From 22d188fcb06c8cde677eabd8a51bd027ed0ace2a Mon Sep 17 00:00:00 2001 From: Siva Paramasivam Date: Fri, 6 Jul 2018 22:13:27 -0700 Subject: [PATCH 1/3] CentOS 7 compatibility. Lowered version check to be compatible with CentOS 7.5 Added missing attributes to setup_kra to be compatible with latest python2-ipaserver librarty on CentOS 7.5 (python2-ipaserver-4.5.4-10.el7.centos.3.noarch) --- roles/ipaserver/library/ipaserver_setup_ca.py | 6 +++--- roles/ipaserver/library/ipaserver_setup_kra.py | 5 ++++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/roles/ipaserver/library/ipaserver_setup_ca.py b/roles/ipaserver/library/ipaserver_setup_ca.py index c1615471..ed1bd41f 100644 --- a/roles/ipaserver/library/ipaserver_setup_ca.py +++ b/roles/ipaserver/library/ipaserver_setup_ca.py @@ -188,7 +188,7 @@ def main(): # setup CA ############################################################## with redirect_stdout(ansible_log): - if NUM_VERSION >= 40604: + if NUM_VERSION >= 40504: custodia = custodiainstance.get_custodia_instance( options, custodiainstance.CustodiaModes.MASTER_PEER) custodia.create_instance() @@ -200,7 +200,7 @@ def main(): if n in options.__dict__} write_cache(cache_vars) - if NUM_VERSION >= 40604: + if NUM_VERSION >= 40504: ca.install_step_0(False, None, options, custodia=custodia) else: ca.install_step_0(False, None, options) @@ -225,7 +225,7 @@ def main(): if options.setup_ca: with redirect_stdout(ansible_log): - if NUM_VERSION >= 40604: + if NUM_VERSION >= 40504: ca.install_step_1(False, None, options, custodia=custodia) else: ca.install_step_1(False, None, options) diff --git a/roles/ipaserver/library/ipaserver_setup_kra.py b/roles/ipaserver/library/ipaserver_setup_kra.py index 2982a73c..2ae0544d 100644 --- a/roles/ipaserver/library/ipaserver_setup_kra.py +++ b/roles/ipaserver/library/ipaserver_setup_kra.py @@ -57,6 +57,7 @@ def main(): hostname=dict(required=True), setup_ca=dict(required=True, type='bool'), setup_kra=dict(required=True, type='bool'), + realm=dict(required=True), ), ) @@ -69,6 +70,8 @@ def main(): options.host_name = ansible_module.params.get('hostname') options.setup_ca = ansible_module.params.get('setup_ca') options.setup_kra = ansible_module.params.get('setup_kra') + options.realm_name = ansible_module.params.get('realm') + options.promote = False # first master, no promotion # init ########################################################## @@ -80,7 +83,7 @@ def main(): # setup kra ##################################################### with redirect_stdout(ansible_log): - if NUM_VERSION >= 40604: + if NUM_VERSION >= 40504: custodia = custodiainstance.get_custodia_instance( options, custodiainstance.CustodiaModes.MASTER_PEER) custodia.create_instance() From 720204fe5a63a5ce43d629bebeb2bc5d6c8c497f Mon Sep 17 00:00:00 2001 From: Siva Paramasivam Date: Fri, 6 Jul 2018 22:20:05 -0700 Subject: [PATCH 2/3] var files for CentOS 7 (now that the default is compatible with Fedora not RHEL) --- roles/ipaclient/vars/CentOS-7.yml | 4 ++++ roles/ipareplica/vars/CentOS-7.yml | 5 +++++ roles/ipaserver/vars/CentOS-7.yml | 5 +++++ 3 files changed, 14 insertions(+) create mode 100644 roles/ipaclient/vars/CentOS-7.yml create mode 100644 roles/ipareplica/vars/CentOS-7.yml create mode 100644 roles/ipaserver/vars/CentOS-7.yml diff --git a/roles/ipaclient/vars/CentOS-7.yml b/roles/ipaclient/vars/CentOS-7.yml new file mode 100644 index 00000000..51ab7bfc --- /dev/null +++ b/roles/ipaclient/vars/CentOS-7.yml @@ -0,0 +1,4 @@ +# defaults file for ipaclient +# vars/rhel.yml +ipaclient_packages: [ "ipa-client", "libselinux-python" ] +#ansible_python_interpreter: '/usr/bin/python2' diff --git a/roles/ipareplica/vars/CentOS-7.yml b/roles/ipareplica/vars/CentOS-7.yml new file mode 100644 index 00000000..2baa874f --- /dev/null +++ b/roles/ipareplica/vars/CentOS-7.yml @@ -0,0 +1,5 @@ +# defaults file for ipareplica +# vars/RedHat-7.yml +ipareplica_packages: [ "ipa-server", "libselinux-python" ] +ipareplica_packages_dns: [ "ipa-server-dns" ] +ipareplica_packages_adtrust: [ "ipa-server-trust-ad" ] \ No newline at end of file diff --git a/roles/ipaserver/vars/CentOS-7.yml b/roles/ipaserver/vars/CentOS-7.yml new file mode 100644 index 00000000..079b719c --- /dev/null +++ b/roles/ipaserver/vars/CentOS-7.yml @@ -0,0 +1,5 @@ +# defaults file for ipaserver +# vars/rhel.yml +ipaserver_packages: [ "ipa-server", "libselinux-python" ] +ipaserver_packages_dns: [ "ipa-server-dns" ] +ipaserver_packages_adtrust: [ "ipa-server-trust-ad" ] \ No newline at end of file From 2f3ee6dc29df7f877df7b3254ba9d30fb9fbebe5 Mon Sep 17 00:00:00 2001 From: Siva Paramasivam Date: Fri, 6 Jul 2018 23:04:55 -0700 Subject: [PATCH 3/3] Added missing parameter realm to setup_kra --- roles/ipaserver/tasks/install.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/ipaserver/tasks/install.yml b/roles/ipaserver/tasks/install.yml index d88f7994..0b6f519a 100644 --- a/roles/ipaserver/tasks/install.yml +++ b/roles/ipaserver/tasks/install.yml @@ -287,6 +287,7 @@ setup_ca: "{{ result_ipaserver_test.setup_ca }}" dm_password: "{{ ipadm_password }}" setup_kra: "{{ result_ipaserver_test.setup_kra }}" + realm: "{{ result_ipaserver_test.realm }}" when: result_ipaserver_test.setup_kra | bool - name: Install - Setup DNS