jmgarcialdemoral
/
ansible-deploy-ldap-fusiondirectory
forked from Personal/ansible-deploy-ldap-fusiondirectory
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
An Ansible Playbook to deploy OpenLDAP and FusionDirectory
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
2 Branches
112KB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
ansible-deploy-ldap-fusiond.../README.md

README.md 2.0KB
Raw Permalink Normal View History

Initial Commit
6 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 
  1. # Deploy OpenLDAP/FusionDirectory using Ansible

  2. 

  3. These playbooks will deploy an OpenLDAP/FusionDirectory server.

  4. 

  5. Components:

  6. * OpenLDAP (slapd)

  7. * FusionDirectory

  8. * Apache

  9. * GnuTLS (Internal CA)

  10. 

  11. ## Prerequisites

  12. 

  13. * An Ubuntu 18.04 LXD machine.

  14. * The *python-minimal* package needs to be present.

  15. * SSH Public key authentication from the Ansible host, to the mailserver.

  16. 

  17. ## Clone the repository

  18. 

  19. Clone the reposiroty:

  20. 

  21. ```

  22. $ git clone https://git.theo-andreou.org/Personal/ansible-deploy-ldap-fusiondirectory.git

  23. $ cd ansible-deploy-ldap-fusiondirectory

  24. ```

  25. 

  26. ## Create the vars files

  27. 

  28. ### Create the vars/all.yml file

  29. 

  30. * Create a *vars/all.yml* file with similar content (you can use *vars/all.yml.example* as reference):

  31. 

  32. ```

  33. domain: example.org

  34. organization: Example LTD

  35. description: example

  36. base_dn: dc=example,dc=org

  37. locality: Limassol

  38. state: Limassol

  39. country: CY

  40. allowed_ips:

  41.   - 192.168.0.0/24

  42.   - 10.0.0.0/24

  43. language: en_US

  44. timezone: Asia/Nicosia

  45. ```

  46. 

  47. ### Create the vars/secrets.yml filr

  48. 

  49. * Create an encrypted *vars/secrets.yml* file:

  50. 

  51. ```

  52. $ ansible-vault create vars/secrets.yml 

  53. ```

  54. 

  55. Use a master password for the file above.

  56. 

  57. * Create this content:

  58. 

  59. ```

  60. ldap_admin_dn: cn=admin,dc=example,dc=org

  61. ldap_admin_pass: MySecretLDAPCombination

  62. fd_admin: fdadmin

  63. fd_admin_pass: MySecretFDCombination

  64. ```

  65. 

  66. ## Deploy LDAP and FusionDirectory

  67. 

  68. When done with the configuration run this command (provide your master password):

  69. 

  70. ```

  71. $ ansible-playbook --vault-id @prompt deploy_fusiondirectory.yml

  72. ```

  73. 

  74. When done visit http://auth.example.org to login for the first time. I suggest you enable HTTPS before doing that.

  75. 

  76. References

  77. ----------

  78. * https://docs.ansible.com/ansible/latest/modules/debconf_module.html

  79. * https://unix.stackexchange.com/questions/126136/how-to-check-debconf-selections-of-a-non-installed-package

  80. * https://serverfault.com/questions/679693/how-do-i-make-ansible-actually-compile-a-config-file-having-changed-my-debconf-s

  81. * https://docs.ansible.com/ansible/latest/modules/template_module.html