internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity
Files
e2317f304cf3f93eafec33aacad2cf86f4b5581a
ansible-freeipa/roles/ipaserver/vars/Ubuntu-18.04.yml
Thomas Woerner e2317f304c ipaserver: Add support for DNS over TLS 
This change adds support for DNS over TLS to the ipaserver role.

New variables

ipaserver_dot_forwarders
    List of DNS over TLS forwarders. Required if ipaserver_dns_over_tls
    is enabled. (list of strings)
    required: false
ipaserver_dns_over_tls | ipaclient_dns_over_tls
    Configure DNS over TLS. Requires FreeIPA version 4.12.5 or later.
    (bool, default: false)
    required: false
ipaserver_dns_over_tls_cert
    Certificate to use for DNS over TLS. If empty, a new certificate will
    be requested from IPA CA. (string)
    required: false
ipaserver_dns_over_tls_key
    Key for certificate specified in ipaserver_dns_over_tls_cert. (string)
    required: false
ipaserver_dns_policy
    Encrypted DNS policy. Only usable if `ipaserver_dns_over_tls` is
    enabled. (choice: relaxed, enforced, default: relaxed)
    required: false

New distribution specific variable

ipaserver_packages_dot
    List of IPA packages needed for DNS over TLS.
2025-07-21 13:37:50 +02:00

12 lines
472 B
YAML
Raw Blame History

# vars/Ubuntu.yml
---
ipaserver_packages: [ "freeipa-server" ]
ipaserver_packages_dns: [ "freeipa-server-dns" ]
ipaserver_packages_dot: [ ]
ipaserver_packages_adtrust: [ "freeipa-server-trust-ad" ]
ipaserver_packages_firewalld: [ "firewalld" ]
# Ubuntu Bionic Beaver must use python2 as Python interpreter due
# to the way python-ipalib package is defined.
# Package python2.7 must be installed before executing this role.
ansible_python_interpreter: '/usr/bin/python2.7'
Reference in New Issue View Git Blame Copy Permalink