templates | ||
vars | ||
deploy-ldap-fusiondirectory.yml | ||
LICENSE | ||
README.md |
Deploy OpenLDAP/FusionDirectory using Ansible
These playbooks will deploy an OpenLDAP/FusionDirectory server.
Components:
- OpenLDAP (slapd)
- FusionDirectory
- Apache
- GnuTLS (Internal CA)
Prerequisites
- An Ubuntu 18.04 LXD machine.
- The python-minimal package needs to be present.
- SSH Public key authentication from the Ansible host, to the mailserver.
Clone the repository
Clone the reposiroty:
$ git clone https://git.theo-andreou.org/Personal/ansible-deploy-ldap-fusiondirectory.git
$ cd ansible-deploy-ldap-fusiondirectory
Create the vars files
Create the vars/all.yml file
- Create a vars/all.yml file with similar content (you can use vars/all.yml.example as reference):
domain: example.org
organization: Example LTD
description: example
base_dn: dc=example,dc=org
locality: Limassol
state: Limassol
country: CY
allowed_ips:
- 192.168.0.0/24
- 10.0.0.0/24
language: en_US
timezone: Asia/Nicosia
Create the vars/secrets.yml filr
- Create an encrypted vars/secrets.yml file:
$ ansible-vault create vars/secrets.yml
Use a master password for the file above.
- Create this content:
ldap_admin_dn: cn=admin,dc=example,dc=org
ldap_admin_pass: MySecretLDAPCombination
fd_admin: fdadmin
fd_admin_pass: MySecretFDCombination
Deploy LDAP and FusionDirectory
When done with the configuration run this command (provide your master password):
$ ansible-playbook --vault-id @prompt deploy_fusiondirectory.yml
When done visit http://auth.example.org to login for the first time. I suggest you enable HTTPS before doing that.
References
- https://docs.ansible.com/ansible/latest/modules/debconf_module.html
- https://unix.stackexchange.com/questions/126136/how-to-check-debconf-selections-of-a-non-installed-package
- https://serverfault.com/questions/679693/how-do-i-make-ansible-actually-compile-a-config-file-having-changed-my-debconf-s
- https://docs.ansible.com/ansible/latest/modules/template_module.html