Personal
/
ansible-deploy-ldap-fusiondirectory
1
0
Fork 1
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
An Ansible Playbook to deploy OpenLDAP and FusionDirectory
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
84KB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
ansible-deploy-ldap-fusiond.../handlers/main.yml

83 lines
2.2KB
Raw Permalink Blame History 

  1. ---

  2. - name: Update CA Certificates

  3.   command: update-ca-certificates

  4. 

  5. - name: Apply olcSSL.ldif

  6.   command: ldapmodify -Y EXTERNAL -H ldapi:/// -f olcSSL.ldif

  7.   args:

  8.     chdir: /etc/ldap/custom_ldifs

  9. 

  10. - name: Restart slapd

  11.   service:

  12.     name: slapd

  13.     state: restarted

  14. 

  15. - name: Apply FusionDirectory Schema

  16.   command: fusiondirectory-insert-schema

  17. 

  18. - name: Apply FusionDirectory Plugins Schema

  19.   command: |

  20.     fusiondirectory-insert-schema \

  21.     -i /etc/ldap/schema/fusiondirectory/{{ item }}.schema

  22.   with_items:

  23.     - dsa-fd-conf

  24.     - service-fd

  25.     - systems-fd-conf

  26.     - systems-fd

  27. 

  28. - name: Initialize FusionDirectory Configuration

  29.   command: |

  30.     ldapadd -x -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -H ldapi:/// -f fd-init-config.ldif

  31.   args:

  32.     chdir: /etc/ldap/custom_ldifs

  33.   no_log: True

  34. 

  35. - name: Migrate Object Classes

  36.   command: |

  37.     ldapmodify -x -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -H ldapi:/// -f fd-migrate-object-classes.ldif

  38.   args:

  39.     chdir: /etc/ldap/custom_ldifs

  40.   no_log: True

  41. 

  42. - name: Generate FusionDirectory SuperUser and OUs

  43.   shell: |

  44.     yes '{{ fd_admin }}' | \

  45.     fusiondirectory-setup --yes --check-ldap

  46. 

  47. - name: Set SuperUser Password

  48.   command: |

  49.     ldappasswd -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -s {{ fd_admin_pass }} uid={{ fd_admin }},ou=people,{{ base_dn }}

  50.   no_log: True

  51. 

  52. - name: Migrate Default ACLs

  53.   command: |

  54.     ldapadd -x -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -H ldapi:/// -f fd-migrate-default-acl.ldif

  55.   args:

  56.     chdir: /etc/ldap/custom_ldifs

  57.   no_log: True

  58. 

  59. - name: Fix FusionDirectory Configuration Permisions

  60.   command: fusiondirectory-setup --yes --check-config

  61. 

  62. - name: Apply Service Accounts ACL

  63.   command: |

  64.     ldapadd -c -Y EXTERNAL -H ldapi:/// -f fd-service_accounts_acl.ldif

  65.   args:

  66.     chdir: /etc/ldap/custom_ldifs

  67. 

  68. - name: Enable the Apache HTTP VirtualHost

  69.   file:

  70.     src: "/etc/apache2/sites-available/{{ domain }}.conf"

  71.     dest: "/etc/apache2/sites-enabled/{{ domain }}.conf"

  72.     state: link

  73. 

  74. - name: Disable the Default Apache VirtualHost

  75.   file:

  76.     path: /etc/apache2/sites-enabled/000-default.conf

  77.     state: absent

  78. 

  79. - name: Restart Apache

  80.   service:

  81.     name: apache2

  82.     state: restarted