ipa[server,replica]: Enable freeipa-trust service if adtrust is enabled

The freeipa-trust service has not been added if adtrust was enabled. For ipareplica the addition of freeipa-replication has been removed as the used port is not used anymore since some time. Fixes: #83 (when installing with ipaserver_setup_adtrust: true the firewalld service freeipa-trust is not added)
2026-05-06 21:33:14 +00:00 · 2019-05-31 17:58:47 +02:00
parent 69b894a7e5
commit 5951b954be
2 changed files with 8 additions and 2 deletions
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -96,7 +96,8 @@
      --permanent
      --add-service=freeipa-ldap
      --add-service=freeipa-ldaps
-      --add-service=freeipa-replication
+      {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+         else "" }}
      {{ "--add-service=dns" if ipareplica_setup_dns | bool else "" }}
      {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
    when: ipareplica_setup_firewalld | bool
@@ -106,7 +107,8 @@
      firewall-cmd
      --add-service=freeipa-ldap
      --add-service=freeipa-ldaps
-      --add-service=freeipa-replication
+      {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+         else "" }}
      {{ "--add-service=dns" if ipareplica_setup_dns | bool else "" }}
      {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
    when: ipareplica_setup_firewalld | bool
--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -391,6 +391,8 @@
      --permanent
      --add-service=freeipa-ldap
      --add-service=freeipa-ldaps
+      {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+         else "" }}
      {{ "--add-service=dns" if ipaserver_setup_dns | bool else "" }}
      {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
    when: ipaserver_setup_firewalld | bool
@@ -400,6 +402,8 @@
      firewall-cmd
      --add-service=freeipa-ldap
      --add-service=freeipa-ldaps
+      {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+         else "" }}
      {{ "--add-service=dns" if ipaserver_setup_dns | bool else "" }}
      {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
    when: ipaserver_setup_firewalld | bool