- Jul 05, 2022
-
-
Thomas Woerner authored
With ansible-2.13 it is required to use jinja for list concatenation. list: "[] + ['a'] + ['b']" needs to become list: "{{ [] + ['a'] + ['b'] }}" copy_external_cert.yml needed to be changed.
-
- Jun 22, 2022
-
-
Thomas Woerner authored
There are new smartcard roles in the roles folder: roles/ipasmartcard_server roles/ipasmartcard_client This roles allows to setup smartcard for servers and clients. Here is the documentation for the roles: roles/ipasmartcard_server/README.md roles/ipasmartcard_client/README.md New example playbooks have been added: playbooks/install-smartcard-server.yml playbooks/install-smartcard-replicas.yml playbooks/install-smartcard-servers.yml playbooks/install-smartcard-clients.yml
-
- Mar 22, 2022
-
-
Rafael Guterres Jeffman authored
-
- Feb 14, 2022
-
-
Thomas Woerner authored
The unnamed tasks have been reported as issues by new ansible-lint.
-
- Jan 18, 2022
-
-
Thomas Woerner authored
Due to a change in Ansible to depend on Python 3.8 it is needed to only use bindings that are provided by Python and Ansible core. gssapi is therefore not usable any more. The kinit_keytab function was using gssapi and now has to use the kinit command insead.
-
- Jan 13, 2022
-
-
Thomas Woerner authored
ERROR: Found 6 pylint issue(s) which need to be resolved: ERROR: plugins/modules/ipaserver_prepare.py:395:4: invalid-name: Variable name "e" doesn't conform to snake_case naming style ERROR: roles/ipaserver/library/ipaserver_prepare.py:395:4: invalid-name: Variable name "e" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:333:12: invalid-name: Variable name "ds" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:348:12: invalid-name: Variable name "ds" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:361:12: invalid-name: Variable name "ip" doesn't conform to snake_case naming style ERROR: roles/ipaserver/module_utils/ansible_ipa_server.py:364:12: invalid-name: Variable name "e" doesn't conform to snake_case naming style e has been replaced with err, ds with _ds, ip with _ip.
-
- Jan 12, 2022
-
-
Rafael Guterres Jeffman authored
Fix pylint warnings raised by enabling linter on ansible-freeipa roles.
-
- Dec 14, 2021
-
-
Thomas Woerner authored
-
- Dec 10, 2021
-
-
Rafael Guterres Jeffman authored
Recently added Ubuntu configuration filesi for roles miss document start marker.
-
- Nov 29, 2021
-
-
Rafael Guterres Jeffman authored
When using ipaclient role under Debian 10 (Buster), it is required that the python interpreter is set to Python 2.7 as freeipa-client package pulls in Python 2.7 dependencies, and does not work with Python 3. This patch adds configuration to properly set python interpreter. Based on the work by Marc Richter (@The-Judge on Github). Fix issue #607.
-
Rafael Guterres Jeffman authored
Ubuntu Bionic Beaver must use python2 as Python interpreter due to the way python-ipalib package is defined. Before using the role for installation, one must install package python2.7 before executing this role. Based on the work by Manuel Laurent (@mlaurent205 on Github).
-
- Nov 24, 2021
-
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
Thomas Woerner authored
This patch is needed to pass Automation Hub tests.
-
- Sep 29, 2021
-
-
Rafael Guterres Jeffman authored
-
Rafael Guterres Jeffman authored
-
Rafael Guterres Jeffman authored
-
- Sep 23, 2021
-
-
Thomas Woerner authored
ipaclient_setup_nss is using the nosssd_files dict if sssd is disabled with no_sssd. The nosssd_files dict is generated in ipaclient_test and used in ipaclient_setup_nss. So far ipaclient_setup_nss was using nosssd_files from ipaclient installer, which was always None.
-
- Aug 31, 2021
-
-
Rafael Guterres Jeffman authored
When loading variables in all ansible-freeipa roles, it is expected that a file with these variables is present for each supported Linux distribution, and then, based on the information about the distribution provided by Ansible, the correct file is loaded. Previously, only the facts `distribution` and dinstribution version related facts were used, which required specific files, or links to files for distributions in the same "family", which will probably have the same variables set. This change adds searching for files based on the `os_family` fact, allowing distributions that follow the same family rules to be supported, without any changes to the codebase. It is still possible that a specific distribution configuration overrides the default behavior, as `os_family` has lower priority than `distribution`. For example, distributions on the `RedHat` family, like Oracle Linux, Alma Linux, and Rocky Linux, work withoutadding new files, or links to files, to fill the `vars`. Fix issue #573. Fix issue #523.
-
Rafael Guterres Jeffman authored
When loading variables in all ansible-freeipa roles, it is expected that a file with these variables is present for each supported Linux distribution, and then, based on the information about the distribution provided by Ansible, the correct file is loaded. Previously, only the facts `distribution` and dinstribution version related facts were used, which required specific files, or links to files for distributions in the same "family", which will probably have the same variables set. This change adds searching for files based on the `os_family` fact, allowing distributions that follow the same family rules to be supported, without any changes to the codebase. It is still possible that a specific distribution configuration overrides the default behavior, as `os_family` has lower priority than `distribution`. For example, distributions on the `RedHat` family, like Oracle Linux, Alma Linux, and Rocky Linux, work withoutadding new files, or links to files, to fill the `vars`. Fix issue #573. Fix issue #523.
-
Rafael Guterres Jeffman authored
When loading variables in all ansible-freeipa roles, it is expected that a file with these variables is present for each supported Linux distribution, and then, based on the information about the distribution provided by Ansible, the correct file is loaded. Previously, only the facts `distribution` and dinstribution version related facts were used, which required specific files, or links to files for distributions in the same "family", which will probably have the same variables set. This change adds searching for files based on the `os_family` fact, allowing distributions that follow the same family rules to be supported, without any changes to the codebase. It is still possible that a specific distribution configuration overrides the default behavior, as `os_family` has lower priority than `distribution`. For example, distributions on the `RedHat` family, like Oracle Linux, Alma Linux, and Rocky Linux, work withoutadding new files, or links to files, to fill the `vars`. Fix issue #573. Fix issue #523.
-
Rafael Guterres Jeffman authored
When loading variables in all ansible-freeipa roles, it is expected that a file with these variables is present for each supported Linux distribution, and then, based on the information about the distribution provided by Ansible, the correct file is loaded. Previously, only the facts `distribution` and dinstribution version related facts were used, which required specific files, or links to files for distributions in the same "family", which will probably have the same variables set. This change adds searching for files based on the `os_family` fact, allowing distributions that follow the same family rules to be supported, without any changes to the codebase. It is still possible that a specific distribution configuration overrides the default behavior, as `os_family` has lower priority than `distribution`. For example, distributions on the `RedHat` family, like Oracle Linux, Alma Linux, and Rocky Linux, work withoutadding new files, or links to files, to fill the `vars`. Fix issue #573. Fix issue #523.
-
- Jun 09, 2021
-
-
Thomas Woerner authored
Up to now a python snippet was used to get IPA_BACKUP_DIR from ipaplatform but this was not working when ansible_facts was false due to not getting ansible_python_interpreter set. The module version is also working if gather_facts is turned off.
-
- Jun 04, 2021
-
-
Rafael Guterres Jeffman authored
-
Rafael Guterres Jeffman authored
-
- May 11, 2021
-
-
Thomas Woerner authored
Line too long and too many blank line errors and a trailing whitespace have been fixed.
-
- May 03, 2021
-
-
Rafael Guterres Jeffman authored
-
Rafael Guterres Jeffman authored
-
- Apr 07, 2021
-
-
Ivan PANICO authored
-
- Mar 19, 2021
-
-
Grzegorz Grasza authored
Without this change the "Import variables specific to distribution" tasks fail with "Could not find file on the Ansible Controller..." on environments with inject facts disabled. This changes the tests to run with ansible with inject_facts_as_vars = false and fixes other roles and playbooks.
-
- Feb 22, 2021
-
-
Thomas Woerner authored
Due to commit f3f9672d527008dc741ac90aa465bac842eea08d (ipa-rmkeytab: Check return value of krb5_kt_(start|end)_seq_get) in IPA 4.9.2 there is a new error reported for ipa-rmkeytab in case of a non existing keytab file. Using ipa-rmkeytab now results in the error #7 in this case. The client role is using ipa-rmkeytab and needs to ignore error #7 also. Fixes: #510 (ipa-client installation with OTP is failed with error code 7 (keytab: /usr/sbin/ipa-rmkeytab returned 7))
-
- Feb 16, 2021
-
-
Matt Davis authored
* prevents failures on Ansible 2.9 during module build due to https://github.com/ansible/ansible/issues/68361 * fixes https://github.com/freeipa/ansible-freeipa/issues/315
-
- Dec 01, 2020
-
-
Thomas Woerner authored
The use of conditions in shell tasks without else clause is failing on some systems with an undefined variable error.
-
- Nov 27, 2020
-
-
Thomas Woerner authored
The parameter options.no_dnssec_validation was set using a bad parameter name. This lead to not beeing able to turn off dnssec validation in the replica deployment. Fixes: #456 (ipareplica_no_dnssec_validation)
-
- Nov 25, 2020
-
-
Thomas Woerner authored
There was a typo in the README and also the ipareplica_hidden_replica parameter was missing.
-
Thomas Woerner authored
The common_check function in the replica installer code has been changed for the new memory checker code. With this the server and replica command line installers got the option --skip-mem-check. The server and replica role now also support the memory cheker and there are new variables for server and replica: ipaserver_mem_check - for ipaserver ipareplica_mem_check - for ipaserver These bool values default to yes and can be turned off in the inventory or playbook if needed. Related to freeipa PR https://pagure.io/freeipa/issue/8404 (Detect and fail if not enough memory is available for installation) Fixes: #450 (IPA Replica Installation Fails)
-