internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-06-11 19:25:54 +00:00
Code Issues Projects Releases Wiki Activity

New sssd role

Browse Source
This commit is contained in:
Thomas Woerner
2017-08-24 12:36:51 +02:00
parent 44e4ee7459
commit 3ae2a51c08
5 changed files with 88 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
roles/sssd/templates/sssd.conf.j2 Normal file
View File

@@ -0,0 +1,34 @@
[domain/{{ sssd_domains }}]
cache_credentials = {{ sssd_cache_credentials }}
krb5_store_password_if_offline = {{ sssd_krb5_store_password_if_offline }}
ipa_domain = {{ sssd_domains }}
id_provider = {{ sssd_id_provider }}
auth_provider = {{ sssd_auth_provider }}
access_provider = {{ sssd_access_provider }}
ipa_hostname = {{ ansible_host }}
chpass_provider = {{ sssd_chpass_provider }}
{% if sssd_on_master %}
ipa_server = {{ sssd_ipa_servers | join(", ") }}
ipa_server_mode = True
{% else %}
{% if sssd_domains != ansible_domain %}
dns_discovery_domain = sssd_domains
{% endif %}
ipa_server = _srv_, {{ sssd_ipa_servers | join(", ")}}
{% endif %}
ldap_tls_cacert = /etc/ipa/ca.crt
{% if sssd_on_master %}
{% set sssd_services = sssd_services + ", ifp" %}
{% endif %}
[sssd]
services = {{ sssd_services }}
domains = {{ sssd_domains }}
{% for service in sssd_services.split(',') %}
[{{ service | trim }}]
{% if service | trim == "nss" %}
homedir_substring = /home
{% endif %}
{% endfor %}