36 lines
1.2 KiB
YAML
36 lines
1.2 KiB
YAML
---
|
|
ldap_proxy_urls:
|
|
- "ldapi:/// ldap:///"
|
|
ldap_proxy_options: []
|
|
|
|
ldap_proxy_iptables_enabled: False
|
|
ldap_proxy_open_ports:
|
|
- name: allow_ldap_out
|
|
rules: |
|
|
-A OUTPUT -m state --state NEW -p tcp --dport 389 -j ACCEPT
|
|
state: present
|
|
- name: allow_ldap_in
|
|
rules: |
|
|
-A INPUT -m state --state NEW -p tcp --dport 389 -j ACCEPT
|
|
state: present
|
|
|
|
# You can deploy your certificates from a file or from content.
|
|
# If you enable ldap_proxy_tls_source_use_content you have to put the content of your cert files into
|
|
# ldap_proxy_tls_cert_path and ldap_proxy_tls_cert_path.
|
|
ldap_proxy_tls_source_use_content: False
|
|
# If you enable ldap_proxy_tls_source_use_files theses variables have to contain the path to your
|
|
# certificate files located on the ansible "master" host
|
|
ldap_proxy_tls_source_use_files: True
|
|
ldap_proxy_tls_cert_source: mycert.pem
|
|
ldap_proxy_tls_key_source: mykey.pem
|
|
ldap_proxy_tls_ca_source: ca.pem
|
|
ldap_proxy_tls_cert_path: /etc/openldap/certs/mycert.pem
|
|
ldap_proxy_tls_key_path: /etc/openldap/certs/mykey.pem
|
|
ldap_proxy_tls_ca_path: /etc/openldap/certs/ca.path
|
|
|
|
ldap_proxy_server: "ldap://ad.example.com:389"
|
|
ldap_proxy_server_suffix: "dc=example,dc=com"
|
|
ldap_proxy_readonly_enabled: True
|
|
|
|
ldap_proxy_loglevel: 0
|