Skip to content
Snippets Groups Projects
Commit 92641871 authored by Thomas Woerner's avatar Thomas Woerner
Browse files

ipareplica: Use ipaclient role to deploy client 

The ipaclient role is now used instead of ipa-client-install.
parent 915cc39b
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
roles/ipareplica/library/ipareplica_prepare.py
+ 0
69
View file @ 92641871
...@@ -256,75 +256,6 @@ def main(): ...@@ -256,75 +256,6 @@ def main():
## check selinux status, http and DS ports, NTP conflicting services ## check selinux status, http and DS ports, NTP conflicting services
#common_check(options.no_ntp) #common_check(options.no_ntp)
ansible_log.debug("-- ENROLLED? --")
client_fstore = sysrestore.FileStore(paths.IPA_CLIENT_SYSRESTORE)
if not client_fstore.has_files():
try:
with redirect_stdout(ansible_log):
# do not use ensure_enrolled, it uses redirect_output
# ensure_enrolled(installer)
args = [paths.IPA_CLIENT_INSTALL, "--unattended"]
if NUM_VERSION < 40690:
args.append("--no-ntp")
stdin = None
nolog = []
if installer.domain_name:
args.extend(["--domain", installer.domain_name])
if installer.server:
args.extend(["--server", installer.server])
if installer.realm_name:
args.extend(["--realm", installer.realm_name])
if installer.host_name:
args.extend(["--hostname", installer.host_name])
if installer.password:
args.extend(["--password", installer.password])
nolog.append(installer.password)
else:
if installer.admin_password:
# Always set principal if password was set explicitly,
# the password itself gets passed directly via stdin
args.extend(["--principal", installer.principal or "admin"])
stdin = installer.admin_password
if installer.keytab:
args.extend(["--keytab", installer.keytab])
if installer.no_dns_sshfp:
args.append("--no-dns-sshfp")
if installer.ssh_trust_dns:
args.append("--ssh-trust-dns")
if installer.no_ssh:
args.append("--no-ssh")
if installer.no_sshd:
args.append("--no-sshd")
if installer.mkhomedir:
args.append("--mkhomedir")
if installer.force_join:
args.append("--force-join")
ansible_log.debug(" ".join(args))
try:
# Call client install script
service.print_msg("Configuring client side components")
installer._enrollment_performed = True
ipautil.run(args, stdin=stdin, nolog=nolog) #, redirect_output=True)
#print()
except ipautil.CalledProcessError:
raise ScriptError("Configuration of client side components failed!")
except ScriptError as msg:
ansible_module.fail_json(msg=str(msg))
else:
if (options.domain_name or options.server or options.realm_name or
options.host_name or options.password or options.keytab):
ansible_module.log(
"IPA client is already configured on this system, ignoring "
"the --domain, --server, --realm, --hostname, --password "
"and --keytab options.")
sstore = sysrestore.StateFile(paths.SYSRESTORE) sstore = sysrestore.StateFile(paths.SYSRESTORE)
fstore = sysrestore.FileStore(paths.SYSRESTORE) fstore = sysrestore.FileStore(paths.SYSRESTORE)
......
roles/ipareplica/tasks/install.yml
+ 19
32
View file @ 92641871
...@@ -64,38 +64,25 @@ ...@@ -64,38 +64,25 @@
- block: - block:
#- name: Install - Setup client - name: Install - Setup client
# include_role: include_role:
# name: ipaclient name: ipaclient
# vars: vars:
# state: present state: present
# ipaclient_domain: "{{ result_ipareplica_test.domain }}" ipaclient_domain: "{{ result_ipareplica_test.domain }}"
# ipaclient_realm: "{{ result_ipareplica_test.realm }}" ipaclient_realm: "{{ result_ipareplica_test.realm }}"
# ipaclient_server: "{{ result_ipareplica_test.server }}" ipaclient_servers: ["{{ result_ipareplica_test.server }}"]
# ipaclient_hostname: "{{ result_ipareplica_test.hostname }}" ipaclient_hostname: "{{ result_ipareplica_test.hostname }}"
# #ipaclient_no_dns_sshfp: "{{ ipaclient_no_dns_sshfp }}" #ipaclient_keytab: "{{ ipaclient_keytab }}"
# #ipaclient_ssh_trust_dns: "{{ ipaclient_ssh_trust_dns }}" #ipaclient_mkhomedir: "{{ ipaclient_mkhomedir }}"
#ipaclient_force_join: "{{ ipaclient_force_join }}"
##ipaclient_no_ntp: "{{ ipaclient_no_ntp }}"
ipaclient_no_ntp: "{{ result_ipareplica_test.ipa_python_version < 40690 }}"
#ipaclient_ssh_trust_dns: "{{ ipaclient_ssh_trust_dns }}"
##ipaclient_no_ssh: "{{ ipaclient_no_ssh }}" ##ipaclient_no_ssh: "{{ ipaclient_no_ssh }}"
##ipaclient_no_sshd: "{{ ipaclient_no_sshd }}" ##ipaclient_no_sshd: "{{ ipaclient_no_sshd }}"
# #ipaclient_mkhomedir: "{{ ipaclient_mkhomedir }}" ##ipaclient_no_dns_sshfp: "{{ ipaclient_no_dns_sshfp }}"
when: not result_ipareplica_test.client_enrolled
#- name: Install - Setup client
# command: >
# /usr/sbin/ipa-client-install
# --unattended
# --no-ntp
# --domain "{{ result_ipareplica_test.domain }}"
# --realm "{{ result_ipareplica_test.realm }}"
# --server "{{ result_ipareplica_test.server }}"
# --hostname "{{ result_ipareplica_test.hostname }}"
# {{ "--principal" if ipaadmin_password is defined else "" }} {{ ipaadmin_principal if ipaadmin_password is defined else "" }}
# {{ "--password" if ipaadmin_password is defined else "" }} {{ ipaadmin_password if ipaadmin_password is defined else "" }}
# {{ "--mkhomedir" if ipaclient_mkhomedir | bool else "" }}
# # {{ "--no-dns-sshfp" if ipaclient_no_dns_sshfp | bool else "" }}
# # {{ "--ssh-trust-dns" if ipaclient_ssh_trust_dns | bool else "" }}
# # {{ "--no-ssh" if ipaclient_no_ssh | bool else "" }}
# # {{ "--no-sshd" if ipaclient_no_sshd | bool else "" }}
# when: not result_ipareplica_test.client_enrolled
- name: Install - Configure firewalld - name: Install - Configure firewalld
command: > command: >
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment