From 5cfcccd616fed79588e9f46a7322f3382e205985 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Thu, 24 Aug 2017 12:54:37 +0200
Subject: [PATCH] library/ipajoin.py: Doc updates, renamed ca_certs_file

Documentation for domain, principal, keytab, ca_cert_file and kinit_attempts
has been added.

ca_certs_file has been renamed to ca_cert_file as it is used in
ipa-client-install.
---
 library/ipajoin.py                | 24 ++++++++++++++++++++----
 roles/ipaclient/tasks/install.yml |  2 +-
 2 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/library/ipajoin.py b/library/ipajoin.py
index 55f91a8e..250d78b7 100644
--- a/library/ipajoin.py
+++ b/library/ipajoin.py
@@ -43,17 +43,33 @@ options:
     description: The Kerberos realm of an existing IPA deployment.
     required: true
   kdc:
-    description:
+    description: The name or address of the host running the KDC.
     required: true
   hostname:
     description: The hostname of the machine to join (FQDN).
     required: false
+  domain:
+    description: The primary DNS domain of an existing IPA deployment.
+    required: false
   force_join:
     description: Force enrolling the host even if host entry exists.
     required: false
+  principal:
+    description: The authorized kerberos principal used to join the IPA realm.
+    required: false
+    default: admin
   password:
     description: The password to use if not using Kerberos to authenticate.
     required: false
+  keytab:
+    description: The path to a backed-up host keytab from previous enrollment.
+    required: false
+  ca_cert_file:
+    description: A CA certificate to use. Do not acquire the IPA CA certificate via automated means.
+    required: false
+  kinit_attempts:
+    description: Repeat the request for host Kerberos ticket X times.
+    required: false
 author:
     - Thomas Woerner
 '''
@@ -92,7 +108,7 @@ def main():
             principal=dict(required=False),
             password=dict(required=False),
             keytab=dict(required=False),
-            ca_certs_file=dict(required=False),
+            ca_cert_file=dict(required=False),
             kinit_attempts=dict(required=False, type='int'),
         ),
         # required_one_of = ( [ '', '' ] ),
@@ -110,7 +126,7 @@ def main():
     principal = module.params.get('principal')
     password = module.params.get('password')
     keytab = module.params.get('keytab')
-    ca_certs_file = module.params.get('ca_certs_file')
+    ca_cert_file = module.params.get('ca_cert_file')
     kinit_attempts = module.params.get('kinit_attempts')
 
     client_domain = hostname[hostname.find(".")+1:]
@@ -123,7 +139,7 @@ def main():
     class Object(object):
         pass
     options = Object()
-    options.ca_cert_file = ca_certs_file
+    options.ca_cert_file = ca_cert_file
     options.unattended = True
     options.principal = principal
     options.password = password
diff --git a/roles/ipaclient/tasks/install.yml b/roles/ipaclient/tasks/install.yml
index cc7b9dcf..23e6ed16 100644
--- a/roles/ipaclient/tasks/install.yml
+++ b/roles/ipaclient/tasks/install.yml
@@ -52,7 +52,7 @@
     principal: "{{ ipaclient_principal | default(omit) }}"
     password: "{{ ipaclient_password | default(omit) }}"
     keytab: "{{ ipaclient_keytab | default(omit) }}"
-    #ca_certs_file: "{{ ipaclient_ca_certs_file | default(omit) }}"
+    #ca_cert_file: "{{ ipaclient_ca_cert_file | default(omit) }}"
     kinit_attempts: "{{ ipaclient_kinit_attempts | default(omit) }}"
 
 #- name: Configure krb5
-- 
GitLab