internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-15 05:52:24 +00:00
Code Issues Projects Releases Wiki Activity

ipareplica: Add support for hidden replica

Browse Source 
The hidden replica support introduced some incompatible changes to replica
deployment. The methods find_providing_server and find_providing_serves
have been moved from ipaserver.install.service to ipaserver.masters.
Additionally the host_name argument for find_providing_server is a list
now. This breaks existing ipareplica Ansible modules ipareplica_prepare
and ipareplica_enable_ipa.
This commit is contained in:
Thomas Woerner
2019-05-31 18:05:02 +02:00
parent 5951b954be
commit 5057b3cfe0
6 changed files with 58 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
roles/ipareplica/library/ipareplica_enable_ipa.py
View File

@@ -69,6 +69,7 @@ def main():
ansible_module = AnsibleModule(
argument_spec = dict(
hostname=dict(required=False),
hidden_replica=dict(required=False, type='bool', default=False),
### server ###
### certificate system ###
subject_base=dict(required=True),
@@ -88,6 +89,7 @@ def main():
options = installer
options.host_name = ansible_module.params.get('hostname')
options.hidden_replica = ansible_module.params.get('hidden_replica')
### server ###
### certificate system ###
options.subject_base = ansible_module.params.get('subject_base')
@@ -112,6 +114,7 @@ def main():
env = gen_env_boostrap_finalize_core(paths.ETC_IPA,
constants.DEFAULT_CONFIG)
api_bootstrap_finalize(env)
config = gen_ReplicaConfig()
remote_api = gen_remote_api(config_master_host_name, paths.ETC_IPA)
installer._remote_api = remote_api
@@ -122,11 +125,16 @@ def main():
api.Backend.ldap2.connect()
with redirect_stdout(ansible_log):
# Enable configured services and update DNS SRV records
service.enable_services(options.host_name)
if options.hidden_replica:
# Set services to hidden
service.hide_services(config.host_name)
else:
# Enable configured services
service.enable_services(config.host_name)
# update DNS SRV records. Although it's only really necessary in
# enabled-service case, also perform update in hidden replica case.
api.Command.dns_update_system_records()
ca_servers = service.find_providing_servers('CA', api.Backend.ldap2,
api)
ca_servers = find_providing_servers('CA', api.Backend.ldap2, api=api)
api.Backend.ldap2.disconnect()
# Everything installed properly, activate ipa service.