xoxys.pve/tasks/auth.yml

---
- name: Create tmp folder for pve
  ansible.builtin.file:
    path: "{{ __pve_tmp_dir }}"
    recurse: True
    state: directory

- name: Configure auth provider
  ansible.builtin.template:
    src: etc/pve/domains.cfg.j2
    dest: "{{ __pve_tmp_dir }}/domains.cfg"
    owner: root
    group: www-data
    mode: "0640"
  register: __pve_domains_copy

- name: Copy auth provider to pve filesystem
  ansible.builtin.command: "/bin/cp -rf {{ __pve_tmp_dir }}/domains.cfg {{ __pve_base_dir }}/domains.cfg"
  changed_when: __pve_domains_copy.changed

- when:
    - pve_auth_ldap_enabled | bool
    - pve_auth_ldap_bind_password is defined
  block:
    - name: Ensure path for auth file exists
      ansible.builtin.file:
        path: "{{ __pve_base_dir }}/priv/ldap"
        recurse: True
        state: directory

    - name: Add passwd file for ldap bind
      ansible.builtin.template:
        src: etc/pve/priv/ldap.pw.j2
        dest: "{{ __pve_tmp_dir }}/{{ pve_auth_ldap_realm }}.pw"
        owner: root
        group: www-data
        mode: "0640"
      register: __pve_auth_copy

    - name: Copy passwd file to pve filesystem
      ansible.builtin.command: "/bin/cp -rf {{ __pve_tmp_dir }}/{{ pve_auth_ldap_realm }}.pw {{ __pve_base_dir }}/priv/ldap/{{ pve_auth_ldap_realm }}.pw"
      changed_when: __pve_auth_copy.changed
add auth setup tasks 2018-11-12 23:29:24 +01:00			`---`
ci: migrate to woodpecker 2024-02-19 10:50:15 +01:00			`- name: Create tmp folder for pve`
			`ansible.builtin.file:`
			`path: "{{ __pve_tmp_dir }}"`
			`recurse: True`
			`state: directory`
try to workaround pve filesystem limitations 2019-06-15 15:54:22 +02:00
ci: migrate to woodpecker 2024-02-19 10:50:15 +01:00			`- name: Configure auth provider`
			`ansible.builtin.template:`
			`src: etc/pve/domains.cfg.j2`
			`dest: "{{ __pve_tmp_dir }}/domains.cfg"`
			`owner: root`
			`group: www-data`
			`mode: "0640"`
			`register: __pve_domains_copy`
try to workaround pve filesystem limitations 2019-06-15 15:54:22 +02:00
ci: migrate to woodpecker 2024-02-19 10:50:15 +01:00			`- name: Copy auth provider to pve filesystem`
			`ansible.builtin.command: "/bin/cp -rf {{ __pve_tmp_dir }}/domains.cfg {{ __pve_base_dir }}/domains.cfg"`
			`changed_when: __pve_domains_copy.changed`
add auth setup tasks 2018-11-12 23:29:24 +01:00
ci: migrate to woodpecker 2024-02-19 10:50:15 +01:00			`- when:`
			`- pve_auth_ldap_enabled \| bool`
			`- pve_auth_ldap_bind_password is defined`
			`block:`
add auth setup tasks 2018-11-12 23:29:24 +01:00			`- name: Ensure path for auth file exists`
ci: migrate to woodpecker 2024-02-19 10:50:15 +01:00			`ansible.builtin.file:`
add auth setup tasks 2018-11-12 23:29:24 +01:00			`path: "{{ __pve_base_dir }}/priv/ldap"`
ci: migrate to woodpecker 2024-02-19 10:50:15 +01:00			`recurse: True`
fix directory setup 2018-11-12 23:49:24 +01:00			`state: directory`
add auth setup tasks 2018-11-12 23:29:24 +01:00
			`- name: Add passwd file for ldap bind`
ci: migrate to woodpecker 2024-02-19 10:50:15 +01:00			`ansible.builtin.template:`
add auth setup tasks 2018-11-12 23:29:24 +01:00			`src: etc/pve/priv/ldap.pw.j2`
try to workaround pve filesystem limitations 2019-06-15 15:54:22 +02:00			`dest: "{{ __pve_tmp_dir }}/{{ pve_auth_ldap_realm }}.pw"`
			`owner: root`
			`group: www-data`
ci: migrate to woodpecker 2024-02-19 10:50:15 +01:00			`mode: "0640"`
try to workaround pve filesystem limitations 2019-06-15 15:54:22 +02:00			`register: __pve_auth_copy`

try to workaround pve filesystem limitations 2019-06-15 16:01:47 +02:00			`- name: Copy passwd file to pve filesystem`
ci: migrate to woodpecker 2024-02-19 10:50:15 +01:00			`ansible.builtin.command: "/bin/cp -rf {{ __pve_tmp_dir }}/{{ pve_auth_ldap_realm }}.pw {{ __pve_base_dir }}/priv/ldap/{{ pve_auth_ldap_realm }}.pw"`
try to workaround pve filesystem limitations 2019-06-15 16:01:47 +02:00			`changed_when: __pve_auth_copy.changed`