internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-05-07 13:53:23 +00:00
Code Issues Projects Releases Wiki Activity

ipareplica/library/ipareplica_custodia_import_dm_password: Also use custodia here

Browse Source 
custodia needs to be used here with newer IPA versions (introduced with 4.6.4).
With this master_host_name does is not supplied to custodia.import_dm_password
as an arguemtn anymore.
This commit is contained in:
Thomas Woerner
2018-07-09 13:48:03 +02:00
parent f69c13cfd6
commit b26d366732
2 changed files with 26 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
roles/ipareplica/library/ipareplica_custodia_import_dm_password.py
View File

@@ -100,7 +100,6 @@ def main():
#### certificate system ###
subject_base=dict(required=True),
#### additional ###
config_master_host_name=dict(required=True),
ccache=dict(required=True),
_ca_enabled=dict(required=False, type='bool'),
_ca_file=dict(required=False),
@@ -108,6 +107,9 @@ def main():
_pkinit_pkcs12_info = dict(required=False),
_top_dir = dict(required=True),
dirman_password=dict(required=True, no_log=True),
config_setup_ca=dict(required=True),
config_master_host_name=dict(required=True),
config_ca_host_name=dict(required=True),
),
supports_check_mode = True,
)
@@ -137,6 +139,8 @@ def main():
pkinit_pkcs12_info = ansible_module.params.get('_pkinit_pkcs12_info')
options._top_dir = ansible_module.params.get('_top_dir')
dirman_password = ansible_module.params.get('dirman_password')
config_setup_ca = ansible_module.params.get('config_setup_ca')
config_ca_host_name = ansible_module.params.get('config_ca_host_name')
# init #
@@ -146,15 +150,19 @@ def main():
ansible_log.debug("== INSTALL ==")
options = installer
promote = installer.promote
env = gen_env_boostrap_finalize_core(paths.ETC_IPA,
constants.DEFAULT_CONFIG)
api_bootstrap_finalize(env)
config = gen_ReplicaConfig()
config.dirman_password = dirman_password
config.setup_ca = config_setup_ca
config.master_host_name = master_host_name
config.ca_host_name = config_ca_host_name
config.subject_base = options.subject_base
config.promote = installer.promote
remote_api = gen_remote_api(master_host_name, paths.ETC_IPA)
remote_api = gen_remote_api(config.master_host_name, paths.ETC_IPA)
installer._remote_api = remote_api
conn = remote_api.Backend.ldap2
@@ -163,12 +171,22 @@ def main():
# do the work #
with redirect_stdout(ansible_log):
custodia = custodiainstance.CustodiaInstance(config.host_name,
config.realm_name)
if not hasattr(custodiainstance, "get_custodia_instance"):
custodia = custodiainstance.CustodiaInstance(config.host_name,
config.realm_name)
else:
if ca_enabled:
mode = custodiainstance.CustodiaModes.CA_PEER
else:
mode = custodiainstance.CustodiaModes.MASTER_PEER
custodia = custodiainstance.get_custodia_instance(config, mode)
ansible_log.debug("-- CUSTODIA IMPORT DM PASSWORD --")
custodia.import_dm_password(config.master_host_name)
if not hasattr(custodiainstance, "get_custodia_instance"):
custodia.import_dm_password(config.master_host_name)
else:
custodia.import_dm_password()
# done #

2
roles/ipareplica/tasks/install.yml
View File

@@ -545,12 +545,14 @@
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
### additional ###
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
config_ca_host_name: "{{ result_ipareplica_prepare.config_ca_host_name }}"
ccache: "{{ result_ipareplica_prepare.ccache }}"
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
_ca_file: "{{ result_ipareplica_prepare._ca_file }}"
_pkinit_pkcs12_info: "{{ result_ipareplica_prepare._pkinit_pkcs12_info }}"
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
dirman_password: "{{ ipareplica_dirman_password }}"
config_setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
- name: Install - Promote SSSD
ipareplica_promote_sssd: