Skip to content
Snippets Groups Projects
Commit 3c50a812 authored by Thomas Woerner's avatar Thomas Woerner
Browse files

ipa* deployment roles: Hotfix for dns_over_tls (Freeipa#7343) 

This is a hotfix to allow deployments of clients, replicas and servers
with the dns_over_tls PR for freeipa: https://github.com/freeipa/freeipa/pull/7343/

ipaclient: client.update_ssh_keys has changed parameters,
options.dns_over_tls needs to be set for ipaclient_setup_nss.

ipareplica, ipaserver: Set new parameters globally in module_utils so
far: options.dns_over_tls, options.dns_over_tls_key, options.dns_over_tls_cert,
options.dot_forwarders and options.dns_policy.

The enablement for DNS over TLS for the deployment roles will be done later on.
parent e8688d4c
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
roles/ipaclient/library/ipaclient_setup_nss.py
+ 7
1
View file @ 3c50a812
...@@ -279,6 +279,7 @@ def main(): ...@@ -279,6 +279,7 @@ def main():
options.no_sssd = False options.no_sssd = False
options.sssd = not options.no_sssd options.sssd = not options.no_sssd
options.no_ac = False options.no_ac = False
options.dns_over_tls = False
nosssd_files = module.params.get('nosssd_files') nosssd_files = module.params.get('nosssd_files')
selinux_works = module.params.get('selinux_works') selinux_works = module.params.get('selinux_works')
krb_name = module.params.get('krb_name') krb_name = module.params.get('krb_name')
...@@ -376,6 +377,11 @@ def main(): ...@@ -376,6 +377,11 @@ def main():
ssh_config_dir = paths.SSH_CONFIG_DIR ssh_config_dir = paths.SSH_CONFIG_DIR
else: else:
ssh_config_dir = services.knownservices.sshd.get_config_dir() ssh_config_dir = services.knownservices.sshd.get_config_dir()
argspec_update_ssh_keys = getargspec(update_ssh_keys)
# Hotfix for https://github.com/freeipa/freeipa/pull/7343
if "options" in argspec_update_ssh_keys.args:
update_ssh_keys(hostname, ssh_config_dir, options, cli_server[0])
else:
update_ssh_keys(hostname, ssh_config_dir, options.create_sshfp) update_ssh_keys(hostname, ssh_config_dir, options.create_sshfp)
try: try:
......
roles/ipareplica/module_utils/ansible_ipa_replica.py
+ 7
0
View file @ 3c50a812
...@@ -331,6 +331,13 @@ options.add_agents = False ...@@ -331,6 +331,13 @@ options.add_agents = False
# ServerReplicaInstall # ServerReplicaInstall
options.subject_base = None options.subject_base = None
options.ca_subject = None options.ca_subject = None
# Hotfix for https://github.com/freeipa/freeipa/pull/7343
options.dns_over_tls = False
options.dns_over_tls_key = None
options.dns_over_tls_cert = None
options.dot_forwarders = None
options.dns_policy = None
# pylint: enable=attribute-defined-outside-init # pylint: enable=attribute-defined-outside-init
......
roles/ipaserver/module_utils/ansible_ipa_server.py
+ 7
0
View file @ 3c50a812
...@@ -354,6 +354,13 @@ options.add_agents = False ...@@ -354,6 +354,13 @@ options.add_agents = False
# no_msdcs is deprecated # no_msdcs is deprecated
options.no_msdcs = False options.no_msdcs = False
# Hotfix for https://github.com/freeipa/freeipa/pull/7343
options.dns_over_tls = False
options.dns_over_tls_key = None
options.dns_over_tls_cert = None
options.dot_forwarders = None
options.dns_policy = None
# For pylint # For pylint
options.external_cert_files = None options.external_cert_files = None
options.dirsrv_cert_files = None options.dirsrv_cert_files = None
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment