jmgarcialdemoral
/
ansible-deploy-ldap-fusiondirectory
forkattu lähteestä Personal/ansible-deploy-ldap-fusiondirectory
1
0
Fork 0
Koodi Ongelmat Pull-pyynnöt Julkaisut Wiki Toiminta
ansible-deploy-ldap-fusiond.../handlers/main.yml

83 rivejä
2.2 KiB
YAML
Raaka Selitys Historia

---
- name: Update CA Certificates
command: update-ca-certificates
- name: Apply olcSSL.ldif
command: ldapmodify -Y EXTERNAL -H ldapi:/// -f olcSSL.ldif
args:
chdir: /etc/ldap/custom_ldifs
- name: Restart slapd
service:
name: slapd
state: restarted
- name: Apply FusionDirectory Schema
command: fusiondirectory-insert-schema
- name: Apply FusionDirectory Plugins Schema
command: |
fusiondirectory-insert-schema \
-i /etc/ldap/schema/fusiondirectory/{{ item }}.schema
with_items:
- dsa-fd-conf
- service-fd
- systems-fd-conf
- systems-fd
- name: Initialize FusionDirectory Configuration
command: |
ldapadd -x -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -H ldapi:/// -f fd-init-config.ldif
args:
chdir: /etc/ldap/custom_ldifs
no_log: True
- name: Migrate Object Classes
command: |
ldapmodify -x -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -H ldapi:/// -f fd-migrate-object-classes.ldif
args:
chdir: /etc/ldap/custom_ldifs
no_log: True
- name: Generate FusionDirectory SuperUser and OUs
shell: |
yes '{{ fd_admin }}' | \
fusiondirectory-setup --yes --check-ldap
- name: Set SuperUser Password
command: |
ldappasswd -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -s {{ fd_admin_pass }} uid={{ fd_admin }},ou=people,{{ base_dn }}
no_log: True
- name: Migrate Default ACLs
command: |
ldapadd -x -D {{ ldap_admin_dn }} -w {{ ldap_admin_pass }} -H ldapi:/// -f fd-migrate-default-acl.ldif
args:
chdir: /etc/ldap/custom_ldifs
no_log: True
- name: Fix FusionDirectory Configuration Permisions
command: fusiondirectory-setup --yes --check-config
- name: Apply Service Accounts ACL
command: |
ldapadd -c -Y EXTERNAL -H ldapi:/// -f fd-service_accounts_acl.ldif
args:
chdir: /etc/ldap/custom_ldifs
- name: Enable the Apache HTTP VirtualHost
file:
src: "/etc/apache2/sites-available/{{ domain }}.conf"
dest: "/etc/apache2/sites-enabled/{{ domain }}.conf"
state: link
- name: Disable the Default Apache VirtualHost
file:
path: /etc/apache2/sites-enabled/000-default.conf
state: absent
- name: Restart Apache
service:
name: apache2
state: restarted
Viittaa uudesa ongelmassa View Git Blame Copy Permalink