mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-06-10 02:35:54 +00:00
f2b4bac386
Ansible best practice is to not use `latest` for the `package` module state. As we want to use it in the case of nss, this change will disable checking for this case.
28 lines
632 B
YAML
28 lines
632 B
YAML
---
|
|
- name: Converge
|
|
hosts: all
|
|
tasks:
|
|
- include_tasks: prepare-common.yml
|
|
|
|
- name: Ensure sudo package is installed
|
|
package:
|
|
name: sudo
|
|
|
|
- name: Ensure nss package is updated
|
|
package:
|
|
name: nss
|
|
state: latest # noqa 403
|
|
|
|
- include_role:
|
|
name: ipaserver
|
|
vars:
|
|
ipaserver_setup_dns: yes
|
|
ipaserver_setup_kra: yes
|
|
ipaserver_auto_forwarders: yes
|
|
ipaserver_no_dnssec_validation: yes
|
|
ipaserver_auto_reverse: yes
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipadm_password: SomeDMpassword
|
|
ipaserver_domain: test.local
|
|
ipaserver_realm: TEST.LOCAL
|