From e70763b024ffe7db44fc5ee999ec4c8a2b9c60e9 Mon Sep 17 00:00:00 2001
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
Date: Thu, 26 Aug 2021 17:18:11 -0300
Subject: [PATCH] ipaserver: Modify vars loading in ansible-freeipa roles.

When loading variables in all ansible-freeipa roles, it is expected
that a file with these variables is present for each supported Linux
distribution, and then, based on the information about the distribution
provided by Ansible, the correct file is loaded.

Previously, only the facts `distribution` and dinstribution version
related facts were used, which required specific files, or links to
files for distributions in the same "family", which will probably have
the same variables set.

This change adds searching for files based on the `os_family` fact,
allowing distributions that follow the same family rules to be
supported, without any changes to the codebase. It is still possible
that a specific distribution configuration overrides the default
behavior, as `os_family` has lower priority than `distribution`.

For example, distributions on the `RedHat` family, like Oracle Linux,
Alma Linux, and Rocky Linux, work withoutadding new files, or links to
files, to fill the `vars`.

Fix issue #573. Fix issue #523.
---
 roles/ipabackup/vars/CentOS-7.yml      | 6 ------
 roles/ipabackup/vars/RedHat-7.3.yml    | 6 ------
 roles/ipaclient/vars/CentOS-7.yml      | 4 ----
 roles/ipaclient/vars/Ubuntu.yml        | 2 --
 roles/ipareplica/vars/CentOS-7.yml     | 6 ------
 roles/ipareplica/vars/RedHat-7.3.yml   | 6 ------
 roles/ipaserver/tasks/main.yml         | 7 +++++++
 roles/ipaserver/vars/CentOS-7.yml      | 6 ------
 roles/ipaserver/vars/CentOS-8.yml      | 1 -
 roles/ipaserver/vars/OracleLinux-7.yml | 1 -
 roles/ipaserver/vars/OracleLinux-8.yml | 1 -
 roles/ipaserver/vars/RedHat-7.3.yml    | 6 ------
 12 files changed, 7 insertions(+), 45 deletions(-)
 delete mode 100644 roles/ipabackup/vars/CentOS-7.yml
 delete mode 100644 roles/ipabackup/vars/RedHat-7.3.yml
 delete mode 100644 roles/ipaclient/vars/CentOS-7.yml
 delete mode 100644 roles/ipaclient/vars/Ubuntu.yml
 delete mode 100644 roles/ipareplica/vars/CentOS-7.yml
 delete mode 100644 roles/ipareplica/vars/RedHat-7.3.yml
 delete mode 100644 roles/ipaserver/vars/CentOS-7.yml
 delete mode 120000 roles/ipaserver/vars/CentOS-8.yml
 delete mode 120000 roles/ipaserver/vars/OracleLinux-7.yml
 delete mode 120000 roles/ipaserver/vars/OracleLinux-8.yml
 delete mode 100644 roles/ipaserver/vars/RedHat-7.3.yml

diff --git a/roles/ipabackup/vars/CentOS-7.yml b/roles/ipabackup/vars/CentOS-7.yml
deleted file mode 100644
index 11863757..00000000
--- a/roles/ipabackup/vars/CentOS-7.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-# defaults file for ipaserver
-# vars/rhel.yml
-ipaserver_packages: [ "ipa-server", "libselinux-python" ]
-ipaserver_packages_dns: [ "ipa-server-dns" ]
-ipaserver_packages_adtrust: [ "ipa-server-trust-ad" ]
-ipaserver_packages_firewalld: [ "firewalld" ]
\ No newline at end of file
diff --git a/roles/ipabackup/vars/RedHat-7.3.yml b/roles/ipabackup/vars/RedHat-7.3.yml
deleted file mode 100644
index 11863757..00000000
--- a/roles/ipabackup/vars/RedHat-7.3.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-# defaults file for ipaserver
-# vars/rhel.yml
-ipaserver_packages: [ "ipa-server", "libselinux-python" ]
-ipaserver_packages_dns: [ "ipa-server-dns" ]
-ipaserver_packages_adtrust: [ "ipa-server-trust-ad" ]
-ipaserver_packages_firewalld: [ "firewalld" ]
\ No newline at end of file
diff --git a/roles/ipaclient/vars/CentOS-7.yml b/roles/ipaclient/vars/CentOS-7.yml
deleted file mode 100644
index 51ab7bfc..00000000
--- a/roles/ipaclient/vars/CentOS-7.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-# defaults file for ipaclient
-# vars/rhel.yml
-ipaclient_packages: [ "ipa-client", "libselinux-python" ]
-#ansible_python_interpreter: '/usr/bin/python2'
diff --git a/roles/ipaclient/vars/Ubuntu.yml b/roles/ipaclient/vars/Ubuntu.yml
deleted file mode 100644
index ded2f5e0..00000000
--- a/roles/ipaclient/vars/Ubuntu.yml
+++ /dev/null
@@ -1,2 +0,0 @@
-# vars/Ubuntu.yml
-ipaclient_packages: [ "freeipa-client" ]
diff --git a/roles/ipareplica/vars/CentOS-7.yml b/roles/ipareplica/vars/CentOS-7.yml
deleted file mode 100644
index 614de3e5..00000000
--- a/roles/ipareplica/vars/CentOS-7.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-# defaults file for ipareplica
-# vars/RedHat-7.yml
-ipareplica_packages: [ "ipa-server", "libselinux-python" ]
-ipareplica_packages_dns: [ "ipa-server-dns" ]
-ipareplica_packages_adtrust: [ "ipa-server-trust-ad" ]
-ipareplica_packages_firewalld: [ "firewalld" ]
\ No newline at end of file
diff --git a/roles/ipareplica/vars/RedHat-7.3.yml b/roles/ipareplica/vars/RedHat-7.3.yml
deleted file mode 100644
index a0e7ffea..00000000
--- a/roles/ipareplica/vars/RedHat-7.3.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-# defaults file for ipareplica
-# vars/RedHat-7.3.yml
-ipareplica_packages: [ "ipa-server", "libselinux-python" ]
-ipareplica_packages_dns: [ "ipa-server-dns" ]
-ipareplica_packages_adtrust: [ "ipa-server-trust-ad" ]
-ipareplica_packages_firewalld: [ "firewalld" ]
\ No newline at end of file
diff --git a/roles/ipaserver/tasks/main.yml b/roles/ipaserver/tasks/main.yml
index c4e1bd7c..23f8aec4 100644
--- a/roles/ipaserver/tasks/main.yml
+++ b/roles/ipaserver/tasks/main.yml
@@ -7,6 +7,13 @@
     - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
     - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
     - "vars/{{ ansible_facts['distribution'] }}.yml"
+    # os_family is used as a fallback for distros which are not currently
+    # supported, but are based on a supported distro family. For example,
+    # Oracle, Rocky, Alma and Alibaba linux, which are all "RedHat" based.
+    - "vars/{{ ansible_facts['os_family'] }}-{{ ansible_facts['distribution_version'] }}.yml"
+    - "vars/{{ ansible_facts['os_family'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
+    - "vars/{{ ansible_facts['os_family'] }}.yml"
+    # If neither distro nor family is supported, try a default configuration.
     - "vars/default.yml"
 
 - name: Install IPA server
diff --git a/roles/ipaserver/vars/CentOS-7.yml b/roles/ipaserver/vars/CentOS-7.yml
deleted file mode 100644
index 11863757..00000000
--- a/roles/ipaserver/vars/CentOS-7.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-# defaults file for ipaserver
-# vars/rhel.yml
-ipaserver_packages: [ "ipa-server", "libselinux-python" ]
-ipaserver_packages_dns: [ "ipa-server-dns" ]
-ipaserver_packages_adtrust: [ "ipa-server-trust-ad" ]
-ipaserver_packages_firewalld: [ "firewalld" ]
\ No newline at end of file
diff --git a/roles/ipaserver/vars/CentOS-8.yml b/roles/ipaserver/vars/CentOS-8.yml
deleted file mode 120000
index d49e1cd5..00000000
--- a/roles/ipaserver/vars/CentOS-8.yml
+++ /dev/null
@@ -1 +0,0 @@
-RedHat-8.yml
\ No newline at end of file
diff --git a/roles/ipaserver/vars/OracleLinux-7.yml b/roles/ipaserver/vars/OracleLinux-7.yml
deleted file mode 120000
index 852b838d..00000000
--- a/roles/ipaserver/vars/OracleLinux-7.yml
+++ /dev/null
@@ -1 +0,0 @@
-RedHat-7.yml
\ No newline at end of file
diff --git a/roles/ipaserver/vars/OracleLinux-8.yml b/roles/ipaserver/vars/OracleLinux-8.yml
deleted file mode 120000
index d49e1cd5..00000000
--- a/roles/ipaserver/vars/OracleLinux-8.yml
+++ /dev/null
@@ -1 +0,0 @@
-RedHat-8.yml
\ No newline at end of file
diff --git a/roles/ipaserver/vars/RedHat-7.3.yml b/roles/ipaserver/vars/RedHat-7.3.yml
deleted file mode 100644
index 11863757..00000000
--- a/roles/ipaserver/vars/RedHat-7.3.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-# defaults file for ipaserver
-# vars/rhel.yml
-ipaserver_packages: [ "ipa-server", "libselinux-python" ]
-ipaserver_packages_dns: [ "ipa-server-dns" ]
-ipaserver_packages_adtrust: [ "ipa-server-trust-ad" ]
-ipaserver_packages_firewalld: [ "firewalld" ]
\ No newline at end of file
-- 
GitLab