diff --git a/library/ipaapi.py b/library/ipaapi.py
index 23bee0b498df09f5ccd142b418729f4542c4df8b..78818e7e348d3fa8870abed9f807e2b3bef1c807 100644
--- a/library/ipaapi.py
+++ b/library/ipaapi.py
@@ -33,9 +33,6 @@ short description: Create temporary NSS database, call IPA API for remaining enr
description:
Create temporary NSS database, call IPA API for remaining enrollment parts
options:
- servers:
- description: The FQDN of the IPA servers to connect to.
- required: false
realm:
description: The Kerberos realm of an existing IPA deployment.
required: true
@@ -45,6 +42,8 @@ options:
debug:
description: Turn on extra debugging
required: false
+ type: bool
+ default: no
author:
- Thomas Woerner
'''
@@ -141,8 +140,6 @@ def main():
servers = module.params.get('servers')
debug = module.params.get('debug')
- fstore = sysrestore.FileStore(paths.IPA_CLIENT_SYSRESTORE)
- statestore = sysrestore.StateFile(paths.IPA_CLIENT_SYSRESTORE)
host_principal = 'host/%s@%s' % (hostname, realm)
os.environ['KRB5CCNAME'] = paths.IPA_DNS_CCACHE
@@ -170,7 +167,6 @@ def main():
pass
# Add CA certs to a temporary NSS database
- argspec = inspect.getargspec(tmp_db.create_db)
try:
if NUM_VERSION > 40404:
tmp_db.create_db()
diff --git a/library/ipadiscovery.py b/library/ipadiscovery.py
index de808b97653b4729bf91417fbd6e4298ba53dcd4..05a3bd0199c9f9c2f898205e01a480ec02622ee6 100644
--- a/library/ipadiscovery.py
+++ b/library/ipadiscovery.py
@@ -39,6 +39,7 @@ options:
description: The FQDN of the IPA servers to connect to.
required: false
type: list
+ default: []
domain:
description: The primary DNS domain of an existing IPA deployment.
required: false
@@ -46,7 +47,7 @@ options:
description: The Kerberos realm of an existing IPA deployment.
required: false
hostname:
- description: The authorized kerberos principal used to join the IPA realm.
+ description: The hostname of the machine to join (FQDN).
required: false
ca_cert_file:
description: A CA certificate to use.
@@ -55,6 +56,8 @@ options:
description: Check if IPA client is installed and matching.
required: false
default: false
+ type: bool
+ default: no
author:
- Thomas Woerner
'''
diff --git a/library/ipaextras.py b/library/ipaextras.py
index 0e0c72571758bfd6ab53a51e124f10446c6a59af..dd85c1dd84da65e99ac7843c0ecc8664d1140a79 100644
--- a/library/ipaextras.py
+++ b/library/ipaextras.py
@@ -37,42 +37,52 @@ Configure IPA extras
options:
servers:
description: The FQDN of the IPA servers to connect to.
- required: false
+ required: true
+ type: list
domain:
description: The primary DNS domain of an existing IPA deployment.
- required: false
+ required: true
ntp:
description: Set to no to not configure and enable NTP
required: false
+ type: bool
+ default: no
force_ntpd:
description: Stop and disable any time&date synchronization services besides ntpd.
required: false
+ type: bool
+ default: no
ntp_servers:
description: The ntp servers to configure if ntp is enabled.
required: false
+ type: list
ssh:
description: Configure OpenSSH client
required: false
+ type: bool
default: yes
sssd:
description: Configure the client to use SSSD for authentication
required: false
+ type: bool
default: yes
trust_sshfp:
description: Configure OpenSSH client to trust DNS SSHFP records
required: false
+ type: bool
default: yes
sshd:
description: Configure OpenSSH server
required: false
+ type: bool
default: yes
automount_location:
description: Automount location
required: false
- default: no
firefox:
description: Configure Firefox to use IPA domain credentials
required: false
+ type: bool
default: no
firefox_dir:
description: Specify directory where Firefox is installed (for example: '/usr/lib/firefox')
@@ -80,11 +90,16 @@ options:
no_nisdomain:
description: Do not configure NIS domain name
required: false
+ type: bool
default: no
nisdomain:
description: NIS domain name
required: false
on_master:
+ description: Whether the configuration is done on the master or not.
+ required: false
+ type: bool
+ default: no
author:
- Thomas Woerner
'''
diff --git a/library/ipafixca.py b/library/ipafixca.py
index 710b0a4ab94ecddd936b30fd102e752eb23d6247..7499f3d8f113a140841d6eda4bcc2beeb05d6bae 100644
--- a/library/ipafixca.py
+++ b/library/ipafixca.py
@@ -28,14 +28,15 @@ ANSIBLE_METADATA = {'metadata_version': '1.0',
DOCUMENTATION = '''
---
-module: ipaapi
+module: ipafixca
short description: Fix IPA ca certificate
description:
Repair Fix IPA ca certificate
options:
servers:
description: The FQDN of the IPA servers to connect to.
- required: false
+ required: true
+ type: list
realm:
description: The Kerberos realm of an existing IPA deployment.
required: true
@@ -43,9 +44,10 @@ options:
description: The basedn of the IPA server (of the form dc=example,dc=com).
required: true
allow_repair:
- deescription: Allow repair of already joined hosts. Contrary to ipaclient_force_join the host entry will not be changed on the server.
+ description: Allow repair of already joined hosts. Contrary to ipaclient_force_join the host entry will not be changed on the server.
required: true
- type: boolean
+ type: bool
+ default: no
author:
- Thomas Woerner
'''
diff --git a/library/ipajoin.py b/library/ipajoin.py
index e86a5f68ee2fdb042b844661b41497ea803bfde4..741b0c3442e135b9c69327952556f1fc902033ea 100644
--- a/library/ipajoin.py
+++ b/library/ipajoin.py
@@ -38,6 +38,7 @@ options:
servers:
description: The FQDN of the IPA servers to connect to.
required: true
+ type: list
domain:
description: The primary DNS domain of an existing IPA deployment.
required: true
@@ -68,13 +69,18 @@ options:
force_join:
description: Force enrolling the host even if host entry exists.
required: false
+ type: bool
+ default: no
kinit_attempts:
description: Repeat the request for host Kerberos ticket X times.
required: false
+ type: int
default: 5
debug:
description: Enable debug mode.
required: false
+ type: bool
+ default: no
author:
- Thomas Woerner
'''
diff --git a/library/ipanss.py b/library/ipanss.py
index 6ae72a3bc972c1f7d7e13e27522a760a4d5b26e6..ea47c53276468f08e3e324f4a0abe617ded733de 100644
--- a/library/ipanss.py
+++ b/library/ipanss.py
@@ -38,6 +38,7 @@ options:
servers:
description: The FQDN of the IPA servers to connect to.
required: true
+ type: list
domain:
description: The primary DNS domain of an existing IPA deployment.
required: true
@@ -57,14 +58,20 @@ options:
description: The subject base, needed for certmonger
required: true
ca_enabled:
- description: Wheter the Certificate Authority is enabled or not.
+ description: Whether the Certificate Authority is enabled or not.
required: true
+ type: bool
+ default: no
mkhomedir:
description: Whether to create home directories for users on their first login.
required: false
+ type: bool
+ default: no
on_master:
- description: Whether the configuration is done on the maseter or not.
+ description: Whether the configuration is done on the master or not.
required: false
+ type: bool
+ default: no
author:
- Thomas Woerner
'''
@@ -296,8 +303,6 @@ def main():
if nslcd.is_installed():
save_state(nslcd, statestore)
- retcode, conf = (0, None)
-
##########################################################################
# Modify nsswitch/pam stack
diff --git a/library/ipasssd.py b/library/ipasssd.py
index 18784f241437063f1ba1a0be2e83941e6fc6accd..8a72711510a2c5f93589514485f6bb26338d23c8 100644
--- a/library/ipasssd.py
+++ b/library/ipasssd.py
@@ -37,10 +37,11 @@ Configure sssd
options:
servers:
description: The FQDN of the IPA servers to connect to.
- required: false
+ required: true
+ type: list
domain:
description: The primary DNS domain of an existing IPA deployment.
- required: false
+ required: true
realm:
description: The Kerberos realm of an existing IPA deployment.
required: true
@@ -50,27 +51,42 @@ options:
services:
description: The services that should be enabled in the ssd configuration.
required: true
+ type: list
krb5_offline_passwords:
description: Whether user passwords are stored when the server is offline.
required: false
+ type: bool
+ default: no
on_master:
- description: Whether the configuration is done on the maseter or not.
+ description: Whether the configuration is done on the master or not.
required: false
+ type: bool
+ default: no
primary:
description: Whether to use fixed server as primary IPA server.
required: false
+ type: bool
+ default: no
preserve_sssd:
description: Preserve old SSSD configuration if possible.
required: false
+ type: bool
+ default: no
permit:
description: Disable access rules by default, permit all access.
required: false
+ type: bool
+ default: no
dns_updates:
description: Configures the machine to attempt dns updates when the ip address changes.
required: false
+ type: bool
+ default: no
all_ip_addresses:
description: All routable IP addresses configured on any interface will be added to DNS.
required: false
+ type: bool
+ default: no
author:
- Thomas Woerner
'''
diff --git a/library/ipatest.py b/library/ipatest.py
index a0dec7e0c29fd508672fd0019639969de68e548b..500dffb12bd7d73b85efb8f6305e3f7e2c2f4ed8 100644
--- a/library/ipatest.py
+++ b/library/ipatest.py
@@ -39,6 +39,7 @@ options:
servers:
description: The FQDN of the IPA servers to connect to.
required: true
+ type: list
domain:
description: The primary DNS domain of an existing IPA deployment.
required: true
@@ -54,6 +55,7 @@ options:
kinit_attempts:
description: Repeat the request for host Kerberos ticket X times.
required: false
+ type: int
default: 5
author:
- Thomas Woerner