internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity
Files
367d30a30c50797c492599987ddfd408c18e89d0
ansible-freeipa/README-hbacsvc.md
Rafael Guterres Jeffman 7126dec0f3 README-*: Bump minimum Ansible supported version to 2.15 
ansible-freeipa roles do not work with Ansible 2.8 anymore, so the
minimum supported version is changed to 2.15, the oldest supported
Ansible version as of today.

This patch includes the change to the version number in the collection
and all plugin README files. The collection README was also update to
remove text that related only to previous Ansible versions.
2024-06-28 10:51:44 -03:00

2.3 KiB
Raw Blame History

HBACsvc module

Description

The hbacsvc (HBAC Service) module allows to ensure presence and absence of HBAC Services.

Features

  • HBACsvc management

Supported FreeIPA Versions

FreeIPA versions 4.4.0 and up are supported by the ipahbacsvc module.

Requirements

Controller

  • Ansible version: 2.15+

Node

  • Supported FreeIPA version (see above)

Usage

Example inventory file

[ipaserver]
ipaserver.test.local

Example playbook to make sure HBAC Service for http is present

---
- name: Playbook to handle HBAC Services
  hosts: ipaserver
  become: true

  tasks:
  # Ensure HBAC Service for http is present
  - ipahbacsvc:
      ipaadmin_password: SomeADMINpassword
      name: http
      description: Web service

Example playbook to make sure HBAC Service for tftp is present

---
- name: Playbook to handle HBAC Services
  hosts: ipaserver
  become: true

  tasks:
  # Ensure HBAC Service for tftp is present
  - ipahbacsvc:
      ipaadmin_password: SomeADMINpassword
      name: tftp
      description: TFTPWeb service

Example playbook to make sure HBAC Services for http and tftp are absent

---
- name: Playbook to handle HBAC Services
  hosts: ipaserver
  become: true

  tasks:
  # Ensure HBAC Service for http and tftp are absent
  - ipahbacsvc:
      ipaadmin_password: SomeADMINpassword
      name: http,tftp
      state: absent

Variables

Variable Description Required
ipaadmin_principal The admin principal is a string and defaults to admin no
ipaadmin_password The admin password is a string and is required if there is no admin ticket available on the node no
ipaapi_context The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are server and client. no
ipaapi_ldap_cache Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) no
name | cn | service The list of hbacsvc name strings. no
description The hbacsvc description string. no
state The state to ensure. It can be one of present or absent, default: present. no

Authors

Thomas Woerner