Skip to content
Snippets Groups Projects
Unverified Commit 6e2fa7e7 authored by Thomas Woerner's avatar Thomas Woerner Committed by GitHub
Browse files

Merge pull request #125 from tscherf/typo_fixes 

fix various typos in README files
parents 74e954b9 4d5a2c24
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
README-group.md
+ 1
1
View file @ 6e2fa7e7
......@@ -6,7 +6,7 @@ Description
The group module allows to ensure presence and absence of groups and members of groups.
The group module is as compatible as possible to the Ansible upstream `ipa_group` module, but addtionally offers to add users to a group and also to remove users from a group.
The group module is as compatible as possible to the Ansible upstream `ipa_group` module, but additionally offers to add users to a group and also to remove users from a group.
Features
......
README-host.md
+ 2
2
View file @ 6e2fa7e7
......@@ -6,7 +6,7 @@ Description
The host module allows to ensure presence, absence and disablement of hosts.
The host module is as compatible as possible to the Ansible upstream `ipa_host` module, but addtionally offers to disable hosts.
The host module is as compatible as possible to the Ansible upstream `ipa_host` module, but additionally offers to disable hosts.
Features
......@@ -94,7 +94,7 @@ Example playbook to initiate the generation of a random password to be used in b
become: true
tasks:
# Generate a random password for bulk enrolment
# Generate a random password for bulk enrollment
- ipahost:
ipaadmin_password: MyPassword123
name: host01.example.com
......
README-hostgroup.md
+ 1
1
View file @ 6e2fa7e7
......@@ -6,7 +6,7 @@ Description
The hostgroup module allows to ensure presence and absence of hostgroups and members of hostgroups.
The hostgroup module is as compatible as possible to the Ansible upstream `ipa_hostgroup` module, but addtionally offers to make sure that hosts are present or absent in a hostgroup.
The hostgroup module is as compatible as possible to the Ansible upstream `ipa_hostgroup` module, but additionally offers to make sure that hosts are present or absent in a hostgroup.
Features
......
README-topology.md
+ 2
2
View file @ 6e2fa7e7
......@@ -39,7 +39,7 @@ ipaserver.test.local
```
Example playbook to add a topology segment wiht default name (cn):
Example playbook to add a topology segment with default name (cn):
```yaml
---
......@@ -56,7 +56,7 @@ Example playbook to add a topology segment wiht default name (cn):
right: ipareplica2.test.local
state: present
```
The name (cn) can also be set if it should not be the default `{left}-to-{rkight}`.
The name (cn) can also be set if it should not be the default `{left}-to-{right}`.
Example playbook to delete a topology segment:
......
README-user.md
+ 1
1
View file @ 6e2fa7e7
......@@ -6,7 +6,7 @@ Description
The user module allows to ensure presence, absence, disablement, unlocking and undeletion of users.
The user module is as compatible as possible to the Ansible upstream `ipa_user` module, but addtionally offers to preserve delete, enable, disable, unlock and undelete users.
The user module is as compatible as possible to the Ansible upstream `ipa_user` module, but additionally offers to preserve delete, enable, disable, unlock and undelete users.
Features
......
README.md
+ 4
4
View file @ 6e2fa7e7
......@@ -62,13 +62,13 @@ How to use ansible-freeipa
**GIT repo**
The simplest method for now is to clone this repository on the contoller from github directly and to start the deployment from the ansible-freeipa directory:
The simplest method for now is to clone this repository on the controller from github directly and to start the deployment from the ansible-freeipa directory:
```bash
git clone https://github.com/freeipa/ansible-freeipa.git
cd ansible-freeipa
```
You can use the roles directly within the top directory of the git repo, but to be able to use the management modules in the plugins subdirectory, you have to either adapt `anisble.cfg` or create links for the roles, modules or directories.
You can use the roles directly within the top directory of the git repo, but to be able to use the management modules in the plugins subdirectory, you have to either adapt `ansible.cfg` or create links for the roles, modules or directories.
You can either adapt ansible.cfg:
......@@ -88,7 +88,7 @@ ansible-freeipa/plugins/module_utils to ~/.ansible/plugins/
**RPM package**
There are RPM packages available for Fedora 29+. These are installing the roles and modules into the global Ansible directories for `roles`, `plugins/modules` and `plugings/module_utils` in the `/usr/share/ansible` directory. Therefore is it possible to use the roles and modules without adapting the names like it is done in the example playbooks.
There are RPM packages available for Fedora 29+. These are installing the roles and modules into the global Ansible directories for `roles`, `plugins/modules` and `plugins/module_utils` in the `/usr/share/ansible` directory. Therefore is it possible to use the roles and modules without adapting the names like it is done in the example playbooks.
**Ansible galaxy**
......@@ -348,7 +348,7 @@ If Ansible vault is used for passwords, then it is needed to adapt the playbooks
state: present
```
It is also needed to provide the vault passowrd file on the ansible-playbook command line:
It is also needed to provide the vault password file on the ansible-playbook command line:
```bash
ansible-playbook -v -i inventory/hosts --vault-password-file .vaul_pass.txt install-server.yml
```
......
roles/ipaclient/README.md
+ 5
5
View file @ 6e2fa7e7
ipaclient role
==============
This [Ansible](https://www.ansible.com/) role allows to join hosts as clients to an IPA domain. This can be done in differnt ways using auto-discovery of the servers, domain and other settings or by specifying them.
This [Ansible](https://www.ansible.com/) role allows to join hosts as clients to an IPA domain. This can be done in different ways using auto-discovery of the servers, domain and other settings or by specifying them.
**Note**: The ansible playbooks and role require a configured ansible environment where the ansible nodes are reachable and are properly set up to have an IP address and a working package manager.
......@@ -16,7 +16,7 @@ Features
Supported FreeIPA Versions
--------------------------
FreeIPA versions 4.5 and up are supported by the client role. There is also limited support for verison 4.4.
FreeIPA versions 4.5 and up are supported by the client role. There is also limited support for version 4.4.
Supported Distributions
......@@ -173,7 +173,7 @@ Server Variables
Variable | Description | Required
-------- | ----------- | --------
`ipaservers` | This group is a list of the IPA server full qualified host names. In a topology with a chain of servers and replicas, it is important to use the right server or replica as the server for the client. If there is a need to overwrite the setting for a client in the `ipaclients` group, please use the list `ipaclient_servers` explained below. If no `ipaservers` group is defined than the installation preparation step will try to use DNS autodiscovery to identify the the IPA server using DNS txt records. | mostly
`ipaadmin_keytab` | The string variable enables the use of an admin keytab as an alternativce authentication method. The variable needs to contain the local path to the keytab file. If `ipaadmin_keytab` is used, then `ipaadmin_password` does not need to be set. If `ipaadmin_keytab` is used with `ipaclient_use_otp: yes` then the keytab needs to be available on the contoller, else on the client node. The use of full path names is recommended. | no
`ipaadmin_keytab` | The string variable enables the use of an admin keytab as an alternative authentication method. The variable needs to contain the local path to the keytab file. If `ipaadmin_keytab` is used, then `ipaadmin_password` does not need to be set. If `ipaadmin_keytab` is used with `ipaclient_use_otp: yes` then the keytab needs to be available on the controller, else on the client node. The use of full path names is recommended. | no
`ipaadmin_principal` | The string variable only needs to be set if the name of the Kerberos admin principal is not "admin". If `ipaadmin_principal` is not set it will be set internally to "admin". | no
`ipaadmin_password` | The string variable contains the Kerberos password of the Kerberos admin principal. If `ipaadmin_keytab` is used, then `ipaadmin_password` does not need to be set. | mostly
......@@ -185,7 +185,7 @@ These variables can be used to define or change how clients are arranged within
Variable | Description | Required
-------- | ----------- | --------
`ipaclient_no_dns_lookup` | The bool value defines if the `ipaservers` group will be used as servers for the clients automatically. If enabled this deactivates DNS lookup in Kerberos in client installations. `ipaclient_no_dns_lookup` defauults to `no`. | no
`ipaclient_no_dns_lookup` | The bool value defines if the `ipaservers` group will be used as servers for the clients automatically. If enabled this deactivates DNS lookup in Kerberos in client installations. `ipaclient_no_dns_lookup` defaults to `no`. | no
`ipaclient_servers` | The optional list can be used to manually override list of servers on a per client basis. The list of servers is normally taken from from `ipaservers` group. | no
......@@ -194,7 +194,7 @@ Special Variables
Variable | Description | Required
-------- | ----------- | --------
`ipaclient_use_otp` | The bool value defines if a one-time password will be generated to join a new or existing host. `ipaclient_use_otp` defaults to `no`. The enforcement on an existing host is not done if there is a working krb5.keytab on the host. If the generation of an otp is enforced for an existing host entry, then the host gets diabled and the containing keytab gets removed. | no
`ipaclient_use_otp` | The bool value defines if a one-time password will be generated to join a new or existing host. `ipaclient_use_otp` defaults to `no`. The enforcement on an existing host is not done if there is a working krb5.keytab on the host. If the generation of an otp is enforced for an existing host entry, then the host gets disabled and the containing keytab gets removed. | no
`ipaclient_allow_repair` | The bool value defines if an already joined or partly set-up client can be repaired. `ipaclient_allow_repair` defaults to `no`. Contrary to `ipaclient_force_join=yes` the host entry will not be changed on the server. | no
`ipaclient_install_packages` | The bool value defines if the needed packages are installed on the node. `ipaclient_install_packages` defaults to `yes`. | no
`ipaclient_on_master` | The bool value is only used in the server and replica installation process to install the client part. It should not be set otherwise. `ipaclient_on_master` defaults to `no`. | no
......
roles/ipareplica/README.md
+ 2
2
View file @ 6e2fa7e7
......@@ -7,7 +7,7 @@ Description
This role allows to configure a new IPA server that is a replica of the server. Once it has been created it is an exact copy of the original IPA server and is an equal master.
Changes made to any master are automatically replicated to other masters.
This can be done in differnt ways using auto-discovery of the servers, domain and other settings or by specifying them.
This can be done in different ways using auto-discovery of the servers, domain and other settings or by specifying them.
**Note**: The ansible playbooks and role require a configured ansible environment where the ansible nodes are reachable and are properly set up to have an IP address and a working package manager.
......@@ -229,7 +229,7 @@ Cluster Specific Variables
Variable | Description | Required
-------- | ----------- | --------
`ipareplica_servers` | Manually override list of servers for example in a cluster environment on a per replica basis. The list of servers is normally taken from from groups.ipaserver in cluster environments. (list of strings) | no
`ipaserver_domain` | Used if set in a cliuster environment to overload `ipareplica_domain` | no
`ipaserver_domain` | Used if set in a cluster environment to overload `ipareplica_domain` | no
Special Variables
-----------------
......
roles/ipaserver/README.md
+ 3
3
View file @ 6e2fa7e7
......@@ -132,7 +132,7 @@ Server installation step 1: Generate CSR, copy to controller as `<ipaserver host
Sign with CA: This is up to you
Server installatin step 2: Copy `<ipaserver hostname>-chain.crt` to the IPA server and continue with installation of the primary.
Server installation step 2: Copy `<ipaserver hostname>-chain.crt` to the IPA server and continue with installation of the primary.
```yaml
- name: Playbook to configure IPA server step3
......@@ -153,7 +153,7 @@ Server installatin step 2: Copy `<ipaserver hostname>-chain.crt` to the IPA serv
state: present
```
The files can also be copied automatically: Set `ipaserver_copy_csr_to_controller` to true in the server installation step 1 and set `ipaserver_external_cert_files_from_controller` to point to the `chain.crt` file in the server installatin step 2.
The files can also be copied automatically: Set `ipaserver_copy_csr_to_controller` to true in the server installation step 1 and set `ipaserver_external_cert_files_from_controller` to point to the `chain.crt` file in the server installation step 2.
Playbooks
......@@ -282,7 +282,7 @@ Special Variables
Variable | Description | Required
-------- | ----------- | --------
`ipaserver_install_packages` | The bool value defines if the needed packages are installed on the node. (bool, default: true) | no
`ipaserver_setup_firewalld` | The value defines if the needed services will automatically be openen in the firewall managed by firewalld. (bool, default: true) | no
`ipaserver_setup_firewalld` | The value defines if the needed services will automatically be opened in the firewall managed by firewalld. (bool, default: true) | no
`ipaserver_external_cert_files_from_controller` | Files containing the IPA CA certificates and the external CA certificate chains on the controller that will be copied to the ipaserver host to `/root` folder. (list of string) | no
`ipaserver_copy_csr_to_controller` | Copy the generated CSR from the ipaserver to the controller as `"{{ inventory_hostname }}-ipa.csr"`. (bool) | no
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment