From 4228ae7d807662fe7ae2db4a36e11200d6cf8f40 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Mon, 29 Jan 2018 17:22:46 +0100
Subject: [PATCH] ipaserver: Drop unused test file install_cache
---
roles/ipaserver/tasks/install_cache.yml | 566 ------------------------
1 file changed, 566 deletions(-)
delete mode 100644 roles/ipaserver/tasks/install_cache.yml
diff --git a/roles/ipaserver/tasks/install_cache.yml b/roles/ipaserver/tasks/install_cache.yml
deleted file mode 100644
index 4e5eb6bb..00000000
--- a/roles/ipaserver/tasks/install_cache.yml
+++ /dev/null
@@ -1,566 +0,0 @@
----
-# tasks file for ipaserver
-
-- name: Install - Install IPA server package
- package:
- name: "{{ item }}"
- state: present
- with_items: "{{ ipaserver_packages }}"
-
-- name: Install - Install packages for dns
- package:
- name: "{{ item }}"
- state: present
- with_items: "{{ ipaserver_packages_dns }}"
- when: ipaserver_setup_dns | bool
-
-- name: Install - Install packages for adtrust
- package:
- name: "{{ item }}"
- state: present
- with_items: "{{ ipaserver_packages_adtrust }}"
- when: ipaserver_setup_adtrust | bool
-
-- name: Install - Include Python2/3 import test
- include: "{{role_path}}/tasks/python_2_3_test.yml"
- static: yes
-
-- name: Install - Server load cache
- ipaserver_load_cache:
- dm_password: "{{ ipaserver_dm_password }}"
- register: ipaserver_cache
-
-- name: Install - Server apply cache
- set_fact:
- ### basic ###
- ipaserver_master_password: "{{ ipaserver_cache.master_password | default(omit) }}"
- ipaserver_password: "{{ ipaserver_cache.admin_password | default(omit) }}"
- ipaserver_ip_addresses: "{{ ipaserver_cache.ip_addresses | default(omit) }}"
- ipaserver_domain: "{{ ipaserver_cache.domain_name | default(omit) }}"
- ipaserver_realm: "{{ ipaserver_cache.realm_name | default(omit) }}"
- ipaserver_hostname: "{{ ipaserver_cache.host_name | default(omit) }}"
- ipaserver_ca_cert_files: "{{ ipaserver_cache.ca_cert_files | default(omit) }}"
- ipaserver_no_host_dns: "{{ ipaserver_cache.no_host_dns | default(omit) }}"
- ### server ###
- ipaserver_setup_adtrust: "{{ ipaserver_cache.setup_adtrust | default(omit) }}"
- ipaserver_setup_kra: "{{ ipaserver_cache.setup_kra | default(omit) }}"
- ipaserver_setup_dns: "{{ ipaserver_cache.setup_dns | default(omit) }}"
- ipaserver_idstart: "{{ ipaserver_cache.idstart | default(omit) }}"
- ipaserver_idmax: "{{ ipaserver_cache.idmax | default(omit) }}"
- ipaserver_no_hbac_allow: "{{ ipaserver_cache.no_hbac_allow | default(omit) }}"
- ipaserver_no_pkinit: "{{ ipaserver_cache.no_pkinit | default(omit) }}"
- ipaserver_no_ui_redirect: "{{ ipaserver_cache.no_ui_redirect | default(omit) }}"
- ipaserver_dirsrv_config_file: "{{ ipaserver_cache.dirsrv_config_file | default(omit) }}"
- ### ssl certificate ###
- ipaserver_dirsrv_cert_files: "{{ ipaserver_cache.dirsrv_cert_files | default(omit) }}"
- ipaserver_http_cert_files: "{{ ipaserver_cache.http_cert_files | default(omit) }}"
- ipaserver_pkinit_cert_files: "{{ ipaserver_cache.pkinit_cert_files | default(omit) }}"
- ipaserver_dirsrv_pin: "{{ ipaserver_cache.dirsrv_pin | default(omit) }}"
- ipaserver_http_pin: "{{ ipaserver_cache.http_pin | default(omit) }}"
- ipaserver_pkinit_pin: "{{ ipaserver_cache.pkinit_pin | default(omit) }}"
- ipaserver_dirsrv_name: "{{ ipaserver_cache.dirsrv_name | default(omit) }}"
- ipaserver_http_name: "{{ ipaserver_cache.http_name | default(omit) }}"
- ipaserver_pkinit_name: "{{ ipaserver_cache.pkinit_name | default(omit) }}"
- ### client ###
- ipaserver_mkhomedir: "{{ ipaserver_cache.mkhomedir | default(omit) }}"
- ipaserver_no_ntp: "{{ ipaserver_cache.no_ntp | default(omit) }}"
- ipaserver_ssh_trust_dns: "{{ ipaserver_cache.ssh_trust_dns | default(omit) }}"
- ipaserver_no_ssh: "{{ ipaserver_cache.no_ssh | default(omit) }}"
- ipaserver_no_sshd: "{{ ipaserver_cache.no_sshd | default(omit) }}"
- ipaserver_no_dns_sshfp: "{{ ipaserver_cache.no_dns_sshfp | default(omit) }}"
- ### certificate system ###
- ipaserver_external_ca: "{{ ipaserver_cache.external_ca | default(omit) }}"
- ipaserver_external_ca_type: "{{ ipaserver_cache.external_ca_type | default(omit) }}"
- ipaserver_external_cert_files: "{{ ipaserver_cache.external_cert_files | default(omit) }}"
- ipaserver_subject_base: "{{ ipaserver_cache.subject_base | default(omit) }}"
- ipaserver_ca_subject: "{{ ipaserver_cache.ca_subject | default(omit) }}"
- ipaserver_ca_signing_algorithm: "{{ ipaserver_cache.ca_signing_algorithm | default(omit) }}"
- ### dns ###
- ipaserver_allow_zone_overlap: "{{ ipaserver_cache.allow_zone_overlap | default(omit) }}"
- ipaserver_reverse_zones: "{{ ipaserver_cache.reverse_zones | default(omit) }}"
- ipaserver_no_reverse: "{{ ipaserver_cache.no_reverse | default(omit) }}"
- ipaserver_auto_reverse: "{{ ipaserver_cache.auto_reverse | default(omit) }}"
- ipaserver_zonemgr: "{{ ipaserver_cache.zonemgr | default(omit) }}"
- ipaserver_forwarders: "{{ ipaserver_cache.forwarders | default(omit) }}"
- ipaserver_no_forwarders: "{{ ipaserver_cache.no_forwarders | default(omit) }}"
- ipaserver_auto_forwarders: "{{ ipaserver_cache.auto_forwarders | default(omit) }}"
- ipaserver_forward_policy: "{{ ipaserver_cache.forward_policy | default(omit) }}"
- ipaserver_no_dnssec_validation: "{{ ipaserver_cache.no_dnssec_validation | default(omit) }}"
- ### ad trust ###
- ipaserver_enable_compat: "{{ ipaserver_cache.enable_compat | default(omit) }}"
- ipaserver_netbios_name: "{{ ipaserver_cache.netbios_name | default(omit) }}"
- ipaserver_rid_base: "{{ ipaserver_cache.rid_base | default(omit) }}"
- ipaserver_secondary_rid_base: "{{ ipaserver_cache.secondary_rid_base | default(omit) }}"
- ### additional ###
- ipaserver_allow_repair: "{{ ipaserver_cache.allow_repair | default(omit) }}"
- ipaserver_domainlevel: "{{ ipaserver_cache.domainlevel | default(omit) }}"
- ipaserver__subject_base: "{{ ipaserver_cache._subject_base | default(omit) }}"
- ipaserver__ca_subject: "{{ ipaserver_cache._ca_subject | default(omit) }}"
- ipaserver__hostname_overridden: "{{ ipaserver_cache._hostname_overridden | default(omit) }}"
- ipaserver_setup_ca: "{{ ipaserver_cache.setup_ca | default(omit) }}"
- ipaserver__installation_cleanup: "{{ ipaserver_cache._installation_cleanup | default(omit) }}"
- ipaserver__dirsrv_pkcs12_file: "{{ ipaserver_cache._dirsrv_pkcs12_file | default(omit) }}"
- ipaserver__dirsrv_pkcs12_info: "{{ ipaserver_cache._dirsrv_pkcs12_info | default(omit) }}"
- ipaserver__dirsrv_ca_cert: "{{ ipaserver_cache._dirsrv_ca_cert | default(omit) }}"
- ipaserver__http_pkcs12_file: "{{ ipaserver_cache._http_pkcs12_file | default(omit) }}"
- ipaserver__http_pkcs12_info: "{{ ipaserver_cache._http_pkcs12_info | default(omit) }}"
- ipaserver__http_ca_cert: "{{ ipaserver_cache._http_ca_cert | default(omit) }}"
- ipaserver__pkinit_pkcs12_file: "{{ ipaserver_cache._pkinit_pkcs12_file | default(omit) }}"
- ipaserver__pkinit_pkcs12_info: "{{ ipaserver_cache._pkinit_pkcs12_info | default(omit) }}"
- ipaserver__pkinit_ca_cert: "{{ ipaserver_cache._pkinit_ca_cert | default(omit) }}"
- when: ipaserver_cache.changed
-
-- name: Install - Server installation test
- ipaserver_test:
- ### basic ###
- dm_password: "{{ ipaserver_dm_password }}"
- password: "{{ ipaserver_password }}"
- master_password: "{{ ipaserver_master_password | default(omit) }}"
- ip_addresses: "{{ ipaserver_ip_addresses | default([]) }}"
- domain: "{{ ipaserver_domain | default(omit) }}"
- realm: "{{ ipaserver_realm | default(omit) }}"
- hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
- ca_cert_files: "{{ ipaserver_ca_cert_files | default(omit) }}"
- # no_host_dns: "{{ ipaserver_no_host_dns }}"
- ### server ###
- setup_adtrust: "{{ ipaserver_setup_adtrust }}"
- setup_kra: "{{ ipaserver_setup_kra }}"
- setup_dns: "{{ ipaserver_setup_dns }}"
- idstart: "{{ ipaserver_idstart | default(omit) }}"
- idmax: "{{ ipaserver_idmax | default(omit) }}"
- # no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
- no_pkinit: "{{ ipaserver_no_pkinit }}"
- # no_ui_redirect: "{{ ipaserver_no_ui_redirect }}"
- dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
- ### ssl certificate ###
- dirsrv_cert_files: "{{ ipaserver_dirsrv_cert_files | default([]) }}"
- http_cert_files: "{{ ipaserver_http_cert_files | default([]) }}"
- pkinit_cert_files: "{{ ipaserver_pkinit_cert_files | default([]) }}"
- # dirsrv_pin
- # http_pin
- # pkinit_pin
- # dirsrv_name
- # http_name
- # pkinit_name
- ### client ###
- # mkhomedir
- no_ntp: "{{ ipaserver_no_ntp }}"
- # ssh_trust_dns
- # no_ssh
- # no_sshd
- # no_dns_sshfp
- ### certificate system ###
- external_ca: "{{ ipaserver_external_ca }}"
- external_ca_type: "{{ ipaserver_external_ca_type | default(omit) }}"
- external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
- subject_base: "{{ ipaserver_subject_base | default(omit) }}"
- ca_subject: "{{ ipaserver_ca_subject | default(omit) }}"
- # ca_signing_algorithm
- ### dns ###
- allow_zone_overlap: "{{ ipaserver_allow_zone_overlap }}"
- reverse_zones: "{{ ipaserver_reverse_zones | default([]) }}"
- no_reverse: "{{ ipaserver_no_reverse }}"
- auto_reverse: "{{ ipaserver_auto_reverse }}"
- zonemgr: "{{ ipaserver_zonemgr | default(omit) }}"
- forwarders: "{{ ipaserver_forwarders | default([]) }}"
- no_forwarders: "{{ ipaserver_no_forwarders }}"
- auto_forwarders: "{{ ipaserver_auto_forwarders }}"
- forward_policy: "{{ ipaserver_forward_policy | default(omit) }}"
- no_dnssec_validation: "{{ ipaserver_no_dnssec_validation }}"
- ### ad trust ###
- enable_compat: "{{ ipaserver_enable_compat }}"
- netbios_name: "{{ ipaserver_netbios_name | default(omit) }}"
- rid_base: "{{ ipaserver_rid_base | default(omit) }}"
- secondary_rid_base: "{{ ipaserver_secondary_rid_base | default(omit) }}"
-
- ### additional ###
- allow_repair: "{{ ipaserver_allow_repair }}"
- register: ipaserver_test
-
-#- name: Install - Server apply test results
-# set_fact:
-# #ipaserver_setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
-# #ipaserver_setup_kra: "{{ ipaserver_test.setup_kra }}"
-# #ipaserver_setup_ca: "{{ ipaserver_test.setup_ca }}"
-# #ipaserver_reverse_zones: "{{ ipaserver_test.reverse_zones }}"
-# #ipaserver_forwarders: "{{ ipaserver_test.forwarders }}"
-# #ipaserver_subject_base: "{{ ipaserver_test.subject_base }}"
-# #ipaserver_ca_subject: "{{ ipaserver_test.ca_subject }}"
-# #ipaserver__subject_base: "{{ ipaserver_test._subject_base }}"
-# #ipaserver__ca_subject: "{{ ipaserver_test._ca_subject }}"
-# #ipaserver__hostname_overridden: "{{ ipaserver_test._hostname_overridden }}"
-# #ipaserver__installation_cleanup: "{{ ipaserver_test._installation_cleanup }}"
-# #ipaserver__dirsrv_pkcs12_file: "{{ ipaserver_test._dirsrv_pkcs12_file }}"
-# #ipaserver__dirsrv_pkcs12_info: "{{ ipaserver_test._dirsrv_pkcs12_info }}"
-# #ipaserver__dirsrv_ca_cert: "{{ ipaserver_test._dirsrv_ca_cert }}"
-# #ipaserver__http_pkcs12_file: "{{ ipaserver_test._http_pkcs12_file }}"
-# #ipaserver__http_pkcs12_info: "{{ ipaserver_test._http_pkcs12_info }}"
-# #ipaserver__http_ca_cert: "{{ ipaserver_test._http_ca_cert }}"
-# #ipaserver__pkinit_pkcs12_file: "{{ ipaserver_test._pkinit_pkcs12_file }}"
-# #ipaserver__pkinit_pkcs12_info: "{{ ipaserver_test._pkinit_pkcs12_info }}"
-# #ipaserver__pkinit_ca_cert: "{{ ipaserver_test._pkinit_ca_cert }}"
-# when: ipaserver_test.changed
-
-- block:
-
- - block:
- - name: Install - Master password creation
- no_log: yes
- ipaserver_master_password:
- dm_password: "{{ ipaserver_dm_password }}"
- master_password: "{{ ipaserver_master_password | default(omit) }}"
- register: ipaserver_master_password
-
- - name: Install - Use new master password
- no_log: yes
- set_fact:
- ipaserver_master_password: "{{ ipaserver_master_password.value }}"
-
- when: ipaserver_master_password is undefined
-
- - name: Install - Server preparation
- ipaserver_prepare:
- ### basic ###
- dm_password: "{{ ipaserver_dm_password }}"
- password: "{{ ipaserver_password }}"
- # master_password
- #ip_addresses: "{{ ipaserver_ip_addresses | default([]) }}"
- domain: "{{ ipaserver_domain | default(omit) }}"
- realm: "{{ ipaserver_realm | default(omit) }}"
- hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
- ca_cert_files: "{{ ipaserver_ca_cert_files | default(omit) }}"
- # no_host_dns: "{{ ipaserver_no_host_dns }}"
- ### server ###
- setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
- setup_kra: "{{ ipaserver_test.setup_kra }}"
- setup_dns: "{{ ipaserver_setup_dns }}"
- idstart: "{{ ipaserver_idstart | default(omit) }}"
- idmax: "{{ ipaserver_idmax | default(omit) }}"
- # no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
- no_pkinit: "{{ ipaserver_no_pkinit }}"
- # no_ui_redirect: "{{ ipaserver_no_ui_redirect }}"
- dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
- ### ssl certificate ###
- dirsrv_cert_files: "{{ ipaserver_dirsrv_cert_files | default([]) }}"
- http_cert_files: "{{ ipaserver_http_cert_files | default([]) }}"
- pkinit_cert_files: "{{ ipaserver_pkinit_cert_files | default([]) }}"
- # dirsrv_pin
- # http_pin
- # pkinit_pin
- # dirsrv_name
- # http_name
- # pkinit_name
- ### client ###
- # mkhomedir
- no_ntp: "{{ ipaserver_no_ntp }}"
- # ssh_trust_dns
- # no_ssh
- # no_sshd
- # no_dns_sshfp
- ### certificate system ###
- external_ca: "{{ ipaserver_external_ca }}"
- external_ca_type: "{{ ipaserver_external_ca_type | default(omit) }}"
- external_cert_files: "{{ ipaserver_external_cert_files | default([]) }}"
- subject_base: "{{ ipaserver_test.subject_base | default(omit) }}"
- ca_subject: "{{ ipaserver_test.ca_subject | default(omit) }}"
- # ca_signing_algorithm
- ### dns ###
- allow_zone_overlap: "{{ ipaserver_allow_zone_overlap }}"
- reverse_zones: "{{ ipaserver_reverse_zones | default([]) }}"
- no_reverse: "{{ ipaserver_no_reverse }}"
- auto_reverse: "{{ ipaserver_auto_reverse }}"
- zonemgr: "{{ ipaserver_zonemgr | default(omit) }}"
- forwarders: "{{ ipaserver_test.forwarders | default([]) }}"
- no_forwarders: "{{ ipaserver_no_forwarders }}"
- auto_forwarders: "{{ ipaserver_auto_forwarders }}"
- forward_policy: "{{ ipaserver_forward_policy | default(omit) }}"
- no_dnssec_validation: "{{ ipaserver_no_dnssec_validation }}"
- ### ad trust ###
- enable_compat: "{{ ipaserver_enable_compat }}"
- netbios_name: "{{ ipaserver_netbios_name | default(omit) }}"
- rid_base: "{{ ipaserver_rid_base | default(omit) }}"
- secondary_rid_base: "{{ ipaserver_secondary_rid_base | default(omit) }}"
-
- _hostname_overridden: "{{ ipaserver_test._hostname_overridden | default(omit) }}"
-
- when: ipaserver_foo is defined
-
-
-
-
- - name: Install - Server preparation
- ipaserver_prepare:
- dm_password: "{{ ipaserver_dm_password }}"
- password: "{{ ipaserver_password }}"
- domain: "{{ ipaserver_test.domain }}"
- realm: "{{ ipaserver_test.realm }}"
- hostname: "{{ ipaserver_test.hostname }}"
- ##ip_addresses: "{{ ipaserver_test.ip_addresses }}"
- reverse_zones: "{{ ipaserver_test.reverse_zones }}"
- setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
- setup_kra: "{{ ipaserver_test.setup_kra }}"
- setup_dns: "{{ ipaserver_setup_dns }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- no_host_dns: "{{ ipaserver_test.no_host_dns }}"
- subject_base: "{{ ipaserver_test.subject_base }}"
- ca_subject: "{{ ipaserver_test.ca_subject }}"
- no_reverse: "{{ ipaserver_no_reverse }}"
- auto_reverse: "{{ ipaserver_auto_reverse }}"
- auto_forwarders: "{{ ipaserver_auto_forwarders }}"
- #no_pkinit: "{{ ipaserver_test.no_pkinit }}"
- _hostname_overridden: "{{ ipaserver_test._hostname_overridden }}"
- register: ipaserver_prepare
-
- - name: Install - Setup NTP
- ipaserver_setup_ntp:
- when: not ipaserver_no_ntp | bool and (ipaserver_external_cert_files is undefined or ipaserver_external_cert_files|length < 1)
-
- - name: Install - Setup DS
- ipaserver_setup_ds:
- dm_password: "{{ ipaserver_dm_password }}"
- password: "{{ ipaserver_password }}"
- #master_password: "{{ ipaserver_master_password }}"
- domain: "{{ ipaserver_test.domain }}"
- realm: "{{ ipaserver_test.realm | default(omit) }}"
- hostname: "{{ ipaserver_test.hostname }}"
- #ip_addresses: "{{ ipaserver_test.ip_addresses }}"
- #reverse_zones: "{{ ipaserver_test.reverse_zones }}"
- #setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
- #setup_kra: "{{ ipaserver_test.setup_kra }}"
- #setup_dns: "{{ ipaserver_setup_dns }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- #no_host_dns: "{{ ipaserver_test.no_host_dns }}"
- subject_base: "{{ ipaserver_test.subject_base }}"
- ca_subject: "{{ ipaserver_test.ca_subject }}"
- #no_reverse: "{{ ipaserver_no_reverse }}"
- #auto_forwarders: "{{ ipaserver_auto_forwarders }}"
- no_pkinit: "{{ ipaserver_test.no_pkinit }}"
- no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
- idstart: "{{ ipaserver_test.idstart }}"
- idmax: "{{ ipaserver_test.idmax }}"
-
- - name: Install - Setup KRB
- ipaserver_setup_krb:
- dm_password: "{{ ipaserver_dm_password }}"
- password: "{{ ipaserver_password }}"
- master_password: "{{ ipaserver_master_password }}"
- domain: "{{ ipaserver_test.domain }}"
- realm: "{{ ipaserver_test.realm }}"
- hostname: "{{ ipaserver_test.hostname }}"
- #ip_addresses: "{{ ipaserver_test.ip_addresses }}"
- reverse_zones: "{{ ipaserver_test.reverse_zones }}"
- setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
- setup_kra: "{{ ipaserver_test.setup_kra }}"
- setup_dns: "{{ ipaserver_setup_dns }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- no_host_dns: "{{ ipaserver_test.no_host_dns }}"
- subject_base: "{{ ipaserver_test.subject_base }}"
- ca_subject: "{{ ipaserver_test.ca_subject }}"
- no_reverse: "{{ ipaserver_no_reverse }}"
- auto_forwarders: "{{ ipaserver_auto_forwarders }}"
- no_pkinit: "{{ ipaserver_test.no_pkinit }}"
- no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
- idstart: "{{ ipaserver_test.idstart }}"
- idmax: "{{ ipaserver_test.idmax }}"
-
- - name: Install - Setup CA
- ipaserver_setup_ca:
- dm_password: "{{ ipaserver_dm_password }}"
- password: "{{ ipaserver_password }}"
- master_password: "{{ ipaserver_master_password }}"
- #ip_addresses: "{{ ipaserver_test.ip_addresses }}"
- domain: "{{ ipaserver_test.domain }}"
- realm: "{{ ipaserver_test.realm }}"
- hostname: "{{ ipaserver_test.hostname }}"
- no_host_dns: "{{ ipaserver_test.no_host_dns }}"
- setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
- setup_kra: "{{ ipaserver_test.setup_kra }}"
- setup_dns: "{{ ipaserver_setup_dns }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- idstart: "{{ ipaserver_test.idstart }}"
- idmax: "{{ ipaserver_test.idmax }}"
- no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
- no_pkinit: "{{ ipaserver_test.no_pkinit }}"
- dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
- _dirsrv_pkcs12_info: "{{ ipaserver_test._dirsrv_pkcs12_info }}"
- external_ca: "{{ ipaserver_external_ca }}"
- subject_base: "{{ ipaserver_test.subject_base }}"
- _subject_base: "{{ ipaserver_test._subject_base }}"
- ca_subject: "{{ ipaserver_test.ca_subject }}"
- _ca_subject: "{{ ipaserver_test._ca_subject }}"
- ca_signing_algorithm: "{{ ipaserver_ca_signing_algorithm | default(omit) }}"
-
- reverse_zones: "{{ ipaserver_test.reverse_zones }}"
- no_reverse: "{{ ipaserver_no_reverse }}"
- auto_forwarders: "{{ ipaserver_auto_forwarders }}"
-
- - name: Install - Setup otpd
- ipaserver_setup_otpd:
- realm: "{{ ipaserver_test.realm }}"
- hostname: "{{ ipaserver_test.hostname }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
-
- - name: Install - Setup custodia
- ipaserver_setup_custodia:
- realm: "{{ ipaserver_test.realm }}"
- hostname: "{{ ipaserver_test.hostname }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
-
- - name: Install - Setup HTTP
- ipaserver_setup_http:
- dm_password: "{{ ipaserver_dm_password }}"
- password: "{{ ipaserver_password }}"
- master_password: "{{ ipaserver_master_password }}"
- domain: "{{ ipaserver_test.domain }}"
- realm: "{{ ipaserver_test.realm }}"
- hostname: "{{ ipaserver_test.hostname }}"
- #ip_addresses: "{{ ipaserver_test.ip_addresses }}"
- reverse_zones: "{{ ipaserver_test.reverse_zones }}"
- setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
- setup_kra: "{{ ipaserver_test.setup_kra }}"
- setup_dns: "{{ ipaserver_setup_dns }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- no_host_dns: "{{ ipaserver_test.no_host_dns }}"
- subject_base: "{{ ipaserver_test.subject_base }}"
- _subject_base: "{{ ipaserver_test._subject_base }}"
- ca_subject: "{{ ipaserver_test.ca_subject }}"
- _ca_subject: "{{ ipaserver_test._ca_subject }}"
- no_reverse: "{{ ipaserver_no_reverse }}"
- auto_forwarders: "{{ ipaserver_auto_forwarders }}"
- no_pkinit: "{{ ipaserver_test.no_pkinit }}"
- no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
- idstart: "{{ ipaserver_test.idstart }}"
- idmax: "{{ ipaserver_test.idmax }}"
- http_cert_files: "{{ ipaserver_http_cert_files | default([]) }}"
- no_ui_redirect: "{{ ipaserver_no_ui_redirect }}"
-
- - name: Install - Setup KRA
- ipaserver_setup_kra:
- hostname: "{{ ipaserver_test.hostname }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- dm_password: "{{ ipaserver_dm_password }}"
- setup_kra: "{{ ipaserver_test.setup_kra }}"
- when: ipaserver_test.setup_kra | bool
-
- - name: Install - Setup DNS
- ipaserver_setup_dns:
- hostname: "{{ ipaserver_test.hostname }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- setup_dns: "{{ ipaserver_setup_dns }}"
- forwarders: "{{ ipaserver_test.forwarders | default(omit) }}"
- forward_policy: "{{ ipaserver_forward_policy | default(omit) }}"
- zonemgr: "{{ ipaserver_zonemgr | default(omit) }}"
- no_dnssec_validation: "{{ ipaserver_no_dnssec_validation }}"
- when: ipaserver_setup_dns | bool
-
- - name: Install - Setup ADTRUST
- ipaserver_setup_adtrust:
- hostname: "{{ ipaserver_test.hostname }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
- when: ipaserver_test.setup_adtrust
-
- - name: Install - Set DS password
- ipaserver_set_ds_password:
- dm_password: "{{ ipaserver_dm_password }}"
- password: "{{ ipaserver_password }}"
- domain: "{{ ipaserver_test.domain }}"
- realm: "{{ ipaserver_test.realm }}"
- hostname: "{{ ipaserver_test.hostname }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- subject_base: "{{ ipaserver_test.subject_base }}"
- ca_subject: "{{ ipaserver_test.ca_subject }}"
- no_pkinit: "{{ ipaserver_test.no_pkinit }}"
- no_hbac_allow: "{{ ipaserver_no_hbac_allow }}"
- idstart: "{{ ipaserver_test.idstart }}"
- idmax: "{{ ipaserver_test.idmax }}"
- dirsrv_config_file: "{{ ipaserver_dirsrv_config_file | default(omit) }}"
- _dirsrv_pkcs12_info: "{{ ipaserver_test._dirsrv_pkcs12_info }}"
-
- #- name: Install - Setup client
- # include_role:
- # name: ipaclient
- # private: yes
- # defaults_from: "/roles/ipaclient/defaults/main.yml"
- # tasks_from: "/roles/ipaclient/tasks/main.yml"
- # vars_from: "/roles/ipaclient/vars/main.yml"
- # vars:
- # state: present
- # on_master: yes
- # domain: "{{ ipaserver_test.domain }}"
- # realm: "{{ ipaserver_test.realm }}"
- # server: "{{ ipaserver_test.hostname }}"
- # hostname: "{{ ipaserver_test.hostname }}"
- # #no_dns_sshfp: "{{ ipaserver_no_dns_sshfp }}"
- # #ssh_trust_dns: "{{ ipaserver_ssh_trust_dns }}"
- # #no_ssh: "{{ ipaserver_no_ssh }}"
- # #no_sshd: "{{ ipaserver_no_sshd }}"
- # mkhomedir: "{{ ipaserver_mkhomedir }}"
- # #allow_repair: "{{ ipaserver_allow_repair }}"
-
- - name: Install - Setup client
- command: >
- /usr/sbin/ipa-client-install
- --unattended
- --on-master
- --domain "{{ ipaserver_test.domain }}"
- --realm "{{ ipaserver_test.realm }}"
- --server "{{ ipaserver_test.hostname }}"
- --hostname "{{ ipaserver_test.hostname }}"
- {{ "--mkhomedir" if ipaserver_mkhomedir | bool else "" }}
-
- # {{ "--no-dns-sshfp" if ipaserver_no_dns_sshfp | bool else "" }}
- # {{ "--ssh-trust-dns" if ipaserver_ssh_trust_dns | bool else "" }}
- # {{ "--no-ssh" if ipaserver_no_ssh | bool else "" }}
- # {{ "--no-sshd" if ipaserver_no_sshd | bool else "" }}
-
- - name: Install - Enable IPA
- ipaserver_enable_ipa:
- hostname: "{{ ipaserver_test.hostname }}"
- setup_ca: "{{ ipaserver_test.setup_ca }}"
- register: ipaserver_enable_ipa
-
- - name: Install - Cleanup root IPA cache
- file:
- path: "/root/.ipa_cache"
- state: absent
- when: ipaserver_enable_ipa.changed
-
-
-#- name: Install - Server installation
-# ipaserver_install:
-# dm_password: "{{ ipaserver_dm_password }}"
-# password: "{{ ipaserver_password }}"
-# domain: "{{ ipaserver_domain | default(omit) }}"
-# realm: "{{ ipaserver_realm | default(omit) }}"
-# hostname: "{{ ipaserver_hostname | default(ansible_fqdn) }}"
-# setup_dns: "{{ ipaserver_setup_dns }}"
-# no_reverse: "{{ ipaserver_no_reverse }}"
-# auto_forwarders: "{{ ipaserver_auto_forwarders }}"
-# register: ipaserver_install
-
-#- name: Install - Server installation
-# ipaserver_install:
-# dm_password: "{{ ipaserver_dm_password }}"
-# password: "{{ ipaserver_password }}"
-# domain: "{{ ipaserver_test.domain }}"
-# realm: "{{ ipaserver_test.realm }}"
-# hostname: "{{ ipaserver_test.hostname }}"
-# #ip_addresses: "{{ ipaserver_test.ip_addresses }}"
-# reverse_zones: "{{ ipaserver_test.reverse_zones }}"
-# setup_adtrust: "{{ ipaserver_test.setup_adtrust }}"
-# setup_kra: "{{ ipaserver_test.setup_kra }}"
-# setup_dns: "{{ ipaserver_setup_dns }}"
-# setup_ca: "{{ ipaserver_test.setup_ca }}"
-# no_host_dns: "{{ ipaserver_test.no_host_dns }}"
-# subject_base: "{{ ipaserver_test.subject_base }}"
-# ca_subject: "{{ ipaserver_test.ca_subject }}"
-# no_reverse: "{{ ipaserver_no_reverse }}"
-# auto_forwarders: "{{ ipaserver_auto_forwarders }}"
-# register: ipaserver_install
-#
-#- name: Install - Cleanup root IPA cache
-# file:
-# path: "/root/.ipa_cache"
-# state: absent
-# when: ipaserver_install.changed
--
GitLab