Personal
/
ansible-deploy-ldap-fusiondirectory
1
0
Fork 1
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
An Ansible Playbook to deploy OpenLDAP and FusionDirectory
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
84KB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
ansible-deploy-ldap-fusiond.../README.md

README.md 2.3KB
Raw Permalink Normal View History

Initial Commit
5 years ago
role instead of playbook
5 years ago
Initial Commit
5 years ago
role instead of playbook
5 years ago
Initial Commit
5 years ago
role instead of playbook
5 years ago
Initial Commit
5 years ago
role instead of playbook
5 years ago
Initial Commit
5 years ago
role instead of playbook
5 years ago
Initial Commit
5 years ago
 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697 
  1. # Deploy OpenLDAP/FusionDirectory using Ansible

  2. 

  3. These Role will deploy an OpenLDAP/FusionDirectory server.

  4. 

  5. Components:

  6. * OpenLDAP (slapd)

  7. * FusionDirectory

  8. * Apache

  9. * GnuTLS (Internal CA)

  10. 

  11. ## Prerequisites

  12. 

  13. * An Ubuntu 18.04 LXD machine.

  14. * The *python-minimal* package needs to be present.

  15. * SSH Public key authentication from the Ansible host, to the mailserver.

  16. 

  17. ## Clone the repository

  18. 

  19. Clone the repository:

  20. 

  21. ```

  22. $ git clone https://git.theo-andreou.org/Personal/ansible-deploy-ldap-fusiondirectory.git

  23. $ cd ansible-deploy-ldap-fusiondirectory

  24. ```

  25. 

  26. ## Create the vars files

  27. 

  28. ### Create the vars/all.yml file

  29. 

  30. * Create a *vars/all.yml* file with similar content (you can use *vars/all.yml.example* as reference):

  31. 

  32. ```

  33. domain: example.org

  34. organization: Example LTD

  35. description: example

  36. base_dn: dc=example,dc=org

  37. locality: Limassol

  38. state: Limassol

  39. country: CY

  40. allowed_ips:

  41.   - 192.168.0.0/24

  42.   - 10.0.0.0/24

  43. language: en_US

  44. timezone: Asia/Nicosia

  45. ```

  46. 

  47. ### Create the vars/secrets.yml filr

  48. 

  49. * Create an encrypted *vars/secrets.yml* file:

  50. 

  51. ```

  52. $ ansible-vault create vars/secrets.yml

  53. ```

  54. 

  55. Use a master password for the file above.

  56. 

  57. * Create this content:

  58. 

  59. ```

  60. ldap_admin_dn: cn=admin,dc=example,dc=org

  61. ldap_admin_pass: MySecretLDAPCombination

  62. fd_admin: fdadmin

  63. fd_admin_pass: MySecretFDCombination

  64. ```

  65. 

  66. * Create a playbook to call this role (fusiondirectory.yml):

  67. ```

  68. - hosts: all

  69.   become: yes

  70.   gather_facts: false

  71.   vars:

  72.     - ansible_user: "ubuntu"

  73.   pre_tasks:

  74.     - name: install python 2

  75.       raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)

  76.       changed_when: False

  77.   roles:

  78.     - ansible-deploy-ldap-fusiondirectory

  79. ```

  80. 

  81. 

  82. ## Deploy LDAP and FusionDirectory

  83. 

  84. When done with the configuration run this command (provide your master password):

  85. 

  86. ```

  87. $ ansible-playbook --vault-id @prompt fusiondirectory.yml

  88. ```

  89. 

  90. When done visit http://auth.example.org to login for the first time. I suggest you enable HTTPS before doing that.

  91. 

  92. References

  93. ----------

  94. * https://docs.ansible.com/ansible/latest/modules/debconf_module.html

  95. * https://unix.stackexchange.com/questions/126136/how-to-check-debconf-selections-of-a-non-installed-package

  96. * https://serverfault.com/questions/679693/how-do-i-make-ansible-actually-compile-a-config-file-having-changed-my-debconf-s

  97. * https://docs.ansible.com/ansible/latest/modules/template_module.html