2018-12-01 01:31:11 +01:00
|
|
|
---
|
|
|
|
|
- block:
|
|
|
|
|
- name: Install required packages
|
|
|
|
|
package:
|
|
|
|
|
name: "{{ item }}"
|
|
|
|
|
state: present
|
2019-09-18 17:23:35 +02:00
|
|
|
loop:
|
2018-12-01 01:31:11 +01:00
|
|
|
- openldap-servers
|
|
|
|
|
- openldap-clients
|
|
|
|
|
|
2018-12-01 15:51:13 +01:00
|
|
|
- name: Ensure base directories exists at '{{ ldap_proxy_base_dir }}'
|
|
|
|
|
file:
|
|
|
|
|
path: "{{ item }}"
|
|
|
|
|
state: directory
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
2019-09-18 17:23:35 +02:00
|
|
|
loop:
|
2018-12-01 15:51:13 +01:00
|
|
|
- "{{ ldap_proxy_base_dir }}"
|
|
|
|
|
- "{{ ldap_proxy_acl_file | dirname }}"
|
|
|
|
|
|
2018-12-01 01:31:11 +01:00
|
|
|
- name: Deploy environment file
|
|
|
|
|
template:
|
|
|
|
|
src: "etc/sysconfig/slapd.j2"
|
|
|
|
|
dest: "/etc/sysconfig/slapd"
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0644
|
2019-01-09 20:51:32 +01:00
|
|
|
notify: __slapd_restart
|
2018-12-01 01:31:11 +01:00
|
|
|
|
2018-12-01 15:51:13 +01:00
|
|
|
- name: Deploy config file to '{{ ldap_proxy_base_dir }}/slapd.conf'
|
2018-12-01 01:31:11 +01:00
|
|
|
template:
|
|
|
|
|
src: "etc/openldap/slapd.conf.j2"
|
2018-12-01 15:51:13 +01:00
|
|
|
dest: "{{ ldap_proxy_base_dir }}/slapd.conf"
|
2018-12-01 01:31:11 +01:00
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0644
|
2019-01-09 20:51:32 +01:00
|
|
|
notify: __slapd_restart
|
2018-12-01 02:03:29 +01:00
|
|
|
|
2018-12-01 15:51:13 +01:00
|
|
|
- name: Deploy access control file '{{ ldap_proxy_acl_file }}'
|
2018-12-01 15:37:47 +01:00
|
|
|
template:
|
|
|
|
|
src: "etc/openldap/slapd.access.j2"
|
2018-12-01 15:51:13 +01:00
|
|
|
dest: "{{ ldap_proxy_acl_file }}"
|
2018-12-01 15:37:47 +01:00
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0644
|
2019-01-09 20:51:32 +01:00
|
|
|
notify: __slapd_restart
|
2018-12-01 15:37:47 +01:00
|
|
|
|
2018-12-12 22:08:46 +01:00
|
|
|
- name: Deploy custom ldap schemas
|
2018-12-12 22:23:54 +01:00
|
|
|
copy:
|
2018-12-12 22:08:46 +01:00
|
|
|
src: "{{ item }}"
|
|
|
|
|
dest: "/etc/openldap/schema/{{ item | basename }}"
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0644
|
2019-09-18 17:23:35 +02:00
|
|
|
loop: "{{ ldap_proxy_custom_schemas }}"
|
2019-01-09 20:51:32 +01:00
|
|
|
notify: __slapd_restart
|
2018-12-12 22:08:46 +01:00
|
|
|
|
2018-12-01 02:03:29 +01:00
|
|
|
- name: Open ports in iptables
|
|
|
|
|
iptables_raw:
|
|
|
|
|
name: "{{ item.name }}"
|
|
|
|
|
rules: "{{ item.rules }}"
|
|
|
|
|
state: "{{ item.state }}"
|
2019-01-09 20:51:32 +01:00
|
|
|
weight: "{{ item.weight | default(omit) }}"
|
|
|
|
|
table: "{{ item.table | default(omit) }}"
|
2019-09-18 17:23:35 +02:00
|
|
|
loop: "{{ ldap_proxy_open_ports }}"
|
2018-12-01 02:03:29 +01:00
|
|
|
loop_control:
|
2019-01-09 20:51:32 +01:00
|
|
|
label: "{{ item.name }}"
|
2018-12-01 02:03:29 +01:00
|
|
|
when: ldap_proxy_iptables_enabled
|
2018-12-01 01:31:11 +01:00
|
|
|
become: True
|
|
|
|
|
become_user: root
|
