playbooks/trixie
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use ansible_domain everywhere and bail out if it is empty.

Browse source
This commit is contained in:
Andreas B. Mundt 2019-11-21 15:47:08 +01:00
parent bbcf45bbeb
commit ed8b7a7fa6
12 changed files with 32 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

8
roles/krb5-kdc-ldap/tasks/main.yml
View file

@ -1,6 +1,8 @@
## Install and configure krb5-kdc-ldap (if not done yet),
## run most tasks only on krb5-kdc-ldap installation.
---
- fail: msg="The machine's domain must not be empty."
when: ansible_domain | length == 0
- name: check if slapd is already there
stat: path=/usr/sbin/krb5kdc
@ -135,7 +137,7 @@
-H ldapi:///
create -s -subtrees "{{ basedn }}"
-P "{{ kdc_master_pwd }}"
-r "{{ ldap_domain | upper }}"
-r "{{ ansible_domain | upper }}"
no_log: true
notify: "restart krb5-kdc"
when: not krb5kdc.stat.exists
@ -154,14 +156,14 @@
when: not krb5kdc.stat.exists
- name: create machine principals
command: kadmin.local -q "addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ldap_domain }}"
command: kadmin.local -q "addprinc -randkey {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
with_items:
- host
- ldap
when: not krb5kdc.stat.exists
- name: add principal to the keytab
command: kadmin.local -q "ktadd {{ item }}/{{ ansible_hostname }}.{{ ldap_domain }}"
command: kadmin.local -q "ktadd {{ item }}/{{ ansible_hostname }}.{{ ansible_domain }}"
with_items:
- host
- ldap