ldapauth changes
This commit is contained in:
parent
1bf036f6c1
commit
a56dd65e0d
13
roles/ldapauth/files/ldap.conf
Normal file
13
roles/ldapauth/files/ldap.conf
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
#
|
||||||
|
# LDAP Defaults
|
||||||
|
#
|
||||||
|
|
||||||
|
# See ldap.conf(5) for details
|
||||||
|
# This file should be world readable but not world writable.
|
||||||
|
|
||||||
|
BASE dc=lovelynet,dc=net
|
||||||
|
URI ldap://ipa.lovelynet.net
|
||||||
|
|
||||||
|
#SIZELIMIT 12
|
||||||
|
#TIMELIMIT 15
|
||||||
|
#DEREF never
|
||||||
35
roles/ldapauth/tasks/install.yml
Normal file
35
roles/ldapauth/tasks/install.yml
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
---
|
||||||
|
- name: Openldap is installed and up to date (rhel)
|
||||||
|
ansible.builtin.yum:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: latest
|
||||||
|
loop:
|
||||||
|
- openldap
|
||||||
|
- openldap-clients
|
||||||
|
- nss-pam-ldapd
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
|
when: ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'AlmaLinux'
|
||||||
|
|
||||||
|
- name: Openldap is installed and up to date (debian)
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: present
|
||||||
|
update_cache: true
|
||||||
|
loop:
|
||||||
|
- openldap
|
||||||
|
- nss-pam-ldapd
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
|
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
|
||||||
|
|
||||||
|
- name: Openldap is installed and up to date (arch)
|
||||||
|
community.general.pacman:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: present
|
||||||
|
loop:
|
||||||
|
- openldap
|
||||||
|
- nss-pam-ldapd
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
|
when: ansible_distribution == 'Archlinux'
|
||||||
28
roles/ldapauth/tasks/main.yml
Normal file
28
roles/ldapauth/tasks/main.yml
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Install openldap
|
||||||
|
ansible.builtin.include_tasks:
|
||||||
|
file: install.yml
|
||||||
|
apply:
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
|
|
||||||
|
- name: Copy config file
|
||||||
|
ansible.builtin.include_tasks:
|
||||||
|
file: sync_conf.yml
|
||||||
|
apply:
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
|
|
||||||
|
- name: Modify nsswitch conf
|
||||||
|
ansible.builtin.include_tasks:
|
||||||
|
file: update_nss.yml
|
||||||
|
apply:
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
7
roles/ldapauth/tasks/sync_conf.yml
Normal file
7
roles/ldapauth/tasks/sync_conf.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- name: Copy over ldap conf
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: ldap.conf
|
||||||
|
dest: /etc/openldap/ldap.conf
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
7
roles/ldapauth/tasks/sync_conf.yml.bak
Normal file
7
roles/ldapauth/tasks/sync_conf.yml.bak
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
- name: fuck
|
||||||
|
ansible.builtin.file:
|
||||||
|
- src: ldap.conf
|
||||||
|
- dst: /etc/openldap/ldap.conf
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
12
roles/ldapauth/tasks/update_nss.yml
Normal file
12
roles/ldapauth/tasks/update_nss.yml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
---
|
||||||
|
- name: Update NSSWITCH
|
||||||
|
ansible.builtin.shell:
|
||||||
|
cmd: grep '^{{ item }}.*ldap' /etc/nsswitch.conf && exit 0 || sed -i '/{{ item }}/ s/$/ ldap/' /etc/nsswitch.conf
|
||||||
|
register: nssdata
|
||||||
|
tags:
|
||||||
|
- setup
|
||||||
|
loop:
|
||||||
|
- passwd
|
||||||
|
- shadow
|
||||||
|
- group
|
||||||
|
changed_when: "nssdata.stdout_lines|length == 0"
|
||||||
Loading…
x
Reference in New Issue
Block a user