mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-06-23 09:14:43 +00:00
ipaserver: Only use install checks in _prepare, not also in _test
The install checks have been done temporarily in _test and finally also in _prepare. This is not needed and also not done this way in the command line installers.
This commit is contained in:
Thomas Woerner
@@ -109,7 +109,7 @@ def main():
|
|||||||
forwarders=dict(required=False, type='list', default=[]),
|
forwarders=dict(required=False, type='list', default=[]),
|
||||||
no_forwarders=dict(required=False, type='bool', default=False),
|
no_forwarders=dict(required=False, type='bool', default=False),
|
||||||
auto_forwarders=dict(required=False, type='bool', default=False),
|
auto_forwarders=dict(required=False, type='bool', default=False),
|
||||||
forward_policy=dict(required=False),
|
forward_policy=dict(default=None, choices=['first', 'only']),
|
||||||
no_dnssec_validation=dict(required=False, type='bool',
|
no_dnssec_validation=dict(required=False, type='bool',
|
||||||
default=False),
|
default=False),
|
||||||
### ad trust ###
|
### ad trust ###
|
||||||
@@ -181,6 +181,15 @@ def main():
|
|||||||
fstore = sysrestore.FileStore(paths.SYSRESTORE)
|
fstore = sysrestore.FileStore(paths.SYSRESTORE)
|
||||||
sstore = sysrestore.StateFile(paths.SYSRESTORE)
|
sstore = sysrestore.StateFile(paths.SYSRESTORE)
|
||||||
|
|
||||||
|
# subject_base
|
||||||
|
if not options.subject_base:
|
||||||
|
options.subject_base = str(default_subject_base(options.realm_name))
|
||||||
|
# set options.subject for old ipa releases
|
||||||
|
options.subject = options.subject_base
|
||||||
|
|
||||||
|
if not options.ca_subject:
|
||||||
|
options.ca_subject = str(default_ca_subject_dn(options.subject_base))
|
||||||
|
|
||||||
# Configuration for ipalib, we will bootstrap and finalize later, after
|
# Configuration for ipalib, we will bootstrap and finalize later, after
|
||||||
# we are sure we have the configuration file ready.
|
# we are sure we have the configuration file ready.
|
||||||
cfg = dict(
|
cfg = dict(
|
||||||
@@ -268,7 +277,29 @@ def main():
|
|||||||
if _update_hosts_file:
|
if _update_hosts_file:
|
||||||
update_hosts_file(ip_addresses, options.host_name, fstore)
|
update_hosts_file(ip_addresses, options.host_name, fstore)
|
||||||
|
|
||||||
ansible_module.exit_json(changed=True)
|
if hasattr(tasks, "configure_pkcs11_modules"):
|
||||||
|
if tasks.configure_pkcs11_modules(fstore):
|
||||||
|
ansible_log.info("Disabled p11-kit-proxy")
|
||||||
|
|
||||||
|
ansible_module.exit_json(changed=True,
|
||||||
|
### basic ###
|
||||||
|
ip_addresses=[ str(ip) for ip in ip_addresses ],
|
||||||
|
### certificate system ###
|
||||||
|
subject_base=options.subject_base,
|
||||||
|
_subject_base=options._subject_base,
|
||||||
|
ca_subject=options.ca_subject,
|
||||||
|
_ca_subject=options._ca_subject,
|
||||||
|
### dns ###
|
||||||
|
reverse_zones=options.reverse_zones,
|
||||||
|
forward_policy=options.forward_policy,
|
||||||
|
forwarders=options.forwarders,
|
||||||
|
no_dnssec_validation=options.no_dnssec_validation,
|
||||||
|
### additional ###
|
||||||
|
dns_ip_addresses=[ str(ip) for ip
|
||||||
|
in dns.ip_addresses ],
|
||||||
|
dns_reverse_zones=dns.reverse_zones,
|
||||||
|
adtrust_netbios_name=adtrust.netbios_name,
|
||||||
|
adtrust_reset_netbios_name=adtrust.reset_netbios_name)
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
main()
|
main()
|
||||||
|
|||||||
@@ -60,7 +60,6 @@ def main():
|
|||||||
dm_password=dict(required=True, no_log=True),
|
dm_password=dict(required=True, no_log=True),
|
||||||
password=dict(required=True, no_log=True),
|
password=dict(required=True, no_log=True),
|
||||||
master_password=dict(required=False, no_log=True),
|
master_password=dict(required=False, no_log=True),
|
||||||
ip_addresses=dict(required=False, type='list', default=[]),
|
|
||||||
domain=dict(required=False),
|
domain=dict(required=False),
|
||||||
realm=dict(required=False),
|
realm=dict(required=False),
|
||||||
hostname=dict(required=False),
|
hostname=dict(required=False),
|
||||||
@@ -658,101 +657,6 @@ def main():
|
|||||||
"Apache Server SSL certificate and PKINIT KDC "
|
"Apache Server SSL certificate and PKINIT KDC "
|
||||||
"certificate are not signed by the same CA certificate")
|
"certificate are not signed by the same CA certificate")
|
||||||
|
|
||||||
# subject_base
|
|
||||||
if not options.subject_base:
|
|
||||||
options.subject_base = str(default_subject_base(options.realm_name))
|
|
||||||
# set options.subject for old ipa releases
|
|
||||||
options.subject = options.subject_base
|
|
||||||
|
|
||||||
if not options.ca_subject:
|
|
||||||
options.ca_subject = str(default_ca_subject_dn(options.subject_base))
|
|
||||||
|
|
||||||
# temporary ipa configuration ###########################################
|
|
||||||
|
|
||||||
ipa_tempdir = tempfile.mkdtemp(prefix="ipaconf")
|
|
||||||
try:
|
|
||||||
# Configuration for ipalib, we will bootstrap and finalize later, after
|
|
||||||
# we are sure we have the configuration file ready.
|
|
||||||
cfg = dict(
|
|
||||||
context='installer',
|
|
||||||
confdir=ipa_tempdir,
|
|
||||||
in_server=True,
|
|
||||||
# make sure host name specified by user is used instead of default
|
|
||||||
host=options.host_name,
|
|
||||||
)
|
|
||||||
if options.setup_ca:
|
|
||||||
# we have an IPA-integrated CA
|
|
||||||
cfg['ca_host'] = options.host_name
|
|
||||||
|
|
||||||
# Create the management framework config file and finalize api
|
|
||||||
target_fname = "%s/default.conf" % ipa_tempdir
|
|
||||||
fd = open(target_fname, "w")
|
|
||||||
fd.write("[global]\n")
|
|
||||||
fd.write("host=%s\n" % options.host_name)
|
|
||||||
fd.write("basedn=%s\n" % ipautil.realm_to_suffix(options.realm_name))
|
|
||||||
fd.write("realm=%s\n" % options.realm_name)
|
|
||||||
fd.write("domain=%s\n" % options.domain_name)
|
|
||||||
fd.write("xmlrpc_uri=https://%s/ipa/xml\n" % ipautil.format_netloc(options.host_name))
|
|
||||||
fd.write("ldap_uri=ldapi://%%2fvar%%2frun%%2fslapd-%s.socket\n" %
|
|
||||||
installutils.realm_to_serverid(options.realm_name))
|
|
||||||
if options.setup_ca:
|
|
||||||
fd.write("enable_ra=True\n")
|
|
||||||
fd.write("ra_plugin=dogtag\n")
|
|
||||||
fd.write("dogtag_version=10\n")
|
|
||||||
else:
|
|
||||||
fd.write("enable_ra=False\n")
|
|
||||||
fd.write("ra_plugin=none\n")
|
|
||||||
fd.write("mode=production\n")
|
|
||||||
fd.close()
|
|
||||||
|
|
||||||
# Must be readable for everyone
|
|
||||||
os.chmod(target_fname, 0o644)
|
|
||||||
|
|
||||||
api.bootstrap(**cfg)
|
|
||||||
api.finalize()
|
|
||||||
|
|
||||||
# install checks ####################################################
|
|
||||||
|
|
||||||
if options.setup_ca:
|
|
||||||
ca.install_check(False, None, options)
|
|
||||||
|
|
||||||
if options.setup_kra:
|
|
||||||
kra.install_check(api, None, options)
|
|
||||||
|
|
||||||
if options.setup_dns:
|
|
||||||
with redirect_stdout(ansible_log):
|
|
||||||
dns.install_check(False, api, False, options, options.host_name)
|
|
||||||
ip_addresses = dns.ip_addresses
|
|
||||||
else:
|
|
||||||
ip_addresses = get_server_ip_address(options.host_name,
|
|
||||||
False, False,
|
|
||||||
options.ip_addresses)
|
|
||||||
|
|
||||||
# check addresses here, dns ansible_module is doing own check
|
|
||||||
no_matching_interface_for_ip_address_warning(ip_addresses)
|
|
||||||
|
|
||||||
options.ip_addresses = ip_addresses
|
|
||||||
options.reverse_zones = dns.reverse_zones
|
|
||||||
instance_name = "-".join(options.realm_name.split("."))
|
|
||||||
dirsrv = services.knownservices.dirsrv
|
|
||||||
if (options.external_cert_files
|
|
||||||
and dirsrv.is_installed(instance_name)
|
|
||||||
and not dirsrv.is_running(instance_name)):
|
|
||||||
logger.debug('Starting Directory Server')
|
|
||||||
services.knownservices.dirsrv.start(instance_name)
|
|
||||||
|
|
||||||
if options.setup_adtrust:
|
|
||||||
adtrust.install_check(False, options, api)
|
|
||||||
|
|
||||||
except (RuntimeError, ValueError, ScriptError) as e:
|
|
||||||
ansible_module.fail_json(msg=str(e))
|
|
||||||
|
|
||||||
finally:
|
|
||||||
try:
|
|
||||||
shutil.rmtree(ipa_tempdir, ignore_errors=True)
|
|
||||||
except OSError:
|
|
||||||
ansible_module.fail_json(msg="Could not remove %s" % ipa_tempdir)
|
|
||||||
|
|
||||||
# Always set _host_name_overridden
|
# Always set _host_name_overridden
|
||||||
options._host_name_overridden = bool(options.host_name)
|
options._host_name_overridden = bool(options.host_name)
|
||||||
|
|
||||||
@@ -763,7 +667,6 @@ def main():
|
|||||||
### basic ###
|
### basic ###
|
||||||
domain=options.domain_name,
|
domain=options.domain_name,
|
||||||
realm=options.realm_name,
|
realm=options.realm_name,
|
||||||
ip_addresses=[ str(ip) for ip in ip_addresses ],
|
|
||||||
hostname=options.host_name,
|
hostname=options.host_name,
|
||||||
_hostname_overridden=options._host_name_overridden,
|
_hostname_overridden=options._host_name_overridden,
|
||||||
no_host_dns=options.no_host_dns,
|
no_host_dns=options.no_host_dns,
|
||||||
@@ -784,27 +687,12 @@ def main():
|
|||||||
_pkinit_pkcs12_file=pkinit_pkcs12_file,
|
_pkinit_pkcs12_file=pkinit_pkcs12_file,
|
||||||
_pkinit_pkcs12_info=pkinit_pkcs12_info,
|
_pkinit_pkcs12_info=pkinit_pkcs12_info,
|
||||||
_pkinit_ca_cert=pkinit_ca_cert,
|
_pkinit_ca_cert=pkinit_ca_cert,
|
||||||
### certificate system ###
|
|
||||||
subject_base=options.subject_base,
|
|
||||||
_subject_base=options._subject_base,
|
|
||||||
ca_subject=options.ca_subject,
|
|
||||||
_ca_subject=options._ca_subject,
|
|
||||||
### dns ###
|
|
||||||
reverse_zones=options.reverse_zones,
|
|
||||||
forward_policy=options.forward_policy,
|
|
||||||
forwarders=options.forwarders,
|
|
||||||
no_dnssec_validation=options.no_dnssec_validation,
|
|
||||||
### ad trust ###
|
### ad trust ###
|
||||||
rid_base=options.rid_base,
|
rid_base=options.rid_base,
|
||||||
secondary_rid_base=options.secondary_rid_base,
|
secondary_rid_base=options.secondary_rid_base,
|
||||||
### additional ###
|
### additional ###
|
||||||
_installation_cleanup=_installation_cleanup,
|
_installation_cleanup=_installation_cleanup,
|
||||||
domainlevel=options.domainlevel,
|
domainlevel=options.domainlevel)
|
||||||
dns_ip_addresses=[ str(ip) for ip
|
|
||||||
in dns.ip_addresses ],
|
|
||||||
dns_reverse_zones=dns.reverse_zones,
|
|
||||||
adtrust_netbios_name=adtrust.netbios_name,
|
|
||||||
adtrust_reset_netbios_name=adtrust.reset_netbios_name)
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
main()
|
main()
|
||||||
|
|||||||
@@ -33,7 +33,6 @@
|
|||||||
dm_password: "{{ ipadm_password }}"
|
dm_password: "{{ ipadm_password }}"
|
||||||
password: "{{ ipaadmin_password }}"
|
password: "{{ ipaadmin_password }}"
|
||||||
master_password: "{{ ipaserver_master_password | default(omit) }}"
|
master_password: "{{ ipaserver_master_password | default(omit) }}"
|
||||||
ip_addresses: "{{ ipaserver_ip_addresses | default([]) }}"
|
|
||||||
domain: "{{ ipaserver_domain | default(omit) }}"
|
domain: "{{ ipaserver_domain | default(omit) }}"
|
||||||
realm: "{{ ipaserver_realm | default(omit) }}"
|
realm: "{{ ipaserver_realm | default(omit) }}"
|
||||||
hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
|
hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
|
||||||
@@ -122,34 +121,36 @@
|
|||||||
### basic ###
|
### basic ###
|
||||||
dm_password: "{{ ipadm_password }}"
|
dm_password: "{{ ipadm_password }}"
|
||||||
password: "{{ ipaadmin_password }}"
|
password: "{{ ipaadmin_password }}"
|
||||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
ip_addresses: "{{ ipaserver_ip_addresses | default([]) }}"
|
||||||
domain: "{{ result_ipaserver_test.domain }}"
|
domain: "{{ result_ipaserver_test.domain }}"
|
||||||
realm: "{{ result_ipaserver_test.realm }}"
|
realm: "{{ result_ipaserver_test.realm }}"
|
||||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||||
no_host_dns: "{{ result_ipaserver_test.no_host_dns }}"
|
no_host_dns: "{{ result_ipaserver_test.no_host_dns }}"
|
||||||
### server ###
|
### server ###
|
||||||
setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
setup_adtrust: "{{ ipaserver_setup_adtrust }}"
|
||||||
setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
setup_kra: "{{ ipaserver_setup_kra }}"
|
||||||
setup_dns: "{{ ipaserver_setup_dns }}"
|
setup_dns: "{{ ipaserver_setup_dns }}"
|
||||||
### certificate system ###
|
### certificate system ###
|
||||||
# external_ca
|
# external_ca
|
||||||
# external_cert_files
|
# external_cert_files
|
||||||
subject_base: "{{ result_ipaserver_test.subject_base }}"
|
subject_base: "{{ ipaserver_subject_base | default(omit) }}"
|
||||||
ca_subject: "{{ result_ipaserver_test.ca_subject }}"
|
ca_subject: "{{ ipaserver_ca_subject | default(omit) }}"
|
||||||
### dns ###
|
### dns ###
|
||||||
allow_zone_overlap: "{{ ipaserver_allow_zone_overlap }}"
|
allow_zone_overlap: "{{ ipaserver_allow_zone_overlap }}"
|
||||||
reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
reverse_zones: "{{ ipaserver_reverse_zones | default([]) }}"
|
||||||
no_reverse: "{{ ipaserver_no_reverse }}"
|
no_reverse: "{{ ipaserver_no_reverse }}"
|
||||||
auto_reverse: "{{ ipaserver_auto_reverse }}"
|
auto_reverse: "{{ ipaserver_auto_reverse }}"
|
||||||
|
zonemgr: "{{ ipaserver_zonemgr | default(omit) }}"
|
||||||
forwarders: "{{ ipaserver_forwarders | default([]) }}"
|
forwarders: "{{ ipaserver_forwarders | default([]) }}"
|
||||||
no_forwarders: "{{ ipaserver_no_forwarders }}"
|
no_forwarders: "{{ ipaserver_no_forwarders }}"
|
||||||
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
||||||
no_dnssec_validation: "{{ result_ipaserver_test.no_dnssec_validation }}"
|
forward_policy: "{{ ipaserver_forward_policy | default(omit) }}"
|
||||||
|
no_dnssec_validation: "{{ ipaserver_no_dnssec_validation }}"
|
||||||
### ad trust ###
|
### ad trust ###
|
||||||
enable_compat: "{{ ipaserver_enable_compat }}"
|
enable_compat: "{{ ipaserver_enable_compat }}"
|
||||||
netbios_name: "{{ ipaserver_netbios_name | default(omit) }}"
|
netbios_name: "{{ ipaserver_netbios_name | default(omit) }}"
|
||||||
# rid_base
|
rid_base: "{{ ipaserver_rid_base | default(omit) }}"
|
||||||
# secondary_rid_base
|
secondary_rid_base: "{{ ipaserver_secondary_rid_base | default(omit) }}"
|
||||||
### additional ###
|
### additional ###
|
||||||
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
|
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
|
||||||
_hostname_overridden: "{{ result_ipaserver_test._hostname_overridden }}"
|
_hostname_overridden: "{{ result_ipaserver_test._hostname_overridden }}"
|
||||||
@@ -168,8 +169,8 @@
|
|||||||
domain: "{{ result_ipaserver_test.domain }}"
|
domain: "{{ result_ipaserver_test.domain }}"
|
||||||
realm: "{{ result_ipaserver_test.realm | default(omit) }}"
|
realm: "{{ result_ipaserver_test.realm | default(omit) }}"
|
||||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
# ip_addresses: "{{ result_ipaserver_prepare.ip_addresses }}"
|
||||||
# reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
# reverse_zones: "{{ result_ipaserver_prepare.reverse_zones }}"
|
||||||
# setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
# setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
||||||
# setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
# setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
||||||
# setup_dns: "{{ ipaserver_setup_dns }}"
|
# setup_dns: "{{ ipaserver_setup_dns }}"
|
||||||
@@ -178,8 +179,8 @@
|
|||||||
dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
|
dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
|
||||||
dirsrv_cert_files: "{{ ipaserver_dirsrv_cert_files | default([]) }}"
|
dirsrv_cert_files: "{{ ipaserver_dirsrv_cert_files | default([]) }}"
|
||||||
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
|
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
|
||||||
subject_base: "{{ result_ipaserver_test.subject_base }}"
|
subject_base: "{{ result_ipaserver_prepare.subject_base }}"
|
||||||
ca_subject: "{{ result_ipaserver_test.ca_subject }}"
|
ca_subject: "{{ result_ipaserver_prepare.ca_subject }}"
|
||||||
# no_reverse: "{{ ipaserver_no_reverse }}"
|
# no_reverse: "{{ ipaserver_no_reverse }}"
|
||||||
# auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
# auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
||||||
no_pkinit: "{{ result_ipaserver_test.no_pkinit }}"
|
no_pkinit: "{{ result_ipaserver_test.no_pkinit }}"
|
||||||
@@ -195,16 +196,16 @@
|
|||||||
domain: "{{ result_ipaserver_test.domain }}"
|
domain: "{{ result_ipaserver_test.domain }}"
|
||||||
realm: "{{ result_ipaserver_test.realm }}"
|
realm: "{{ result_ipaserver_test.realm }}"
|
||||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
# ip_addresses: "{{ result_ipaserver_prepare.ip_addresses }}"
|
||||||
reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
reverse_zones: "{{ result_ipaserver_prepare.reverse_zones }}"
|
||||||
setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
||||||
setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
||||||
setup_dns: "{{ ipaserver_setup_dns }}"
|
setup_dns: "{{ ipaserver_setup_dns }}"
|
||||||
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
|
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
|
||||||
no_host_dns: "{{ result_ipaserver_test.no_host_dns }}"
|
no_host_dns: "{{ result_ipaserver_test.no_host_dns }}"
|
||||||
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
|
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
|
||||||
subject_base: "{{ result_ipaserver_test.subject_base }}"
|
subject_base: "{{ result_ipaserver_prepare.subject_base }}"
|
||||||
ca_subject: "{{ result_ipaserver_test.ca_subject }}"
|
ca_subject: "{{ result_ipaserver_prepare.ca_subject }}"
|
||||||
no_reverse: "{{ ipaserver_no_reverse }}"
|
no_reverse: "{{ ipaserver_no_reverse }}"
|
||||||
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
||||||
no_pkinit: "{{ result_ipaserver_test.no_pkinit }}"
|
no_pkinit: "{{ result_ipaserver_test.no_pkinit }}"
|
||||||
@@ -224,7 +225,7 @@
|
|||||||
dm_password: "{{ ipadm_password }}"
|
dm_password: "{{ ipadm_password }}"
|
||||||
password: "{{ ipaadmin_password }}"
|
password: "{{ ipaadmin_password }}"
|
||||||
master_password: "{{ ipaserver_master_password }}"
|
master_password: "{{ ipaserver_master_password }}"
|
||||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
# ip_addresses: "{{ result_ipaserver_prepare.ip_addresses }}"
|
||||||
domain: "{{ result_ipaserver_test.domain }}"
|
domain: "{{ result_ipaserver_test.domain }}"
|
||||||
realm: "{{ result_ipaserver_test.realm }}"
|
realm: "{{ result_ipaserver_test.realm }}"
|
||||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||||
@@ -244,13 +245,13 @@
|
|||||||
_dirsrv_pkcs12_info: "{{ result_ipaserver_test._dirsrv_pkcs12_info }}"
|
_dirsrv_pkcs12_info: "{{ result_ipaserver_test._dirsrv_pkcs12_info }}"
|
||||||
external_ca: "{{ ipaserver_external_ca }}"
|
external_ca: "{{ ipaserver_external_ca }}"
|
||||||
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
|
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
|
||||||
subject_base: "{{ result_ipaserver_test.subject_base }}"
|
subject_base: "{{ result_ipaserver_prepare.subject_base }}"
|
||||||
_subject_base: "{{ result_ipaserver_test._subject_base }}"
|
_subject_base: "{{ result_ipaserver_prepare._subject_base }}"
|
||||||
ca_subject: "{{ result_ipaserver_test.ca_subject }}"
|
ca_subject: "{{ result_ipaserver_prepare.ca_subject }}"
|
||||||
_ca_subject: "{{ result_ipaserver_test._ca_subject }}"
|
_ca_subject: "{{ result_ipaserver_prepare._ca_subject }}"
|
||||||
ca_signing_algorithm: "{{ ipaserver_ca_signing_algorithm |
|
ca_signing_algorithm: "{{ ipaserver_ca_signing_algorithm |
|
||||||
default(omit) }}"
|
default(omit) }}"
|
||||||
reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
reverse_zones: "{{ result_ipaserver_prepare.reverse_zones }}"
|
||||||
no_reverse: "{{ ipaserver_no_reverse }}"
|
no_reverse: "{{ ipaserver_no_reverse }}"
|
||||||
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
||||||
|
|
||||||
@@ -268,8 +269,8 @@
|
|||||||
domain: "{{ result_ipaserver_test.domain }}"
|
domain: "{{ result_ipaserver_test.domain }}"
|
||||||
realm: "{{ result_ipaserver_test.realm }}"
|
realm: "{{ result_ipaserver_test.realm }}"
|
||||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||||
# ip_addresses: "{{ result_ipaserver_test.ip_addresses }}"
|
# ip_addresses: "{{ result_ipaserver_prepare.ip_addresses }}"
|
||||||
reverse_zones: "{{ result_ipaserver_test.reverse_zones }}"
|
reverse_zones: "{{ result_ipaserver_prepare.reverse_zones }}"
|
||||||
setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
|
||||||
setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
setup_kra: "{{ result_ipaserver_test.setup_kra }}"
|
||||||
setup_dns: "{{ ipaserver_setup_dns }}"
|
setup_dns: "{{ ipaserver_setup_dns }}"
|
||||||
@@ -277,10 +278,10 @@
|
|||||||
no_host_dns: "{{ result_ipaserver_test.no_host_dns }}"
|
no_host_dns: "{{ result_ipaserver_test.no_host_dns }}"
|
||||||
dirsrv_cert_files: "{{ ipaserver_dirsrv_cert_files | default([]) }}"
|
dirsrv_cert_files: "{{ ipaserver_dirsrv_cert_files | default([]) }}"
|
||||||
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
|
external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
|
||||||
subject_base: "{{ result_ipaserver_test.subject_base }}"
|
subject_base: "{{ result_ipaserver_prepare.subject_base }}"
|
||||||
_subject_base: "{{ result_ipaserver_test._subject_base }}"
|
_subject_base: "{{ result_ipaserver_prepare._subject_base }}"
|
||||||
ca_subject: "{{ result_ipaserver_test.ca_subject }}"
|
ca_subject: "{{ result_ipaserver_prepare.ca_subject }}"
|
||||||
_ca_subject: "{{ result_ipaserver_test._ca_subject }}"
|
_ca_subject: "{{ result_ipaserver_prepare._ca_subject }}"
|
||||||
no_reverse: "{{ ipaserver_no_reverse }}"
|
no_reverse: "{{ ipaserver_no_reverse }}"
|
||||||
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
|
||||||
no_pkinit: "{{ result_ipaserver_test.no_pkinit }}"
|
no_pkinit: "{{ result_ipaserver_test.no_pkinit }}"
|
||||||
@@ -306,13 +307,13 @@
|
|||||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||||
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
|
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
|
||||||
setup_dns: "{{ ipaserver_setup_dns }}"
|
setup_dns: "{{ ipaserver_setup_dns }}"
|
||||||
forwarders: "{{ result_ipaserver_test.forwarders }}"
|
forwarders: "{{ result_ipaserver_prepare.forwarders }}"
|
||||||
forward_policy: "{{ result_ipaserver_test.forward_policy }}"
|
forward_policy: "{{ result_ipaserver_prepare.forward_policy }}"
|
||||||
zonemgr: "{{ ipaserver_zonemgr | default(omit) }}"
|
zonemgr: "{{ ipaserver_zonemgr | default(omit) }}"
|
||||||
no_dnssec_validation: "{{ result_ipaserver_test.no_dnssec_validation }}"
|
no_dnssec_validation: "{{ result_ipaserver_prepare.no_dnssec_validation }}"
|
||||||
### additional ###
|
### additional ###
|
||||||
dns_ip_addresses: "{{ result_ipaserver_test.dns_ip_addresses }}"
|
dns_ip_addresses: "{{ result_ipaserver_prepare.dns_ip_addresses }}"
|
||||||
dns_reverse_zones: "{{ result_ipaserver_test.dns_reverse_zones }}"
|
dns_reverse_zones: "{{ result_ipaserver_prepare.dns_reverse_zones }}"
|
||||||
when: ipaserver_setup_dns | bool
|
when: ipaserver_setup_dns | bool
|
||||||
|
|
||||||
- name: Install - Setup ADTRUST
|
- name: Install - Setup ADTRUST
|
||||||
@@ -325,9 +326,9 @@
|
|||||||
rid_base: "{{ result_ipaserver_test.rid_base }}"
|
rid_base: "{{ result_ipaserver_test.rid_base }}"
|
||||||
secondary_rid_base: "{{ result_ipaserver_test.secondary_rid_base }}"
|
secondary_rid_base: "{{ result_ipaserver_test.secondary_rid_base }}"
|
||||||
### additional ###
|
### additional ###
|
||||||
adtrust_netbios_name: "{{ result_ipaserver_test.adtrust_netbios_name }}"
|
adtrust_netbios_name: "{{ result_ipaserver_prepare.adtrust_netbios_name }}"
|
||||||
adtrust_reset_netbios_name:
|
adtrust_reset_netbios_name:
|
||||||
"{{ result_ipaserver_test.adtrust_reset_netbios_name }}"
|
"{{ result_ipaserver_prepare.adtrust_reset_netbios_name }}"
|
||||||
when: result_ipaserver_test.setup_adtrust
|
when: result_ipaserver_test.setup_adtrust
|
||||||
|
|
||||||
- name: Install - Set DS password
|
- name: Install - Set DS password
|
||||||
@@ -338,8 +339,8 @@
|
|||||||
realm: "{{ result_ipaserver_test.realm }}"
|
realm: "{{ result_ipaserver_test.realm }}"
|
||||||
hostname: "{{ result_ipaserver_test.hostname }}"
|
hostname: "{{ result_ipaserver_test.hostname }}"
|
||||||
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
|
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
|
||||||
subject_base: "{{ result_ipaserver_test.subject_base }}"
|
subject_base: "{{ result_ipaserver_prepare.subject_base }}"
|
||||||
ca_subject: "{{ result_ipaserver_test.ca_subject }}"
|
ca_subject: "{{ result_ipaserver_prepare.ca_subject }}"
|
||||||
no_pkinit: "{{ result_ipaserver_test.no_pkinit }}"
|
no_pkinit: "{{ result_ipaserver_test.no_pkinit }}"
|
||||||
no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
|
no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
|
||||||
idstart: "{{ result_ipaserver_test.idstart }}"
|
idstart: "{{ result_ipaserver_test.idstart }}"
|
||||||
|
|||||||
Reference in New Issue
Block a user