From d08291bec4e19d216f1d0301f341299f06888b42 Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Fri, 3 May 2019 17:45:22 +0200 Subject: [PATCH] Remove unused ipa-krb5, ipa-sssd and ipaconf roles These roles are not used anymore. --- roles/ipa-krb5/defaults/main.yml | 12 -------- roles/ipa-krb5/meta/main.yml | 12 -------- roles/ipa-krb5/tasks/main.yml | 22 -------------- roles/ipa-krb5/templates/krb5.conf.j2 | 39 ------------------------- roles/ipa-krb5/vars/default.yml | 2 -- roles/ipa-sssd/defaults/main.yml | 13 --------- roles/ipa-sssd/meta/main.yml | 12 -------- roles/ipa-sssd/tasks/main.yml | 27 ----------------- roles/ipa-sssd/templates/sssd.conf.j2 | 34 --------------------- roles/ipa-sssd/vars/default.yml | 4 --- roles/ipaconf/defaults/main.yml | 8 ----- roles/ipaconf/meta/main.yml | 12 -------- roles/ipaconf/tasks/main.yml | 13 --------- roles/ipaconf/templates/default.conf.j2 | 8 ----- roles/ipaconf/vars/default.yml | 2 -- 15 files changed, 220 deletions(-) delete mode 100644 roles/ipa-krb5/defaults/main.yml delete mode 100644 roles/ipa-krb5/meta/main.yml delete mode 100644 roles/ipa-krb5/tasks/main.yml delete mode 100644 roles/ipa-krb5/templates/krb5.conf.j2 delete mode 100644 roles/ipa-krb5/vars/default.yml delete mode 100644 roles/ipa-sssd/defaults/main.yml delete mode 100644 roles/ipa-sssd/meta/main.yml delete mode 100644 roles/ipa-sssd/tasks/main.yml delete mode 100644 roles/ipa-sssd/templates/sssd.conf.j2 delete mode 100644 roles/ipa-sssd/vars/default.yml delete mode 100644 roles/ipaconf/defaults/main.yml delete mode 100644 roles/ipaconf/meta/main.yml delete mode 100644 roles/ipaconf/tasks/main.yml delete mode 100644 roles/ipaconf/templates/default.conf.j2 delete mode 100644 roles/ipaconf/vars/default.yml diff --git a/roles/ipa-krb5/defaults/main.yml b/roles/ipa-krb5/defaults/main.yml deleted file mode 100644 index dfac2e90..00000000 --- a/roles/ipa-krb5/defaults/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -krb5_packages: krb5-workstation -krb5_conf: /etc/krb5.conf -krb5_conf_d: /etc/krb5.conf.d/ # paths.COMMON_KRB5_CONF_DIR -krb5_include_d: /var/lib/sss/pubconf/krb5.include.d/ # paths.SSSD_PUBCONF_KRB5_INCLUDE_D_DIR - -krb5_realm: -krb5_servers: -krb5_dns_lookup_realm: "false" -krb5_dns_lookup_kdc: "false" -krb5_no_default_domain: "false" -krb5_default_ccache_name: KEYRING:persistent:%{uid} diff --git a/roles/ipa-krb5/meta/main.yml b/roles/ipa-krb5/meta/main.yml deleted file mode 100644 index b9deeef0..00000000 --- a/roles/ipa-krb5/meta/main.yml +++ /dev/null @@ -1,12 +0,0 @@ -galaxy_info: - author: Thomas Woerner - description: A role to configure krb5 - company: Red Hat, Inc - - license: GPLv3 - - min_ansible_version: 2.0 - - galaxy_tags: [ 'identity', 'ipa'] - -dependencies: [] diff --git a/roles/ipa-krb5/tasks/main.yml b/roles/ipa-krb5/tasks/main.yml deleted file mode 100644 index 9d7e0fe2..00000000 --- a/roles/ipa-krb5/tasks/main.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- name: Install {{ krb5_packages }} - package: name="{{ item }}" state=present - with_items: "{{ krb5_packages }}" - -- name: Install - Create ipabkp of krb5.conf - copy: src="{{ krb5_conf }}" dest="{{ krb5_conf }}".ipabkp - failed_when: false - -- name: Install - Backup krb5.conf - ipaclient_fstore: - backup: "{{ krb5_conf }}" - -- name: Template krb5.conf - template: - src: krb5.conf.j2 - dest: "{{ krb5_conf }}" - backup: no - owner: root - group: root - mode: 0644 - force: yes diff --git a/roles/ipa-krb5/templates/krb5.conf.j2 b/roles/ipa-krb5/templates/krb5.conf.j2 deleted file mode 100644 index a05c7829..00000000 --- a/roles/ipa-krb5/templates/krb5.conf.j2 +++ /dev/null @@ -1,39 +0,0 @@ -includedir {{ krb5_conf_d }} -includedir {{ krb5_include_d }} - -[libdefaults] - default_realm = {{ krb5_realm | upper }} - dns_lookup_realm = {{ krb5_dns_lookup_realm }} - dns_lookup_kdc = {{ krb5_dns_lookup_kdc }} - rdns = false -{% if krb5_dns_canonicalize_hostname is defined %} - dns_canonicalize_hostname = {{ krb5_dns_canonicalize_hostname }} -{% endif %} - ticket_lifetime = 24h - forwardable = true - udp_preference_limit = 0 - default_ccache_name = {{ krb5_default_ccache_name }} - -[realms] - {{ krb5_realm | upper }} = { -{% for server in krb5_servers %} - kdc = {{ server }}:88 - master_kdc = {{ server }}:88 - admin_server = {{ server }}:749 - kpasswd_server = {{ server }}:464 -{% endfor %} -{% if krb5_default_domain | bool %} - default_domain = {{ krb5_realm | lower }} -{% endif %} -{% if krb5_pkinit_anchors is defined %} - pkinit_anchors = {{ krb5_pkinit_anchors }} -{% endif %} -{% if krb5_pkinit_pool is defined %} - pkinit_pool = {{ krb5_pkinit_pool }} -{% endif %} - } - -[domain_realm] - .{{ krb5_realm | lower }} = {{ krb5_realm | upper }} - {{ krb5_realm | lower }} = {{ krb5_realm | upper }} - {{ ansible_host | lower }} = {{ krb5_realm | upper }} diff --git a/roles/ipa-krb5/vars/default.yml b/roles/ipa-krb5/vars/default.yml deleted file mode 100644 index fa18717b..00000000 --- a/roles/ipa-krb5/vars/default.yml +++ /dev/null @@ -1,2 +0,0 @@ -krb5_packages: - - krb5-workstation diff --git a/roles/ipa-sssd/defaults/main.yml b/roles/ipa-sssd/defaults/main.yml deleted file mode 100644 index 84c56377..00000000 --- a/roles/ipa-sssd/defaults/main.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -sssd_conf: /etc/sssd/sssd.conf -sssd_packages: sssd, libselinux-python -sssd_on_master: "false" -sssd_domains: -sssd_id_provider: -sssd_auth_provider: -sssd_access_provider: -sssd_chpass_provider: -sssd_cache_credentials: False -sssd_krb5_offline_passwords: False -sssd_ipa_servers: -sssd_services: diff --git a/roles/ipa-sssd/meta/main.yml b/roles/ipa-sssd/meta/main.yml deleted file mode 100644 index 35cb5a32..00000000 --- a/roles/ipa-sssd/meta/main.yml +++ /dev/null @@ -1,12 +0,0 @@ -galaxy_info: - author: Thomas Woerner - description: A role to configure sssd for IPA - company: Red Hat, Inc - - license: GPLv3 - - min_ansible_version: 2.0 - - galaxy_tags: [ 'identity', 'ipa'] - -dependencies: [] diff --git a/roles/ipa-sssd/tasks/main.yml b/roles/ipa-sssd/tasks/main.yml deleted file mode 100644 index c09c3ead..00000000 --- a/roles/ipa-sssd/tasks/main.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- name: Install {{ sssd_packages }} - package: name="{{ item }}" state=present - with_items: "{{ sssd_packages }}" - -# No backup in ipa-client-install mode -#- name: Backup {{ sssd_conf }} -# copy: -# src: "{{ sssd_conf }}" -# dest: "{{ sssd_conf }}.bkp" -# force: no - -- name: Template sssd.conf - template: - src: sssd.conf.j2 - dest: "{{ sssd_conf }}" - backup: no - owner: root - group: root - mode: 0600 - force: yes - -#- name: Enable and start sssd -# service: -# name: sssd -# state: restarted -# enabled: yes diff --git a/roles/ipa-sssd/templates/sssd.conf.j2 b/roles/ipa-sssd/templates/sssd.conf.j2 deleted file mode 100644 index 2ccb5848..00000000 --- a/roles/ipa-sssd/templates/sssd.conf.j2 +++ /dev/null @@ -1,34 +0,0 @@ -[domain/{{ sssd_domains }}] -cache_credentials = {{ sssd_cache_credentials }} -krb5_store_password_if_offline = {{ sssd_krb5_offline_passwords }} -ipa_domain = {{ sssd_domains }} -id_provider = {{ sssd_id_provider }} -auth_provider = {{ sssd_auth_provider }} -access_provider = {{ sssd_access_provider }} -ipa_hostname = {{ ansible_host }} -chpass_provider = {{ sssd_chpass_provider }} -{% if sssd_on_master | bool %} -ipa_server = {{ sssd_ipa_servers | join(", ") }} -ipa_server_mode = True -{% else %} -{% if sssd_domains != ansible_domain %} -dns_discovery_domain = sssd_domains -{% endif %} -ipa_server = _srv_, {{ sssd_ipa_servers | join(", ")}} -{% endif %} -ldap_tls_cacert = /etc/ipa/ca.crt - -{% if sssd_on_master | bool %} -{% set sssd_services = sssd_services + ", ifp" %} -{% endif %} -[sssd] -services = {{ sssd_services }} -domains = {{ sssd_domains }} - -{% for service in sssd_services.split(',') %} -[{{ service | trim }}] -{% if service | trim == "nss" %} -homedir_substring = /home -{% endif %} - -{% endfor %} diff --git a/roles/ipa-sssd/vars/default.yml b/roles/ipa-sssd/vars/default.yml deleted file mode 100644 index 9f0ad83b..00000000 --- a/roles/ipa-sssd/vars/default.yml +++ /dev/null @@ -1,4 +0,0 @@ -sssd_packages: - - sssd - - sssd-ipa - - sssd-krb5 diff --git a/roles/ipaconf/defaults/main.yml b/roles/ipaconf/defaults/main.yml deleted file mode 100644 index 9030ee0e..00000000 --- a/roles/ipaconf/defaults/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -ipaconf_default_conf: /etc/ipa/default.conf - -ipaconf_basedn: -ipaconf_realm: -ipaconf_domain: -ipaconf_server: -ipaconf_hostname: diff --git a/roles/ipaconf/meta/main.yml b/roles/ipaconf/meta/main.yml deleted file mode 100644 index 557f93e2..00000000 --- a/roles/ipaconf/meta/main.yml +++ /dev/null @@ -1,12 +0,0 @@ -galaxy_info: - author: Thomas Woerner - description: A role to configure IPA default.conf - company: Red Hat, Inc - - license: GPLv3 - - min_ansible_version: 2.0 - - galaxy_tags: [ 'identity', 'ipa'] - -dependencies: [] diff --git a/roles/ipaconf/tasks/main.yml b/roles/ipaconf/tasks/main.yml deleted file mode 100644 index a4969dbf..00000000 --- a/roles/ipaconf/tasks/main.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Backup IPA default.conf - ipaclient_fstore: - backup: "{{ ipaconf_default_conf }}" - -- name: Template IPA default.conf - template: - src: default.conf.j2 - dest: "{{ ipaconf_default_conf }}" - backup: yes - owner: root - group: root - mode: 0644 diff --git a/roles/ipaconf/templates/default.conf.j2 b/roles/ipaconf/templates/default.conf.j2 deleted file mode 100644 index 05491180..00000000 --- a/roles/ipaconf/templates/default.conf.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[global] -basedn = {{ ipaconf_basedn }} -realm = {{ ipaconf_realm }} -domain = {{ ipaconf_domain }} -server = {{ ipaconf_server }} -host = {{ ipaconf_hostname }} -xmlrpc_uri = {{ 'https://' + ipaconf_server + '/ipa/xml' }} -enable_ra = True diff --git a/roles/ipaconf/vars/default.yml b/roles/ipaconf/vars/default.yml deleted file mode 100644 index fa18717b..00000000 --- a/roles/ipaconf/vars/default.yml +++ /dev/null @@ -1,2 +0,0 @@ -krb5_packages: - - krb5-workstation