internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity
Files
a4087a755bdf86f267cf4c58b60684205a4ef8ce
ansible-freeipa/roles/ipaserver/defaults/main.yml
Rafael Guterres Jeffman a4087a755b roles/ipaserver: Allow deployments with random serial numbers 
Since FreeIPA version 4.10 it is possible to deploy servers that use
Random Serial Number v3 support for certificates.

This patch exposes the 'random_serial_numbers' parameter, as
'ipaserver_random_serial_numbers', allowing a user to have random serial
numbers enabled for the domain.

The use of random serial numbers is allowed on new installations only.
2023-04-04 10:35:07 -03:00

47 lines
1.1 KiB
YAML
Raw Blame History

---
# defaults file for ipaserver
### basic ###
ipaserver_no_host_dns: no
### server ###
ipaserver_setup_adtrust: no
ipaserver_setup_kra: no
ipaserver_setup_dns: no
ipaserver_no_hbac_allow: no
ipaserver_no_pkinit: no
ipaserver_no_ui_redirect: no
ipaserver_mem_check: yes
ipaserver_random_serial_numbers: true
### ssl certificate ###
### client ###
ipaclient_mkhomedir: no
ipaclient_no_ntp: no
#ipaclient_ssh_trust_dns: no
#ipaclient_no_ssh: no
#ipaclient_no_sshd: no
#ipaclient_no_dns_sshfp: no
### certificate system ###
ipaserver_external_ca: no
### dns ###
ipaserver_allow_zone_overlap: no
ipaserver_no_reverse: no
ipaserver_auto_reverse: no
ipaserver_no_forwarders: no
ipaserver_auto_forwarders: no
ipaserver_no_dnssec_validation: no
### ad trust ###
ipaserver_enable_compat: no
ipaserver_setup_ca: yes
### packages ###
ipaserver_install_packages: yes
### firewalld ###
ipaserver_setup_firewalld: yes
### additional ###
ipaserver_copy_csr_to_controller: no
### uninstall ###
ipaserver_ignore_topology_disconnect: no
ipaserver_ignore_last_of_role: no
ipaserver_remove_from_domain: false
Reference in New Issue View Git Blame Copy Permalink