3.6 KiB
3.6 KiB
xoxys.ldap_proxy
Role to setup an openldap proxy
Table of content
- Default Variables
- ldap_proxy_base_dir
- ldap_proxy_urls
- ldap_proxy_options
- ldap_proxy_iptables_enabled
- ldap_proxy_open_ports
- ldap_proxy_tls_enabled
- ldap_proxy_tls_cert_source
- ldap_proxy_tls_key_source
- ldap_proxy_tls_ca_source
- ldap_proxy_tls_cert_path
- ldap_proxy_tls_key_path
- ldap_proxy_tls_ca_path
- ldap_proxy_server
- ldap_proxy_server_suffix
- ldap_proxy_readonly_enabled
- ldap_proxy_loglevel
- ldap_proxy_acl_file
- ldap_proxy_acls
- ldap_proxy_custom_schemas
- Dependencies
- License
- Author
Default Variables
ldap_proxy_base_dir
Default value
ldap_proxy_base_dir: /etc/openldap
ldap_proxy_urls
Default value
ldap_proxy_urls:
- ldapi:/// ldap:///
ldap_proxy_options
Default value
ldap_proxy_options: []
ldap_proxy_iptables_enabled
Default value
ldap_proxy_iptables_enabled: false
ldap_proxy_open_ports
Default value
ldap_proxy_open_ports:
- name: allow_ldap_out
rules: "-A OUTPUT -m state --state NEW -p tcp --dport 389 -j ACCEPT\n"
state: present
- name: allow_ldap_in
rules: "-A INPUT -m state --state NEW -p tcp --dport 389 -j ACCEPT\n"
state: present
ldap_proxy_tls_enabled
Default value
ldap_proxy_tls_enabled: false
ldap_proxy_tls_cert_source
Default value
ldap_proxy_tls_cert_source: mycert.pem
ldap_proxy_tls_key_source
Default value
ldap_proxy_tls_key_source: mykey.pem
ldap_proxy_tls_ca_source
Default value
ldap_proxy_tls_ca_source: ca.pem
ldap_proxy_tls_cert_path
Default value
ldap_proxy_tls_cert_path: '{{ ldap_proxy_base_dir }}/certs/mycert.pem'
ldap_proxy_tls_key_path
Default value
ldap_proxy_tls_key_path: '{{ ldap_proxy_base_dir }}/certs/mykey.pem'
ldap_proxy_tls_ca_path
Default value
ldap_proxy_tls_ca_path: '{{ ldap_proxy_base_dir }}/certs/ca.path'
ldap_proxy_server
Default value
ldap_proxy_server: ldap://ad.example.com:389
ldap_proxy_server_suffix
Default value
ldap_proxy_server_suffix: dc=example,dc=com
ldap_proxy_readonly_enabled
Default value
ldap_proxy_readonly_enabled: true
ldap_proxy_loglevel
Default value
ldap_proxy_loglevel: 0
ldap_proxy_acl_file
Default value
ldap_proxy_acl_file: '{{ ldap_proxy_base_dir }}/slapd.access'
ldap_proxy_acls
Default value
ldap_proxy_acls:
- access_to:
- '*'
access_by:
- '* read'
ldap_proxy_custom_schemas
Default value
ldap_proxy_custom_schemas: []
Dependencies
None.
License
MIT
Author
xoxys