internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity

ipaserver: Drop unused test file install_cache

Browse Source
This commit is contained in:
Thomas Woerner
2018-01-29 17:22:46 +01:00
parent cce86d09ef
commit 4228ae7d80
1 changed files with 0 additions and 566 deletions
Download Patch File Download Diff File Expand all files Collapse all files

566
roles/ipaserver/tasks/install_cache.yml
View File

@@ -1,566 +0,0 @@
---
# tasks file for ipaserver
- name: Install - Install IPA server package
package:
name: "{{ item }}"
state: present
with_items: "{{ ipaserver_packages }}"
- name: Install - Install packages for dns
package:
name: "{{ item }}"
state: present
with_items: "{{ ipaserver_packages_dns }}"
when: ipaserver_setup_dns | bool
- name: Install - Install packages for adtrust
package:
name: "{{ item }}"
state: present
with_items: "{{ ipaserver_packages_adtrust }}"
when: ipaserver_setup_adtrust | bool
- name: Install - Include Python2/3 import test
include: "{{role_path}}/tasks/python_2_3_test.yml"
static: yes
- name: Install - Server load cache
ipaserver_load_cache:
dm_password: "{{ ipaserver_dm_password }}"
register: ipaserver_cache
- name: Install - Server apply cache
set_fact:
### basic ###
ipaserver_master_password: "{{ ipaserver_cache.master_password | default(omit) }}"
ipaserver_password: "{{ ipaserver_cache.admin_password | default(omit) }}"
ipaserver_ip_addresses: "{{ ipaserver_cache.ip_addresses | default(omit) }}"
ipaserver_domain: "{{ ipaserver_cache.domain_name | default(omit) }}"
ipaserver_realm: "{{ ipaserver_cache.realm_name | default(omit) }}"
ipaserver_hostname: "{{ ipaserver_cache.host_name | default(omit) }}"
ipaserver_ca_cert_files: "{{ ipaserver_cache.ca_cert_files | default(omit) }}"
ipaserver_no_host_dns: "{{ ipaserver_cache.no_host_dns | default(omit) }}"
### server ###
ipaserver_setup_adtrust: "{{ ipaserver_cache.setup_adtrust | default(omit) }}"
ipaserver_setup_kra: "{{ ipaserver_cache.setup_kra | default(omit) }}"
ipaserver_setup_dns: "{{ ipaserver_cache.setup_dns | default(omit) }}"
ipaserver_idstart: "{{ ipaserver_cache.idstart | default(omit) }}"
ipaserver_idmax: "{{ ipaserver_cache.idmax | default(omit) }}"
ipaserver_no_hbac_allow: "{{ ipaserver_cache.no_hbac_allow | default(omit) }}"
ipaserver_no_pkinit: "{{ ipaserver_cache.no_pkinit | default(omit) }}"
ipaserver_no_ui_redirect: "{{ ipaserver_cache.no_ui_redirect | default(omit) }}"
ipaserver_dirsrv_config_file: "{{ ipaserver_cache.dirsrv_config_file | default(omit) }}"
### ssl certificate ###
ipaserver_dirsrv_cert_files: "{{ ipaserver_cache.dirsrv_cert_files | default(omit) }}"
ipaserver_http_cert_files: "{{ ipaserver_cache.http_cert_files | default(omit) }}"
ipaserver_pkinit_cert_files: "{{ ipaserver_cache.pkinit_cert_files | default(omit) }}"
ipaserver_dirsrv_pin: "{{ ipaserver_cache.dirsrv_pin | default(omit) }}"
ipaserver_http_pin: "{{ ipaserver_cache.http_pin | default(omit) }}"
ipaserver_pkinit_pin: "{{ ipaserver_cache.pkinit_pin | default(omit) }}"
ipaserver_dirsrv_name: "{{ ipaserver_cache.dirsrv_name | default(omit) }}"
ipaserver_http_name: "{{ ipaserver_cache.http_name | default(omit) }}"
ipaserver_pkinit_name: "{{ ipaserver_cache.pkinit_name | default(omit) }}"
### client ###
ipaserver_mkhomedir: "{{ ipaserver_cache.mkhomedir | default(omit) }}"
ipaserver_no_ntp: "{{ ipaserver_cache.no_ntp | default(omit) }}"
ipaserver_ssh_trust_dns: "{{ ipaserver_cache.ssh_trust_dns | default(omit) }}"
ipaserver_no_ssh: "{{ ipaserver_cache.no_ssh | default(omit) }}"
ipaserver_no_sshd: "{{ ipaserver_cache.no_sshd | default(omit) }}"
ipaserver_no_dns_sshfp: "{{ ipaserver_cache.no_dns_sshfp | default(omit) }}"
### certificate system ###
ipaserver_external_ca: "{{ ipaserver_cache.external_ca | default(omit) }}"
ipaserver_external_ca_type: "{{ ipaserver_cache.external_ca_type | default(omit) }}"
ipaserver_external_cert_files: "{{ ipaserver_cache.external_cert_files | default(omit) }}"
ipaserver_subject_base: "{{ ipaserver_cache.subject_base | default(omit) }}"
ipaserver_ca_subject: "{{ ipaserver_cache.ca_subject | default(omit) }}"
ipaserver_ca_signing_algorithm: "{{ ipaserver_cache.ca_signing_algorithm | default(omit) }}"
### dns ###
ipaserver_allow_zone_overlap: "{{ ipaserver_cache.allow_zone_overlap | default(omit) }}"
ipaserver_reverse_zones: "{{ ipaserver_cache.reverse_zones | default(omit) }}"
ipaserver_no_reverse: "{{ ipaserver_cache.no_reverse | default(omit) }}"
ipaserver_auto_reverse: "{{ ipaserver_cache.auto_reverse | default(omit) }}"
ipaserver_zonemgr: "{{ ipaserver_cache.zonemgr | default(omit) }}"
ipaserver_forwarders: "{{ ipaserver_cache.forwarders | default(omit) }}"
ipaserver_no_forwarders: "{{ ipaserver_cache.no_forwarders | default(omit) }}"
ipaserver_auto_forwarders: "{{ ipaserver_cache.auto_forwarders | default(omit) }}"
ipaserver_forward_policy: "{{ ipaserver_cache.forward_policy | default(omit) }}"
ipaserver_no_dnssec_validation: "{{ ipaserver_cache.no_dnssec_validation | default(omit) }}"
### ad trust ###
ipaserver_enable_compat: "{{ ipaserver_cache.enable_compat | default(omit) }}"
ipaserver_netbios_name: "{{ ipaserver_cache.netbios_name | default(omit) }}"
ipaserver_rid_base: "{{ ipaserver_cache.rid_base | default(omit) }}"
ipaserver_secondary_rid_base: "{{ ipaserver_cache.secondary_rid_base | default(omit) }}"
### additional ###
ipaserver_allow_repair: "{{ ipaserver_cache.allow_repair | default(omit) }}"
ipaserver_domainlevel: "{{ ipaserver_cache.domainlevel | default(omit) }}"
ipaserver__subject_base: "{{ ipaserver_cache._subject_base | default(omit) }}"
ipaserver__ca_subject: "{{ ipaserver_cache._ca_subject | default(omit) }}"
ipaserver__hostname_overridden: "{{ ipaserver_cache._hostname_overridden | default(omit) }}"
ipaserver_setup_ca: "{{ ipaserver_cache.setup_ca | default(omit) }}"
ipaserver__installation_cleanup: "{{ ipaserver_cache._installation_cleanup | default(omit) }}"
ipaserver__dirsrv_pkcs12_file: "{{ ipaserver_cache._dirsrv_pkcs12_file | default(omit) }}"
ipaserver__dirsrv_pkcs12_info: "{{ ipaserver_cache._dirsrv_pkcs12_info | default(omit) }}"
ipaserver__dirsrv_ca_cert: "{{ ipaserver_cache._dirsrv_ca_cert | default(omit) }}"
ipaserver__http_pkcs12_file: "{{ ipaserver_cache._http_pkcs12_file | default(omit) }}"
ipaserver__http_pkcs12_info: "{{ ipaserver_cache._http_pkcs12_info | default(omit) }}"
ipaserver__http_ca_cert: "{{ ipaserver_cache._http_ca_cert | default(omit) }}"
ipaserver__pkinit_pkcs12_file: "{{ ipaserver_cache._pkinit_pkcs12_file | default(omit) }}"
ipaserver__pkinit_pkcs12_info: "{{ ipaserver_cache._pkinit_pkcs12_info | default(omit) }}"
ipaserver__pkinit_ca_cert: "{{ ipaserver_cache._pkinit_ca_cert | default(omit) }}"
when: ipaserver_cache.changed
- name: Install - Server installation test
ipaserver_test:
### basic ###
dm_password: "{{ ipaserver_dm_password }}"
password: "{{ ipaserver_password }}"
master_password: "{{ ipaserver_master_password | default(omit) }}"
ip_addresses: "{{ ipaserver_ip_addresses | default([]) }}"
domain: "{{ ipaserver_domain | default(omit) }}"
realm: "{{ ipaserver_realm | default(omit) }}"
hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
ca_cert_files: "{{ ipaserver_ca_cert_files | default(omit) }}"
# no_host_dns: "{{ ipaserver_no_host_dns }}"
### server ###
setup_adtrust: "{{ ipaserver_setup_adtrust }}"
setup_kra: "{{ ipaserver_setup_kra }}"
setup_dns: "{{ ipaserver_setup_dns }}"
idstart: "{{ ipaserver_idstart | default(omit) }}"
idmax: "{{ ipaserver_idmax | default(omit) }}"
# no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
no_pkinit: "{{ ipaserver_no_pkinit }}"
# no_ui_redirect: "{{ ipaserver_no_ui_redirect }}"
dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
### ssl certificate ###
dirsrv_cert_files: "{{ ipaserver_dirsrv_cert_files | default([]) }}"
http_cert_files: "{{ ipaserver_http_cert_files | default([]) }}"
pkinit_cert_files: "{{ ipaserver_pkinit_cert_files | default([]) }}"
# dirsrv_pin
# http_pin
# pkinit_pin
# dirsrv_name
# http_name
# pkinit_name
### client ###
# mkhomedir
no_ntp: "{{ ipaserver_no_ntp }}"
# ssh_trust_dns
# no_ssh
# no_sshd
# no_dns_sshfp
### certificate system ###
external_ca: "{{ ipaserver_external_ca }}"
external_ca_type: "{{ ipaserver_external_ca_type | default(omit) }}"
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
subject_base: "{{ ipaserver_subject_base | default(omit) }}"
ca_subject: "{{ ipaserver_ca_subject | default(omit) }}"
# ca_signing_algorithm
### dns ###
allow_zone_overlap: "{{ ipaserver_allow_zone_overlap }}"
reverse_zones: "{{ ipaserver_reverse_zones | default([]) }}"
no_reverse: "{{ ipaserver_no_reverse }}"
auto_reverse: "{{ ipaserver_auto_reverse }}"
zonemgr: "{{ ipaserver_zonemgr | default(omit) }}"
forwarders: "{{ ipaserver_forwarders | default([]) }}"
no_forwarders: "{{ ipaserver_no_forwarders }}"
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
forward_policy: "{{ ipaserver_forward_policy | default(omit) }}"
no_dnssec_validation: "{{ ipaserver_no_dnssec_validation }}"
### ad trust ###
enable_compat: "{{ ipaserver_enable_compat }}"
netbios_name: "{{ ipaserver_netbios_name | default(omit) }}"
rid_base: "{{ ipaserver_rid_base | default(omit) }}"
secondary_rid_base: "{{ ipaserver_secondary_rid_base | default(omit) }}"
### additional ###
allow_repair: "{{ ipaserver_allow_repair }}"
register: ipaserver_test
#- name: Install - Server apply test results
# set_fact:
# #ipaserver_setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
# #ipaserver_setup_kra: "{{ ipaserver_test.setup_kra }}"
# #ipaserver_setup_ca: "{{ ipaserver_test.setup_ca }}"
# #ipaserver_reverse_zones: "{{ ipaserver_test.reverse_zones }}"
# #ipaserver_forwarders: "{{ ipaserver_test.forwarders }}"
# #ipaserver_subject_base: "{{ ipaserver_test.subject_base }}"
# #ipaserver_ca_subject: "{{ ipaserver_test.ca_subject }}"
# #ipaserver__subject_base: "{{ ipaserver_test._subject_base }}"
# #ipaserver__ca_subject: "{{ ipaserver_test._ca_subject }}"
# #ipaserver__hostname_overridden: "{{ ipaserver_test._hostname_overridden }}"
# #ipaserver__installation_cleanup: "{{ ipaserver_test._installation_cleanup }}"
# #ipaserver__dirsrv_pkcs12_file: "{{ ipaserver_test._dirsrv_pkcs12_file }}"
# #ipaserver__dirsrv_pkcs12_info: "{{ ipaserver_test._dirsrv_pkcs12_info }}"
# #ipaserver__dirsrv_ca_cert: "{{ ipaserver_test._dirsrv_ca_cert }}"
# #ipaserver__http_pkcs12_file: "{{ ipaserver_test._http_pkcs12_file }}"
# #ipaserver__http_pkcs12_info: "{{ ipaserver_test._http_pkcs12_info }}"
# #ipaserver__http_ca_cert: "{{ ipaserver_test._http_ca_cert }}"
# #ipaserver__pkinit_pkcs12_file: "{{ ipaserver_test._pkinit_pkcs12_file }}"
# #ipaserver__pkinit_pkcs12_info: "{{ ipaserver_test._pkinit_pkcs12_info }}"
# #ipaserver__pkinit_ca_cert: "{{ ipaserver_test._pkinit_ca_cert }}"
# when: ipaserver_test.changed
- block:
- block:
- name: Install - Master password creation
no_log: yes
ipaserver_master_password:
dm_password: "{{ ipaserver_dm_password }}"
master_password: "{{ ipaserver_master_password | default(omit) }}"
register: ipaserver_master_password
- name: Install - Use new master password
no_log: yes
set_fact:
ipaserver_master_password: "{{ ipaserver_master_password.value }}"
when: ipaserver_master_password is undefined
- name: Install - Server preparation
ipaserver_prepare:
### basic ###
dm_password: "{{ ipaserver_dm_password }}"
password: "{{ ipaserver_password }}"
# master_password
#ip_addresses: "{{ ipaserver_ip_addresses | default([]) }}"
domain: "{{ ipaserver_domain | default(omit) }}"
realm: "{{ ipaserver_realm | default(omit) }}"
hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
ca_cert_files: "{{ ipaserver_ca_cert_files | default(omit) }}"
# no_host_dns: "{{ ipaserver_no_host_dns }}"
### server ###
setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
setup_kra: "{{ ipaserver_test.setup_kra }}"
setup_dns: "{{ ipaserver_setup_dns }}"
idstart: "{{ ipaserver_idstart | default(omit) }}"
idmax: "{{ ipaserver_idmax | default(omit) }}"
# no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
no_pkinit: "{{ ipaserver_no_pkinit }}"
# no_ui_redirect: "{{ ipaserver_no_ui_redirect }}"
dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
### ssl certificate ###
dirsrv_cert_files: "{{ ipaserver_dirsrv_cert_files | default([]) }}"
http_cert_files: "{{ ipaserver_http_cert_files | default([]) }}"
pkinit_cert_files: "{{ ipaserver_pkinit_cert_files | default([]) }}"
# dirsrv_pin
# http_pin
# pkinit_pin
# dirsrv_name
# http_name
# pkinit_name
### client ###
# mkhomedir
no_ntp: "{{ ipaserver_no_ntp }}"
# ssh_trust_dns
# no_ssh
# no_sshd
# no_dns_sshfp
### certificate system ###
external_ca: "{{ ipaserver_external_ca }}"
external_ca_type: "{{ ipaserver_external_ca_type | default(omit) }}"
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
subject_base: "{{ ipaserver_test.subject_base | default(omit) }}"
ca_subject: "{{ ipaserver_test.ca_subject | default(omit) }}"
# ca_signing_algorithm
### dns ###
allow_zone_overlap: "{{ ipaserver_allow_zone_overlap }}"
reverse_zones: "{{ ipaserver_reverse_zones | default([]) }}"
no_reverse: "{{ ipaserver_no_reverse }}"
auto_reverse: "{{ ipaserver_auto_reverse }}"
zonemgr: "{{ ipaserver_zonemgr | default(omit) }}"
forwarders: "{{ ipaserver_test.forwarders | default([]) }}"
no_forwarders: "{{ ipaserver_no_forwarders }}"
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
forward_policy: "{{ ipaserver_forward_policy | default(omit) }}"
no_dnssec_validation: "{{ ipaserver_no_dnssec_validation }}"
### ad trust ###
enable_compat: "{{ ipaserver_enable_compat }}"
netbios_name: "{{ ipaserver_netbios_name | default(omit) }}"
rid_base: "{{ ipaserver_rid_base | default(omit) }}"
secondary_rid_base: "{{ ipaserver_secondary_rid_base | default(omit) }}"
_hostname_overridden: "{{ ipaserver_test._hostname_overridden | default(omit) }}"
when: ipaserver_foo is defined
- name: Install - Server preparation
ipaserver_prepare:
dm_password: "{{ ipaserver_dm_password }}"
password: "{{ ipaserver_password }}"
domain: "{{ ipaserver_test.domain }}"
realm: "{{ ipaserver_test.realm }}"
hostname: "{{ ipaserver_test.hostname }}"
##ip_addresses: "{{ ipaserver_test.ip_addresses }}"
reverse_zones: "{{ ipaserver_test.reverse_zones }}"
setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
setup_kra: "{{ ipaserver_test.setup_kra }}"
setup_dns: "{{ ipaserver_setup_dns }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
no_host_dns: "{{ ipaserver_test.no_host_dns }}"
subject_base: "{{ ipaserver_test.subject_base }}"
ca_subject: "{{ ipaserver_test.ca_subject }}"
no_reverse: "{{ ipaserver_no_reverse }}"
auto_reverse: "{{ ipaserver_auto_reverse }}"
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
#no_pkinit: "{{ ipaserver_test.no_pkinit }}"
_hostname_overridden: "{{ ipaserver_test._hostname_overridden }}"
register: ipaserver_prepare
- name: Install - Setup NTP
ipaserver_setup_ntp:
when: not ipaserver_no_ntp | bool and (ipaserver_external_cert_files is undefined or ipaserver_external_cert_files|length < 1)
- name: Install - Setup DS
ipaserver_setup_ds:
dm_password: "{{ ipaserver_dm_password }}"
password: "{{ ipaserver_password }}"
#master_password: "{{ ipaserver_master_password }}"
domain: "{{ ipaserver_test.domain }}"
realm: "{{ ipaserver_test.realm | default(omit) }}"
hostname: "{{ ipaserver_test.hostname }}"
#ip_addresses: "{{ ipaserver_test.ip_addresses }}"
#reverse_zones: "{{ ipaserver_test.reverse_zones }}"
#setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
#setup_kra: "{{ ipaserver_test.setup_kra }}"
#setup_dns: "{{ ipaserver_setup_dns }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
#no_host_dns: "{{ ipaserver_test.no_host_dns }}"
subject_base: "{{ ipaserver_test.subject_base }}"
ca_subject: "{{ ipaserver_test.ca_subject }}"
#no_reverse: "{{ ipaserver_no_reverse }}"
#auto_forwarders: "{{ ipaserver_auto_forwarders }}"
no_pkinit: "{{ ipaserver_test.no_pkinit }}"
no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
idstart: "{{ ipaserver_test.idstart }}"
idmax: "{{ ipaserver_test.idmax }}"
- name: Install - Setup KRB
ipaserver_setup_krb:
dm_password: "{{ ipaserver_dm_password }}"
password: "{{ ipaserver_password }}"
master_password: "{{ ipaserver_master_password }}"
domain: "{{ ipaserver_test.domain }}"
realm: "{{ ipaserver_test.realm }}"
hostname: "{{ ipaserver_test.hostname }}"
#ip_addresses: "{{ ipaserver_test.ip_addresses }}"
reverse_zones: "{{ ipaserver_test.reverse_zones }}"
setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
setup_kra: "{{ ipaserver_test.setup_kra }}"
setup_dns: "{{ ipaserver_setup_dns }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
no_host_dns: "{{ ipaserver_test.no_host_dns }}"
subject_base: "{{ ipaserver_test.subject_base }}"
ca_subject: "{{ ipaserver_test.ca_subject }}"
no_reverse: "{{ ipaserver_no_reverse }}"
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
no_pkinit: "{{ ipaserver_test.no_pkinit }}"
no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
idstart: "{{ ipaserver_test.idstart }}"
idmax: "{{ ipaserver_test.idmax }}"
- name: Install - Setup CA
ipaserver_setup_ca:
dm_password: "{{ ipaserver_dm_password }}"
password: "{{ ipaserver_password }}"
master_password: "{{ ipaserver_master_password }}"
#ip_addresses: "{{ ipaserver_test.ip_addresses }}"
domain: "{{ ipaserver_test.domain }}"
realm: "{{ ipaserver_test.realm }}"
hostname: "{{ ipaserver_test.hostname }}"
no_host_dns: "{{ ipaserver_test.no_host_dns }}"
setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
setup_kra: "{{ ipaserver_test.setup_kra }}"
setup_dns: "{{ ipaserver_setup_dns }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
idstart: "{{ ipaserver_test.idstart }}"
idmax: "{{ ipaserver_test.idmax }}"
no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
no_pkinit: "{{ ipaserver_test.no_pkinit }}"
dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
_dirsrv_pkcs12_info: "{{ ipaserver_test._dirsrv_pkcs12_info }}"
external_ca: "{{ ipaserver_external_ca }}"
subject_base: "{{ ipaserver_test.subject_base }}"
_subject_base: "{{ ipaserver_test._subject_base }}"
ca_subject: "{{ ipaserver_test.ca_subject }}"
_ca_subject: "{{ ipaserver_test._ca_subject }}"
ca_signing_algorithm: "{{ ipaserver_ca_signing_algorithm | default(omit) }}"
reverse_zones: "{{ ipaserver_test.reverse_zones }}"
no_reverse: "{{ ipaserver_no_reverse }}"
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
- name: Install - Setup otpd
ipaserver_setup_otpd:
realm: "{{ ipaserver_test.realm }}"
hostname: "{{ ipaserver_test.hostname }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
- name: Install - Setup custodia
ipaserver_setup_custodia:
realm: "{{ ipaserver_test.realm }}"
hostname: "{{ ipaserver_test.hostname }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
- name: Install - Setup HTTP
ipaserver_setup_http:
dm_password: "{{ ipaserver_dm_password }}"
password: "{{ ipaserver_password }}"
master_password: "{{ ipaserver_master_password }}"
domain: "{{ ipaserver_test.domain }}"
realm: "{{ ipaserver_test.realm }}"
hostname: "{{ ipaserver_test.hostname }}"
#ip_addresses: "{{ ipaserver_test.ip_addresses }}"
reverse_zones: "{{ ipaserver_test.reverse_zones }}"
setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
setup_kra: "{{ ipaserver_test.setup_kra }}"
setup_dns: "{{ ipaserver_setup_dns }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
no_host_dns: "{{ ipaserver_test.no_host_dns }}"
subject_base: "{{ ipaserver_test.subject_base }}"
_subject_base: "{{ ipaserver_test._subject_base }}"
ca_subject: "{{ ipaserver_test.ca_subject }}"
_ca_subject: "{{ ipaserver_test._ca_subject }}"
no_reverse: "{{ ipaserver_no_reverse }}"
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
no_pkinit: "{{ ipaserver_test.no_pkinit }}"
no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
idstart: "{{ ipaserver_test.idstart }}"
idmax: "{{ ipaserver_test.idmax }}"
http_cert_files: "{{ ipaserver_http_cert_files | default([]) }}"
no_ui_redirect: "{{ ipaserver_no_ui_redirect }}"
- name: Install - Setup KRA
ipaserver_setup_kra:
hostname: "{{ ipaserver_test.hostname }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
dm_password: "{{ ipaserver_dm_password }}"
setup_kra: "{{ ipaserver_test.setup_kra }}"
when: ipaserver_test.setup_kra | bool
- name: Install - Setup DNS
ipaserver_setup_dns:
hostname: "{{ ipaserver_test.hostname }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
setup_dns: "{{ ipaserver_setup_dns }}"
forwarders: "{{ ipaserver_test.forwarders | default(omit) }}"
forward_policy: "{{ ipaserver_forward_policy | default(omit) }}"
zonemgr: "{{ ipaserver_zonemgr | default(omit) }}"
no_dnssec_validation: "{{ ipaserver_no_dnssec_validation }}"
when: ipaserver_setup_dns | bool
- name: Install - Setup ADTRUST
ipaserver_setup_adtrust:
hostname: "{{ ipaserver_test.hostname }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
when: ipaserver_test.setup_adtrust
- name: Install - Set DS password
ipaserver_set_ds_password:
dm_password: "{{ ipaserver_dm_password }}"
password: "{{ ipaserver_password }}"
domain: "{{ ipaserver_test.domain }}"
realm: "{{ ipaserver_test.realm }}"
hostname: "{{ ipaserver_test.hostname }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
subject_base: "{{ ipaserver_test.subject_base }}"
ca_subject: "{{ ipaserver_test.ca_subject }}"
no_pkinit: "{{ ipaserver_test.no_pkinit }}"
no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
idstart: "{{ ipaserver_test.idstart }}"
idmax: "{{ ipaserver_test.idmax }}"
dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
_dirsrv_pkcs12_info: "{{ ipaserver_test._dirsrv_pkcs12_info }}"
#- name: Install - Setup client
# include_role:
# name: ipaclient
# private: yes
# defaults_from: "/roles/ipaclient/defaults/main.yml"
# tasks_from: "/roles/ipaclient/tasks/main.yml"
# vars_from: "/roles/ipaclient/vars/main.yml"
# vars:
# state: present
# on_master: yes
# domain: "{{ ipaserver_test.domain }}"
# realm: "{{ ipaserver_test.realm }}"
# server: "{{ ipaserver_test.hostname }}"
# hostname: "{{ ipaserver_test.hostname }}"
# #no_dns_sshfp: "{{ ipaserver_no_dns_sshfp }}"
# #ssh_trust_dns: "{{ ipaserver_ssh_trust_dns }}"
# #no_ssh: "{{ ipaserver_no_ssh }}"
# #no_sshd: "{{ ipaserver_no_sshd }}"
# mkhomedir: "{{ ipaserver_mkhomedir }}"
# #allow_repair: "{{ ipaserver_allow_repair }}"
- name: Install - Setup client
command: >
/usr/sbin/ipa-client-install
--unattended
--on-master
--domain "{{ ipaserver_test.domain }}"
--realm "{{ ipaserver_test.realm }}"
--server "{{ ipaserver_test.hostname }}"
--hostname "{{ ipaserver_test.hostname }}"
{{ "--mkhomedir" if ipaserver_mkhomedir | bool else "" }}
# {{ "--no-dns-sshfp" if ipaserver_no_dns_sshfp | bool else "" }}
# {{ "--ssh-trust-dns" if ipaserver_ssh_trust_dns | bool else "" }}
# {{ "--no-ssh" if ipaserver_no_ssh | bool else "" }}
# {{ "--no-sshd" if ipaserver_no_sshd | bool else "" }}
- name: Install - Enable IPA
ipaserver_enable_ipa:
hostname: "{{ ipaserver_test.hostname }}"
setup_ca: "{{ ipaserver_test.setup_ca }}"
register: ipaserver_enable_ipa
- name: Install - Cleanup root IPA cache
file:
path: "/root/.ipa_cache"
state: absent
when: ipaserver_enable_ipa.changed
#- name: Install - Server installation
# ipaserver_install:
# dm_password: "{{ ipaserver_dm_password }}"
# password: "{{ ipaserver_password }}"
# domain: "{{ ipaserver_domain | default(omit) }}"
# realm: "{{ ipaserver_realm | default(omit) }}"
# hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
# setup_dns: "{{ ipaserver_setup_dns }}"
# no_reverse: "{{ ipaserver_no_reverse }}"
# auto_forwarders: "{{ ipaserver_auto_forwarders }}"
# register: ipaserver_install
#- name: Install - Server installation
# ipaserver_install:
# dm_password: "{{ ipaserver_dm_password }}"
# password: "{{ ipaserver_password }}"
# domain: "{{ ipaserver_test.domain }}"
# realm: "{{ ipaserver_test.realm }}"
# hostname: "{{ ipaserver_test.hostname }}"
# #ip_addresses: "{{ ipaserver_test.ip_addresses }}"
# reverse_zones: "{{ ipaserver_test.reverse_zones }}"
# setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
# setup_kra: "{{ ipaserver_test.setup_kra }}"
# setup_dns: "{{ ipaserver_setup_dns }}"
# setup_ca: "{{ ipaserver_test.setup_ca }}"
# no_host_dns: "{{ ipaserver_test.no_host_dns }}"
# subject_base: "{{ ipaserver_test.subject_base }}"
# ca_subject: "{{ ipaserver_test.ca_subject }}"
# no_reverse: "{{ ipaserver_no_reverse }}"
# auto_forwarders: "{{ ipaserver_auto_forwarders }}"
# register: ipaserver_install
#
#- name: Install - Cleanup root IPA cache
# file:
# path: "/root/.ipa_cache"
# state: absent
# when: ipaserver_install.changed