2018-12-01 00:31:11 +00:00
|
|
|
---
|
2018-12-01 14:54:37 +00:00
|
|
|
ldap_proxy_base_dir: /etc/openldap
|
2018-12-01 00:31:11 +00:00
|
|
|
ldap_proxy_urls:
|
|
|
|
- "ldapi:/// ldap:///"
|
|
|
|
ldap_proxy_options: []
|
|
|
|
|
2018-12-01 01:03:29 +00:00
|
|
|
ldap_proxy_iptables_enabled: False
|
|
|
|
ldap_proxy_open_ports:
|
|
|
|
- name: allow_ldap_out
|
|
|
|
rules: |
|
|
|
|
-A OUTPUT -m state --state NEW -p tcp --dport 389 -j ACCEPT
|
|
|
|
state: present
|
|
|
|
- name: allow_ldap_in
|
|
|
|
rules: |
|
|
|
|
-A INPUT -m state --state NEW -p tcp --dport 389 -j ACCEPT
|
|
|
|
state: present
|
|
|
|
|
2019-09-18 19:17:52 +00:00
|
|
|
ldap_proxy_tls_enabled: False
|
2018-12-01 00:31:11 +00:00
|
|
|
ldap_proxy_tls_cert_source: mycert.pem
|
|
|
|
ldap_proxy_tls_key_source: mykey.pem
|
|
|
|
ldap_proxy_tls_ca_source: ca.pem
|
2018-12-01 14:54:37 +00:00
|
|
|
ldap_proxy_tls_cert_path: "{{ ldap_proxy_base_dir }}/certs/mycert.pem"
|
|
|
|
ldap_proxy_tls_key_path: "{{ ldap_proxy_base_dir }}/certs/mykey.pem"
|
|
|
|
ldap_proxy_tls_ca_path: "{{ ldap_proxy_base_dir }}/certs/ca.path"
|
2018-12-01 00:31:11 +00:00
|
|
|
|
|
|
|
ldap_proxy_server: "ldap://ad.example.com:389"
|
|
|
|
ldap_proxy_server_suffix: "dc=example,dc=com"
|
|
|
|
ldap_proxy_readonly_enabled: True
|
|
|
|
|
|
|
|
ldap_proxy_loglevel: 0
|
2018-12-01 14:33:37 +00:00
|
|
|
|
|
|
|
ldap_proxy_acl_file: "{{ ldap_proxy_base_dir }}/slapd.access"
|
|
|
|
ldap_proxy_acls:
|
|
|
|
- access_to:
|
|
|
|
- '*'
|
|
|
|
access_by:
|
|
|
|
- '* read'
|
2018-12-12 21:08:46 +00:00
|
|
|
|
|
|
|
ldap_proxy_custom_schemas: []
|