ansible-freeipa/tests/ca-less/install_server_without_ca.yml

---
- name: Test ipaserver installation without CA
  hosts: ipaserver
  become: true
  vars:
    # Root CA certificate
    ipaserver_ca_cert_files:
      - /root/freeipa/certificates/root-ca.crt
    # Directory server certificates
    ipaserver_dirsrv_cert_name: dirsrv-cert
    ipaserver_dirsrv_cert_files:
      - /root/freeipa/certificates/dirsrv.p12
    ipaserver_dirsrv_pin: SomePKCS12password
    # Apache certificates
    ipaserver_http_cert_name: httpd-cert
    ipaserver_http_cert_files:
      - /root/freeipa/certificates/httpd.p12
    ipaserver_http_pin: SomePKCS12password
    # PKINIT configuration
    ipaserver_no_pkinit: no
    ipaserver_pkinit_cert_name: pkinit-cert
    ipaserver_pkinit_cert_files:
      - /root/freeipa/certificates/pkinit.p12
    ipaserver_pkinit_pin: SomePKCS12password
  pre_tasks:
    - name: Copy certificates
      copy:
        src: "{{ playbook_dir }}/certificates/{{ item }}/ipaserver/cert.p12"
        dest: "/root/freeipa/certificates/{{ item }}.p12"
        owner: root
        group: root
        mode: "0644"
      with_items:
        - dirsrv
        - httpd
        - pkinit
  roles:
    - role: ipaserver
      state: present