- May 03, 2019
-
-
Thomas Woerner authored
-
Thomas Woerner authored
Dependencies and platforms have been updated. Commented out lines has been removed.
-
Thomas Woerner authored
-
Thomas Woerner authored
Updated setup.cfg to include all the necessary roles
-
Thomas Woerner authored
-
- Apr 26, 2019
-
-
Thomas Woerner authored
There have been several settings in ipaclient_setup_nss that have been hard coded instead of using the settings from the role. This has been fixed and the code in ipaclient_setup_nss has been updated to the latest version of FreeIPA with compatibility changes for older FreeIPA versions. Additionally the api is now properly configured so that the DNS SSHFP records are now properly created if no_dns_sshfp is not enabled.
-
Thomas Woerner authored
The old name ntpconf has been still used in one place of the NTP configuration for FreeIPA versions that do not provide the sync_time function. Fixes: #76 (Ansible Configure NTP Task)
-
Thomas Woerner authored
The use of version numbers for backward compatibility checks is not optimal because the version number is not changed if changes are back ported. The version dependant check has been replaced with an inspect argspec check.
-
Thomas Woerner authored
options.no_krb5_offline_passwords was set using the not existing role variable krb5_offline_passwords instead of no_krb5_offline_passwords.
-
Thomas Woerner authored
-
Thomas Woerner authored
The replica role is not able to work with version 4.5.
-
- Apr 24, 2019
-
-
https://github.com/freeipa/ansible-freeipaSean Pryor authored
Change-Id: Ice5f64f28b34efb461978aab15fe250801990729
-
- Apr 18, 2019
-
-
Thomas Woerner authored
This reverts commit bbaaf1f7.
-
https://github.com/freeipa/ansible-freeipaSean Pryor authored
Change-Id: Id2a58b8ab918ecbc77a92f8ce8dd8d0531312947
-
Sean Pryor authored
and remove unused roles Change-Id: I68094fc6fcb4292508660bd8ec5d3aeafc85974f
-
Thomas Woerner authored
There have been missing settings that have not been provided to ipareplica_setup_adtrust. These are: enable_compat, rid_base and secondary_rid_base. The settings rid_base and secondary_rid_base are now initialized in ipareplica_prepare and propagated in the results. The two settings netbios_name and reset_netbios_name are placed in the adtrust binding in the adtrust.install_check call. These are now saved when ipareplica_prepare finishes and are written back in the fist steps of ipareplica_setup_adtrust to make adtrust.install working. The settings add_sids and add_agents are now initialized in ansible_ipa_replica in the same way as in ServerMasterInstall. These settings are fixed in the replica deployment. Related: #73 (ipaserver_setup_adtrust fails on default smb.conf)
-
- Apr 17, 2019
-
-
Thomas Woerner authored
There have been missing settings that have not been provided to ipaserver_setup_adtrust. These are: enable_compat, rid_base and secondary_rid_base. The settings rid_base and secondary_rid_base are now initialized in ipaserver_test and propagated in the results. The two settings netbios_name and reset_netbios_name are placed in the adtrust binding in the adtrust.install_check call. These are now saved when ipaserver_test finishes and are written back in the fist steps of ipaserver_setup_adtrust to make adtrust.install working. The settings add_sids and add_agents are now initialized in ansible_ipa_server in the same way as in ServerMasterInstall. These settings are fixed in the server deployment.
-
Thomas Woerner authored
The settings ipareplica_add_sids and ipareplica_add_agents are not used in the ipareplica role. Therefore they have been removed.
-
Thomas Woerner authored
In case of an RuntimeError, ValueError or ScriptError the fail_json call was done on module instead of ansible_module. module simply does not exist.
-
Thomas Woerner authored
Meta end_play has been used as a simple solution to end the playbook processing in special conditions, like for example when the deployment was already done before. meta end_play has been replaced with blocks and conditions for these blocks. Fixes: #70 (Avoid using meta end_play)
-
Thomas Woerner authored
The ansible_fqdn hostname has been enforced to be set and used in ipaserver, ipareplica and also ipaclient role. This has been removed as the hostname should only be set if specified explicitly with ipa[server,replica,client]_hostname.
-
Thomas Woerner authored
The FreeIPA versions since 4.7.0 are using chrony and also the new sync_time function for time synchronization which has been added to ipaclient/install/client.py. The old version in ipaclient_setup_ntp has been updated to the code that has been used in 4.6.4.
-
- Apr 16, 2019
-
-
Thomas Woerner authored
The installer logs have not been created using the ansible ipaclient, ipareplica and ipaserver roles. This has been fixed and the installer logs are created now. This is a new and fixed version of 2113c791 where verbose mode is turned off.
-
- Apr 05, 2019
-
-
Thomas Woerner authored
forward_policy is only set in dns.install_test in ipareplica_test if setup_dns is enabled. Therefore forward_policy will be ommited in this case.
-
Thomas Woerner authored
cli_servers from ipaclient_test was missing in ipaclient_setup_ntp. This resulted in a backtrace and is fixed now. Fix options.ntp_servers check to not use length on NoneType.
-
Thomas Woerner authored
This is needed in ipareplica_setup_ds and has been removed before as part of commit f33d234d.
-
Thomas Woerner authored
The call of standard_logging_setup results in verbose and debug output in the ansible modules. This needs to be done in an altenative way. This reverts commit 2113c791.
-
Thomas Woerner authored
The inspect binding is needed because of the inspection of validate_domain_name that has been introduced with commit 818db5cb for FreeIPA versions prior to 4.7.
-
- Apr 04, 2019
-
-
Thomas Woerner authored
check_ldap_conf is only available in FreeIPA 4.7 and later and tasks.is_nosssd_supported is only available since 4.6.90.pre2. check_ldap_conf is None (ansible_ipa_client) if it can not be imported. hasattr has been added to check if is_nosssd_supported is a valid attribute in tasks. Fixes: #61 (ipaserver role - Fails on ipaclient install)
-
Thomas Woerner authored
The entity argument for validate_domain_name is only available in FreeIPA 4.7 and later. This has been fixed using inspect to be able to detect if entity is a valid argument. If not the whole realm name check is skipped. Related: #61 (ipaserver role - Fails on ipaclient install) Fixes: #66 (Python 2 error with validate_domain)
-
Thomas Woerner authored
ipaserver_test was not handling possible exceptions in the tests which resulted in a traceback. This has been fixed.
-
- Apr 03, 2019
-
-
Thomas Woerner authored
This setting had the wrong and unsed prefix ipahost. THis has been fixed and the proper prefix ipaclient is now used. The change in ipaclient/defaults/main.yml was missing from the first commit b5d6dc00
-
Thomas Woerner authored
These test are failing because there is no adtrust_imported and kra_imported setting yet in ansible_ipa_replica.
-
Thomas Woerner authored
If replica_conn_check failed a back trace was printed instead of a proper failure in ansible. Thias has been fixed.
-
Thomas Woerner authored
The configuration of DNS failed because of missing DNS settings in the ipareplica_prepare and ipareplica_setup_dns. Some fixed settings for use with DNSInstallInterface have been added to ansible_ipa_replica: options.dnssec_master = False options.disable_dnssec_master = False options.kasp_db_file = None options.force = False Fixes: #58 (install-replica fails: reverse_zones seems to be empty) Fixes: #63 (ipareplica_setup_dns fails)
-
Thomas Woerner authored
Removed unused user_input import from ipapython.ipautil. Added import of DN from ipapython.dn. Set ntpinstance to None if timeconf or sync_time could not be imported on older FreeIPA releases.
-
Thomas Woerner authored
Use ipaserver_install_packages to enable or disable package installation for the client deployment part with ipaclient role.
-
Thomas Woerner authored
Use ipareplica_install_packages to enable or disable package installation for the client deployment part with ipaclient role.
-
Thomas Woerner authored
Replica config is not needed and there fore has been removed.
-
Thomas Woerner authored
The dns settings in options have not been used and also not provided to the module in the tasks file. Therefore these settings shoul dbe removed.
-