internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity

ipaserver: Set hsm attributes to None for now

Browse Source 
The HSM parameters

    token_name
    token_library_path
    token_password
    token_password_file

are set to None to enable deployment with IPA 4.12 as a workaround till
HSM can be fully supported by the ipaserver role.
This commit is contained in:
Thomas Woerner
2024-06-19 16:41:05 +02:00
parent a1230cabc6
commit 4ff6e35c28
3 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/ipaserver/library/ipaserver_prepare.py
View File

@@ -326,6 +326,12 @@ def main():
# ssl certificate
# options.dirsrv_cert_files = ansible_module.params.get(
# 'dirsrv_cert_files')
# hsm
if hasattr(ca, "hsm_version"):
options.token_name = None
options.token_library_path = None
options.token_password = None
options.token_password_file = None
# client
# options.no_ntp = ansible_module.params.get('no_ntp')
# certificate system

6
roles/ipaserver/library/ipaserver_setup_ca.py
View File

@@ -305,6 +305,12 @@ def main():
options.dirsrv_cert_files = ansible_module.params.get('dirsrv_cert_files')
options._dirsrv_pkcs12_info = ansible_module.params.get(
'_dirsrv_pkcs12_info')
# hsm
if hasattr(ca, "hsm_version"):
options.token_name = None
options.token_library_path = None
options.token_password = None
options.token_password_file = None
# certificate system
options.external_ca = ansible_module.params.get('external_ca')
options.external_ca_type = ansible_module.params.get('external_ca_type')

8
roles/ipaserver/library/ipaserver_setup_kra.py
View File

@@ -74,7 +74,7 @@ RETURN = '''
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.ansible_ipa_server import (
check_imports, AnsibleModuleLog, setup_logging, options,
api_Backend_ldap2, redirect_stdout, api, custodiainstance, kra
api_Backend_ldap2, redirect_stdout, api, custodiainstance, kra, ca
)
@@ -106,6 +106,12 @@ def main():
options.pki_config_override = ansible_module.params.get(
'pki_config_override')
options.promote = False # first master, no promotion
# hsm
if hasattr(ca, "hsm_version"):
options.token_name = None
options.token_library_path = None
options.token_password = None
options.token_password_file = None
# init ##########################################################