ipa[server,replica]: Enable freeipa-trust service if adtrust is enabled

The freeipa-trust service has not been added if adtrust was enabled. For ipareplica the addition of freeipa-replication has been removed as the used port is not used anymore since some time. Fixes: #83 (when installing with ipaserver_setup_adtrust: true the firewalld service freeipa-trust is not added)

ipa[server,replica]: Enable freeipa-trust service if adtrust is enabled
5951b954 · Thomas Woerner · 69b894a7 · 5951b954 · 5951b954
Commit 5951b954 authored 6 years ago by Thomas Woerner
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -96,7 +96,8 @@
      --permanent
      --add-service=freeipa-ldap
      --add-service=freeipa-ldaps
-      --add-service=freeipa-replication
+      {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+         else "" }}
      {{ "--add-service=dns" if ipareplica_setup_dns | bool else "" }}
      {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
    when: ipareplica_setup_firewalld | bool
@@ -106,7 +107,8 @@
      firewall-cmd
      --add-service=freeipa-ldap
      --add-service=freeipa-ldaps
-      --add-service=freeipa-replication
+      {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+         else "" }}
      {{ "--add-service=dns" if ipareplica_setup_dns | bool else "" }}
      {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
    when: ipareplica_setup_firewalld | bool

--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -391,6 +391,8 @@
      --permanent
      --add-service=freeipa-ldap
      --add-service=freeipa-ldaps
+      {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+         else "" }}
      {{ "--add-service=dns" if ipaserver_setup_dns | bool else "" }}
      {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
    when: ipaserver_setup_firewalld | bool
@@ -400,6 +402,8 @@
      firewall-cmd
      --add-service=freeipa-ldap
      --add-service=freeipa-ldaps
+      {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool
+         else "" }}
      {{ "--add-service=dns" if ipaserver_setup_dns | bool else "" }}
      {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }}
    when: ipaserver_setup_firewalld | bool