_ipaserver_test.domain }}"
|
||||
# --realm "{{ result_ipaserver_test.realm }}"
|
||||
# --server "{{ result_ipaserver_test.hostname }}"
|
||||
# --hostname "{{ result_ipaserver_test.hostname }}"
|
||||
# {{ "--mkhomedir" if ipaclient_mkhomedir | bool else "" }}
|
||||
# # {{ "--no-dns-sshfp" if ipaclient_no_dns_sshfp | bool else "" }}
|
||||
# # {{ "--ssh-trust-dns" if ipaclient_ssh_trust_dns | bool else "" }}
|
||||
# # {{ "--no-ssh" if ipaclient_no_ssh | bool else "" }}
|
||||
# # {{ "--no-sshd" if ipaclient_no_sshd | bool else "" }}
|
||||
# - name: Install - Setup client
|
||||
# command: >
|
||||
# /usr/sbin/ipa-client-install
|
||||
# --unattended
|
||||
# --on-master
|
||||
# --domain "{{ result_ipaserver_test.domain }}"
|
||||
# --realm "{{ result_ipaserver_test.realm }}"
|
||||
# --server "{{ result_ipaserver_test.hostname }}"
|
||||
# --hostname "{{ result_ipaserver_test.hostname }}"
|
||||
# {{ "--mkhomedir" if ipaclient_mkhomedir | bool else "" }}
|
||||
# # {{ "--no-dns-sshfp" if ipaclient_no_dns_sshfp | bool else "" }}
|
||||
# # {{ "--ssh-trust-dns" if ipaclient_ssh_trust_dns | bool else "" }}
|
||||
# # {{ "--no-ssh" if ipaclient_no_ssh | bool else "" }}
|
||||
# # {{ "--no-sshd" if ipaclient_no_sshd | bool else "" }}
|
||||
|
||||
- name: Install - Enable IPA
|
||||
ipaserver_enable_ipa:
|
||||
@@ -398,4 +404,7 @@
|
||||
{{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
|
||||
when: ipaserver_setup_firewalld | bool
|
||||
|
||||
when: not ansible_check_mode and not (not result_ipaserver_test.changed and (result_ipaserver_test.client_already_configured is defined or result_ipaserver_test.server_already_configured is defined))
|
||||
when: not ansible_check_mode and not
|
||||
(not result_ipaserver_test.changed and
|
||||
(result_ipaserver_test.client_already_configured is defined or
|
||||
result_ipaserver_test.server_already_configured is defined))
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
---
|
||||
- block:
|
||||
- name: Verify Python3 import
|
||||
script: py3test.py
|
||||
@@ -13,7 +14,8 @@
|
||||
|
||||
- name: Fail for IPA 4.5.90
|
||||
fail: msg="You need to install python2 bindings for ipa server usage"
|
||||
when: result_py3test.rc != 0 and "not usable with python3" in result_py3test.stdout
|
||||
when: result_py3test.rc != 0 and "not usable with python3"
|
||||
in result_py3test.stdout
|
||||
|
||||
- name: Set python interpreter to 2
|
||||
set_fact:
|
||||
|
||||
@@ -1,23 +1,24 @@
|
||||
---
|
||||
# tasks to uninstall IPA server
|
||||
|
||||
#- name: Uninstall - Include Python2/3 import test
|
||||
# import: "{{ role_path }}/tasks/python_2_3_test.yml"
|
||||
# - name: Uninstall - Include Python2/3 import test
|
||||
# import: "{{ role_path }}/tasks/python_2_3_test.yml"
|
||||
|
||||
- name: Uninstall - Uninstall IPA server
|
||||
command: >
|
||||
/usr/sbin/ipa-server-install
|
||||
--uninstall
|
||||
-U
|
||||
{{ '--ignore-topology-disconnect' if ipaserver_ignore_topology_disconnect | bool else '' }}
|
||||
{{ '--ignore-topology-disconnect' if ipaserver_ignore_topology_disconnect
|
||||
| bool else '' }}
|
||||
{{ '--ignore-last-of-role' if ipaserver_ignore_last_of_role | bool else ''}}
|
||||
register: uninstall
|
||||
# 1 means that uninstall failed because IPA server was not configured
|
||||
failed_when: uninstall.rc != 0 and uninstall.rc != 1
|
||||
changed_when: uninstall.rc == 0
|
||||
|
||||
#- name: Remove IPA server packages
|
||||
# package:
|
||||
# name: "{{ item }}"
|
||||
# state: absent
|
||||
# with_items: "{{ ipaserver_packages }}"
|
||||
# - name: Remove IPA server packages
|
||||
# package:
|
||||
# name: "{{ item }}"
|
||||
# state: absent
|
||||
# with_items: "{{ ipaserver_packages }}"
|
||||
|
||||
Reference in New Issue
Block a user