ansible-freeipa/roles/ipaserver/defaults/main.yml

---
# defaults file for ipaserver

### basic ###
ipaserver_no_host_dns: no
### server ###
ipaserver_setup_adtrust: no
ipaserver_setup_kra: no
ipaserver_setup_dns: no
ipaserver_no_hbac_allow: no
ipaserver_no_pkinit: no
ipaserver_no_ui_redirect: no
ipaserver_mem_check: yes
### ssl certificate ###
### client ###
ipaclient_mkhomedir: no
ipaclient_no_ntp: no
#ipaclient_ssh_trust_dns: no
#ipaclient_no_ssh: no
#ipaclient_no_sshd: no
#ipaclient_no_dns_sshfp: no
### certificate system ###
ipaserver_external_ca: no
### dns ###
ipaserver_allow_zone_overlap: no
ipaserver_no_reverse: no
ipaserver_auto_reverse: no
ipaserver_no_forwarders: no
ipaserver_auto_forwarders: no
ipaserver_no_dnssec_validation: no
### ad trust ###
ipaserver_enable_compat: no
ipaserver_setup_ca: yes
### packages ###
ipaserver_install_packages: yes
### firewalld ###
ipaserver_setup_firewalld: yes

### additional ###
ipaserver_copy_csr_to_controller: no

### uninstall ###
ipaserver_ignore_topology_disconnect: no
ipaserver_ignore_last_of_role: no
ipaserver_remove_from_domain: false