diff --git a/roles/ipareplica/library/ipareplica_custodia_import_dm_password.py b/roles/ipareplica/library/ipareplica_custodia_import_dm_password.py
index 4b3284f0854381fd5aaf558724541c55130e9e7a..8c93356d021768bd5f73cd7bac0d8d6c9eb710b9 100644
--- a/roles/ipareplica/library/ipareplica_custodia_import_dm_password.py
+++ b/roles/ipareplica/library/ipareplica_custodia_import_dm_password.py
@@ -100,7 +100,6 @@ def main():
#### certificate system ###
subject_base=dict(required=True),
#### additional ###
- config_master_host_name=dict(required=True),
ccache=dict(required=True),
_ca_enabled=dict(required=False, type='bool'),
_ca_file=dict(required=False),
@@ -108,6 +107,9 @@ def main():
_pkinit_pkcs12_info = dict(required=False),
_top_dir = dict(required=True),
dirman_password=dict(required=True, no_log=True),
+ config_setup_ca=dict(required=True),
+ config_master_host_name=dict(required=True),
+ config_ca_host_name=dict(required=True),
),
supports_check_mode = True,
)
@@ -137,6 +139,8 @@ def main():
pkinit_pkcs12_info = ansible_module.params.get('_pkinit_pkcs12_info')
options._top_dir = ansible_module.params.get('_top_dir')
dirman_password = ansible_module.params.get('dirman_password')
+ config_setup_ca = ansible_module.params.get('config_setup_ca')
+ config_ca_host_name = ansible_module.params.get('config_ca_host_name')
# init #
@@ -146,15 +150,19 @@ def main():
ansible_log.debug("== INSTALL ==")
options = installer
- promote = installer.promote
env = gen_env_boostrap_finalize_core(paths.ETC_IPA,
constants.DEFAULT_CONFIG)
api_bootstrap_finalize(env)
config = gen_ReplicaConfig()
+ config.dirman_password = dirman_password
+ config.setup_ca = config_setup_ca
+ config.master_host_name = master_host_name
+ config.ca_host_name = config_ca_host_name
config.subject_base = options.subject_base
+ config.promote = installer.promote
- remote_api = gen_remote_api(master_host_name, paths.ETC_IPA)
+ remote_api = gen_remote_api(config.master_host_name, paths.ETC_IPA)
installer._remote_api = remote_api
conn = remote_api.Backend.ldap2
@@ -163,12 +171,22 @@ def main():
# do the work #
with redirect_stdout(ansible_log):
- custodia = custodiainstance.CustodiaInstance(config.host_name,
- config.realm_name)
+ if not hasattr(custodiainstance, "get_custodia_instance"):
+ custodia = custodiainstance.CustodiaInstance(config.host_name,
+ config.realm_name)
+ else:
+ if ca_enabled:
+ mode = custodiainstance.CustodiaModes.CA_PEER
+ else:
+ mode = custodiainstance.CustodiaModes.MASTER_PEER
+ custodia = custodiainstance.get_custodia_instance(config, mode)
ansible_log.debug("-- CUSTODIA IMPORT DM PASSWORD --")
- custodia.import_dm_password(config.master_host_name)
+ if not hasattr(custodiainstance, "get_custodia_instance"):
+ custodia.import_dm_password(config.master_host_name)
+ else:
+ custodia.import_dm_password()
# done #
diff --git a/roles/ipareplica/tasks/install.yml b/roles/ipareplica/tasks/install.yml
index 47c44800031b2b1c60685882de4f515c23127891..4dab15e381ff7b246495b717a44c8235dc613a3f 100644
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -545,12 +545,14 @@
subject_base: "{{ result_ipareplica_prepare.subject_base }}"
### additional ###
config_master_host_name: "{{ result_ipareplica_prepare.config_master_host_name }}"
+ config_ca_host_name: "{{ result_ipareplica_prepare.config_ca_host_name }}"
ccache: "{{ result_ipareplica_prepare.ccache }}"
_ca_enabled: "{{ result_ipareplica_prepare._ca_enabled }}"
_ca_file: "{{ result_ipareplica_prepare._ca_file }}"
_pkinit_pkcs12_info: "{{ result_ipareplica_prepare._pkinit_pkcs12_info }}"
_top_dir: "{{ result_ipareplica_prepare._top_dir }}"
dirman_password: "{{ ipareplica_dirman_password }}"
+ config_setup_ca: "{{ result_ipareplica_prepare.config_setup_ca }}"
- name: Install - Promote SSSD
ipareplica_promote_sssd: