internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity
Files
cd440a20498115ca111e9c254496caeeffa79499
ansible-freeipa/roles/ipareplica/vars/RedHat-8.yml
Thomas Woerner cd440a2049 ipareplica: Add support for DNS over TLS 
This change adds support for DNS over TLS to the ipareplica role.

New variables

ipareplica_dot_forwarders
    List of DNS over TLS forwarders. Required if ipareplica_dns_over_tls
    is enabled. (list of strings)
    required: false
ipareplica_dns_over_tls | ipaclient_dns_over_tls
    Configure DNS over TLS. Requires FreeIPA version 4.12.5 or later.
    (bool, default: false)
    required: false
ipareplica_dns_over_tls_cert
    Certificate to use for DNS over TLS. If empty, a new certificate will
    be requested from IPA CA. (string)
    required: false
ipareplica_dns_over_tls_key
    Key for certificate specified in ipareplica_dns_over_tls_cert. (string)
    required: false
ipareplica_dns_policy
    Encrypted DNS policy. Only usable if `ipareplica_dns_over_tls` is
    enabled. (choice: relaxed, enforced, default: relaxed)
    required: false

New distribution specific variable

ipareplica_packages_dot
    List of IPA packages needed for DNS over TLS.
2025-07-21 13:38:36 +02:00

9 lines
270 B
YAML
Raw Blame History

# defaults file for ipareplica
# vars/RedHat-8.yml
---
ipareplica_packages: [ "@idm:DL1/server" ]
ipareplica_packages_dns: [ "@idm:DL1/dns" ]
ipareplica_packages_dot: [ ]
ipareplica_packages_adtrust: [ "@idm:DL1/adtrust" ]
ipareplica_packages_firewalld: [ "firewalld" ]
Reference in New Issue View Git Blame Copy Permalink