- Jun 28, 2018
-
-
Thomas Woerner authored
-
Thomas Woerner authored
ipadiscovery.py - fix typo of timconf to timeconf
-
- Jun 27, 2018
-
-
Ian Tewksbury authored
-
- Jun 25, 2018
-
-
Thomas Woerner authored
-
Thomas Woerner authored
A new Fedora-27 ditribution specific file has been added. Additionally ipareplica_packages_adtrust has been updated in all files to contain [free]ipa-server-trust-ad.
-
Thomas Woerner authored
A new Fedora-27 ditribution specific file has been added. Additionally ipaserver_packages_adtrust has been updated in all files to contain [free]ipa-server-trust-ad.
-
Thomas Woerner authored
The new section contains RHEL/CentOS 7.4+ and Fedora26+ for now.
-
- Jun 21, 2018
-
-
Thomas Woerner authored
With IPA 4.7 bigger changes have been introduced Changes: - Use of timeconf and chrony instead of ntpconf and ntpd. - custodia instance needed for ca and kra - Use of create_ipa_conf with changed setting in setup_http for install_http, reverted back afterwards.
-
Thomas Woerner authored
Affected files: - ipareplica/library/ipaserver_enable_ipa.py - ipareplica/library/ipaserver_master_password.py - ipareplica/library/ipaserver_setup_ntp.py
-
Thomas Woerner authored
The _pkinit_pkcs12_info var seems not to be needed for now. Will be removed in a following cleanup.
-
Thomas Woerner authored
The python3 bindings should be required and not the python2 bindings as a default.
-
Thomas Woerner authored
Affected files: - ipaserver/library/ipaserver_enable_ipa.py - ipaserver/library/ipaserver_master_password.py
-
Thomas Woerner authored
With IPA 4.7 bigger changes have been introduced Changes: - Use of timeconf and chrony instead of ntpconf and ntpd. - New IPAChangeConf (not used in ipaserver modules) - New check_ldap_conf form ipaclient.install.client - custodia instance needed for ca and kra - no_ntp defaults to yes for client installation part - A new option ntp_pool has been introduced (set to None).
-
Thomas Woerner authored
The python3 bindings should be required and not the python2 bindings as a default.
-
Thomas Woerner authored
As the action plugin is used with the default python interpreter and the change to python3 for FreeIPA, the use of OTP was not working anymore. The ansible_python_interpreter is not automatically used for the module part of the action plugin. Therefore ansible_python_interpreter needed to be added to the action plugin call as a new var to make sure that the module part is used with the proper python version. Also a new import for the Python2/3 import test has been added to discover of the server is supporting python2 or python3. The old ansible_python_interpreter setting is saved before doing this and restored after the one-time password has been generated on the server.
-
Thomas Woerner authored
With IPA 4.7 bigger changes have been introduced Changes: - Use of timeconf and chrony instead of ntpconf and ntpd. - A new option ntp_pool has been introduced.
-
Thomas Woerner authored
With 4.6.90 pre versions have been introduced. The version parsing in ipa_facts broke with this as it did not know about pre versions so far.
-
Thomas Woerner authored
paths.KDESTROY instead of "kdestroy" and paths.GETENT instead of "getent" Affected modules: roles/ipaclient/library/ipahost.py roles/ipaclient/library/ipajoin.py roles/ipaclient/library/ipanss.py
-
Thomas Woerner authored
Dropped commented out imports
-
Thomas Woerner authored
tasks.create_tmpfiles_dirs only needs IPAAPI_USER as an argument for version 4.5.4. For 4.5 there is no support for arguments. IPAAPI_USER is therefore only needed for 4.5.4 in module_utils/ansible_ipa_server.py
-
Thomas Woerner authored
The directories library and action_plugins do only contain ipaclient specific modules and plugins. Therefore these directories should be located in the ipaclient role directory.
-
- Jun 11, 2018
-
-
Thomas Woerner authored
When forwarders list or the no_forwarders flag has been set, the configuraiton does not reflect the setting. With no_forwarders the preparation step of the DNS server could fail in ipaserver_prepare. This is addressing the issue of pull request #25.
-
- May 18, 2018
-
-
Thomas Woerner authored
Capturing python3 check result is not a change
-
Thomas Woerner authored
Fix typo in README
-
Thomas Woerner authored
krb5 DNS discovery was not possible in cluster environments as the server list from groups.ipaserver was used all the time. DNS discovery is though only used if no servers are given. The new setting ipaclient_no_dns_lookup has been added to make sure that DNS lookup is used in the first place and can be disabled easily with this setting. There is also a new way to override servers per client in the inventory file with ipaclient_servers. Two new settings have been added: ipaclient_no_dns_lookup (bool, default: no) Set to 'yes' to use groups.ipaserver in cluster environments as servers for the clients. This deactivates DNS lookup in krb5. ipaclient_servers (list of strings, default: undefined) Manually override list of servers for example in a cluster environment on a per client basis. The list of servers is normally taken from from groups.ipaserver in cluster environments.
-
Thomas Woerner authored
The krb5 DNS lookup settings krb5_dns_lookup_realm and krb5_dns_lookup_kdc ans also the servers have not been set properly set if no server has been specified and discovery succeeded. This has been fixed. This fixes issue #23.
-
- Apr 11, 2018
-
-
Kellin authored
- Do not register a change in the playbook run when registering the variable checking for whether or not Python 3 imports work Signed-off-by:
Kellin <kellin@retromud.org>
-
- Apr 04, 2018
-
-
Thomas Woerner authored
-
Thomas Woerner authored
The support for external cert files is not complete yet. Please have a look at the example inventory file inventory/hosts.replica and also the install and uninstall playbook files install-replica.yml and uninstall-replica.yml
-
Thomas Woerner authored
b29db07c3b3d8937f53684fdbba985fec525d69d by Christian Heimes Replace custom file_exists() and dir_exists() functions with proper functions from Python's stdlib. The change also gets rid of pylint's invalid bad-python3-import error, https://github.com/PyCQA/pylint/issues/1565
-
- Feb 27, 2018
-
-
Chris authored
-
- Feb 21, 2018
-
-
Thomas Woerner authored
tasks.create_tmpfiles_dirs does not support options for FreeIPA 4.5
-
Thomas Woerner authored
Introduce setup files that copy roles to relevant directories
-
- Feb 13, 2018
-
-
Juan Antonio Osorio Robles authored
This enables easy installation of these roles through pip.
-
- Feb 09, 2018
-
-
Thomas Woerner authored
options.kasp_db_file is used in dns.install_check if options.dnssec_master is enabled. kasp_db_file defauts to None and is only a supported option in the post deployment ipa-dns-install script. Therefore it is suffient to set it to None.
-
Thomas Woerner authored
A new section has been added to configure firewalld automatically as the last step of the server installation. A new switch has been added to be able to turn firewalld configuration off: ipaserver_no_firewalld. It defaults to no.
-
Thomas Woerner authored
The client role is used also while installing the server. There has been an issue where the server installation has not been complete because of a playbook termination in the client. This has been fixed and the client and also the server are fully configured in the server installation.
-
Thomas Woerner authored
Currently only contains the ansible requirement: ansible>=2.4.1.0
-
Thomas Woerner authored
With FreeIPA 4.5 the functions save_state and configure_nisdomain have gotten new options. A version check has been added to ipaextras and ipanss to make sure that the modules are also working with FreeIPA 4.4.
-
Thomas Woerner authored
The roles ipaconf, krb5 and sssd have been using GPLv2+ in the license meta information while everything else is GPLv3. Therefore the license meta information has been changed to GPLv3.
-