internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-14 05:22:05 +00:00
Code Issues Projects Releases Wiki Activity

ipareplica: Fix DNS setup issues

Browse Source 
The configuration of DNS failed because of missing DNS settings in the
ipareplica_prepare and ipareplica_setup_dns.

Some fixed settings for use with DNSInstallInterface have been added
to ansible_ipa_replica:

options.dnssec_master = False
options.disable_dnssec_master = False
options.kasp_db_file = None
options.force = False

Fixes: #58 (install-replica fails: reverse_zones seems to be empty)
Fixes: #63 (ipareplica_setup_dns fails)
This commit is contained in:
Thomas Woerner
2019-04-03 18:03:16 +02:00
parent f33d234d5a
commit 44ce7263de
4 changed files with 45 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
roles/ipareplica/library/ipareplica_prepare.py
View File

@@ -172,8 +172,17 @@ def main():
no_dns_sshfp=dict(required=False, type='bool'),
### certificate system ###
#subject_base=dict(required=False),
no_dnssec_validation=dict(required=False, type='bool'),
### dns ###
allow_zone_overlap=dict(required=False, type='bool', default=False),
reverse_zones=dict(required=False,type='list',default=[]),
no_reverse=dict(required=False, type='bool', default=False),
auto_reverse=dict(required=False, type='bool', default=False),
forwarders=dict(required=False, type='list', default=[]),
no_forwarders=dict(required=False, type='bool', default=False),
auto_forwarders=dict(required=False, type='bool', default=False),
forward_policy=dict(default=None, choices=['first', 'only']),
no_dnssec_validation=dict(required=False, type='bool',
default=False),
### ad trust ###
### additional ###
server=dict(required=True),
@@ -224,6 +233,7 @@ def main():
#options.ca_subject = ansible_module.params.get('ca_subject')
options.no_dnssec_validation = ansible_module.params.get('no_dnssec_validation')
### dns ###
options.allow_zone_overlap = ansible_module.params.get('allow_zone_overlap')
options.reverse_zones = ansible_module.params.get('reverse_zones')
options.no_reverse = ansible_module.params.get('no_reverse')
options.auto_reverse = ansible_module.params.get('auto_reverse')
@@ -231,6 +241,8 @@ def main():
options.no_forwarders = ansible_module.params.get('no_forwarders')
options.auto_forwarders = ansible_module.params.get('auto_forwarders')
options.forward_policy = ansible_module.params.get('forward_policy')
options.no_dnssec_validation = ansible_module.params.get(
'no_dnssec_validationdnssec_validation')
### additional ###
#options._host_name_overridden = ansible_module.params.get(
@@ -666,6 +678,7 @@ def main():
ccache=ccache,
installer_ccache=installer._ccache,
subject_base=str(config.subject_base),
forward_policy=options.forward_policy,
_ca_enabled=ca_enabled,
_ca_subject=str(options._ca_subject),
_subject_base=str(options._subject_base) if options._subject_base is not None else None,

12
roles/ipareplica/library/ipareplica_setup_dns.py
View File

@@ -79,6 +79,12 @@ def main():
setup_dns=dict(required=False, type='bool'),
### certificate system ###
subject_base=dict(required=True),
### dns ###
zonemgr=dict(required=False),
forwarders=dict(required=False, type='list', default=[]),
forward_policy=dict(default=None, choices=['first', 'only']),
no_dnssec_validation=dict(required=False, type='bool',
default=False),
### additional ###
ccache=dict(required=True),
_top_dir = dict(required=True),
@@ -101,6 +107,12 @@ def main():
options.subject_base = ansible_module.params.get('subject_base')
if options.subject_base is not None:
options.subject_base = DN(options.subject_base)
### dns ###
options.zonemgr = ansible_module.params.get('zonemgr')
options.forwarders = ansible_module.params.get('forwarders')
options.forward_policy = ansible_module.params.get('forward_policy')
options.no_dnssec_validation = ansible_module.params.get(
'no_dnssec_validationdnssec_validation')
### additional ###
ccache = ansible_module.params.get('ccache')
os.environ['KRB5CCNAME'] = ccache