Personal
/
ansible-deploy-ldap-fusiondirectory
1
0
Bifurcation 1
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
An Ansible Playbook to deploy OpenLDAP and FusionDirectory
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
2 Révisions
1 Branche
84KB
Aborescence: 5929ba8b80
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de '5929ba8b80'
${ noResults }
ansible-deploy-ldap-fusiond.../handlers/main.yml

83 lignes
2.2KB
Brut Annotations Historique 

  1. ---

  2. - name: Update CA Certificates

  3.   command: update-ca-certificates

  4. 

  5. - name: Apply olcSSL.ldif

  6.   command: ldapmodify -Y EXTERNAL -H ldapi:/// -f olcSSL.ldif

  7.   args:

  8.     chdir: /etc/ldap/custom_ldifs

  9. 

  10. - name: Restart slapd

  11.   service:

  12.     name: slapd

  13.     state: restarted

  14. 

  15. - name: Apply FusionDirectory Schema

  16.   command: fusiondirectory-insert-schema

  17. 

  18. - name: Apply FusionDirectory Plugins Schema

  19.   command: |

  20.     fusiondirectory-insert-schema \

  21.     -i /etc/ldap/schema/fusiondirectory/{{ item }}.schema

  22.   with_items:

  23.     - dsa-fd-conf

  24.     - service-fd

  25.     - systems-fd-conf

  26.     - systems-fd

  27. 

  28. - name: Initialize FusionDirectory Configuration

  29.   command: |

  30.     ldapadd -x -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -H ldapi:/// -f fd-init-config.ldif

  31.   args:

  32.     chdir: /etc/ldap/custom_ldifs

  33.   no_log: True

  34. 

  35. - name: Migrate Object Classes

  36.   command: |

  37.     ldapmodify -x -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -H ldapi:/// -f fd-migrate-object-classes.ldif

  38.   args:

  39.     chdir: /etc/ldap/custom_ldifs

  40.   no_log: True

  41. 

  42. - name: Generate FusionDirectory SuperUser and OUs

  43.   shell: |

  44.     yes '{{ fd_admin }}' | \

  45.     fusiondirectory-setup --yes --check-ldap

  46. 

  47. - name: Set SuperUser Password

  48.   command: |

  49.     ldappasswd -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -s {{ fd_admin_pass }} uid={{ fd_admin }},ou=people,{{ base_dn }}

  50.   no_log: True

  51. 

  52. - name: Migrate Default ACLs

  53.   command: |

  54.     ldapadd -x -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -H ldapi:/// -f fd-migrate-default-acl.ldif

  55.   args:

  56.     chdir: /etc/ldap/custom_ldifs

  57.   no_log: True

  58. 

  59. - name: Fix FusionDirectory Configuration Permisions

  60.   command: fusiondirectory-setup --yes --check-config

  61. 

  62. - name: Apply Service Accounts ACL

  63.   command: |

  64.     ldapadd -c -Y EXTERNAL -H ldapi:/// -f fd-service_accounts_acl.ldif

  65.   args:

  66.     chdir: /etc/ldap/custom_ldifs

  67. 

  68. - name: Enable the Apache HTTP VirtualHost

  69.   file:

  70.     src: "/etc/apache2/sites-available/{{ domain }}.conf"

  71.     dest: "/etc/apache2/sites-enabled/{{ domain }}.conf"

  72.     state: link

  73. 

  74. - name: Disable the Default Apache VirtualHost

  75.   file:

  76.     path: /etc/apache2/sites-enabled/000-default.conf

  77.     state: absent

  78. 

  79. - name: Restart Apache

  80.   service:

  81.     name: apache2

  82.     state: restarted