Select Git revision
README-selfservice.md
-
Thomas Woerner authored
There is a new selfservice management module placed in the plugins folder: plugins/modules/ipaselfservice.py The selfservice module allows to ensure presence and absence of selfservices and manage selfservice attributes. Here is the documentation for the module: README-selfservice.md New example playbooks have been added: playbooks/selfservice/selfservice-absent.yml playbooks/selfservice/selfservice-present.yml playbooks/selfservice/selfservice-member-absent.yml playbooks/selfservice/selfservice-member-present.yml New tests for the module: tests/selfservice/test_selfservice.ymlThomas Woerner authoredThere is a new selfservice management module placed in the plugins folder: plugins/modules/ipaselfservice.py The selfservice module allows to ensure presence and absence of selfservices and manage selfservice attributes. Here is the documentation for the module: README-selfservice.md New example playbooks have been added: playbooks/selfservice/selfservice-absent.yml playbooks/selfservice/selfservice-present.yml playbooks/selfservice/selfservice-member-absent.yml playbooks/selfservice/selfservice-member-present.yml New tests for the module: tests/selfservice/test_selfservice.yml
README-selfservice.md 3.17 KiB
Selfservice module
Description
The selfservice module allows to ensure presence, absence of selfservices and selfservice attributes.
Features
- Selfservice management
Supported FreeIPA Versions
FreeIPA versions 4.4.0 and up are supported by the ipaselfservice module.
Requirements
Controller
- Ansible version: 2.8+
Node
- Supported FreeIPA version (see above)
Usage
Example inventory file
[ipaserver]
ipaserver.test.localExample playbook to make sure selfservice "Users can manage their own name details" is present:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: read
attribute:
- title
- initialsExample playbook to make sure selfservice "Users can manage their own name details" is absent:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
state: absentExample playbook to make sure "Users can manage their own name details" member attribute initials is present:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
attribute:
- initials
action: memberExample playbook to make sure "Users can manage their own name details" member attribute initials is absent:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
attribute:
- initials
action: member
state: absentExample playbook to make sure selfservice "Users can manage their own name details" is absent:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
state: absentVariables
ipaselfservice
| Variable | Description | Required |
|---|---|---|
ipaadmin_principal |
The admin principal is a string and defaults to admin
|
no |
ipaadmin_password |
The admin password is a string and is required if there is no admin ticket available on the node | no |
name | aciname
|
The list of selfservice name strings. | yes |
permission | permissions
|
The permission to grant read, read,write, write]. Default is write. |
no |
attribute | attrs
|
The attribute list to which the selfservice applies. | no |
action |
Work on selfservice or member level. It can be on of member or selfservice and defaults to selfservice. |
no |
state |
The state to ensure. It can be one of present, absent, default: present. |
no |
Authors
Thomas Woerner