mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-11-22 13:11:29 +00:00
force ipa_admin requirement in some adhoc
This commit is contained in:
parent
9928289f2e
commit
80a4efd099
@ -14,6 +14,7 @@
|
|||||||
- name: "Checking for user variables"
|
- name: "Checking for user variables"
|
||||||
assert:
|
assert:
|
||||||
that:
|
that:
|
||||||
|
- ipa_admin | mandatory
|
||||||
- ipaadmin_password | mandatory
|
- ipaadmin_password | mandatory
|
||||||
- ipa_zone | mandatory
|
- ipa_zone | mandatory
|
||||||
success_msg: "Required variables provided"
|
success_msg: "Required variables provided"
|
||||||
@ -21,6 +22,7 @@
|
|||||||
|
|
||||||
- name: "Creating DNS Zone"
|
- name: "Creating DNS Zone"
|
||||||
freeipa.ansible_freeipa.ipadnszone:
|
freeipa.ansible_freeipa.ipadnszone:
|
||||||
|
ipaadmin_principal: "{{ ipa_admin }}"
|
||||||
ipaadmin_password: "{{ ipaadmin_password }}"
|
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||||
name: "{{ ipa_zone }}"
|
name: "{{ ipa_zone }}"
|
||||||
tags:
|
tags:
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
---
|
---
|
||||||
# This playbook is meant to be used with callable variables, like adhoc or AWX.
|
# This playbook is meant to be used with callable variables, like adhoc or AWX.
|
||||||
# What: Creates groups in the idm infrastructure based on the variables provided
|
# What: Creates groups in the idm infrastructure based on the variables provided
|
||||||
|
# You MUST provide an ipa_admin user to run this.
|
||||||
|
# If group is going to be a fas group (exposed in noggin), ensure ipa_fas is
|
||||||
|
# set to true.
|
||||||
|
|
||||||
- name: Create our initial users
|
- name: Create our initial users
|
||||||
hosts: ipaserver
|
hosts: ipaserver
|
||||||
@ -13,6 +16,7 @@
|
|||||||
- name: "Checking for user variables"
|
- name: "Checking for user variables"
|
||||||
assert:
|
assert:
|
||||||
that:
|
that:
|
||||||
|
- ipa_admin | mandatory
|
||||||
- ipaadmin_password | mandatory
|
- ipaadmin_password | mandatory
|
||||||
- ipa_group | mandatory
|
- ipa_group | mandatory
|
||||||
- ipa_description | mandatory
|
- ipa_description | mandatory
|
||||||
@ -22,9 +26,22 @@
|
|||||||
|
|
||||||
- name: "Creating Mandatory Groups"
|
- name: "Creating Mandatory Groups"
|
||||||
freeipa.ansible_freeipa.ipagroup:
|
freeipa.ansible_freeipa.ipagroup:
|
||||||
|
ipaadmin_principal: "{{ ipa_admin }}"
|
||||||
ipaadmin_password: "{{ ipaadmin_password }}"
|
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||||
name: "{{ ipa_group }}"
|
name: "{{ ipa_group }}"
|
||||||
description: "{{ ipa_description }}"
|
description: "{{ ipa_description }}"
|
||||||
nonposix: "{{ ipa_posix }}"
|
nonposix: "{{ ipa_posix }}"
|
||||||
tags:
|
tags:
|
||||||
- groups
|
- groups
|
||||||
|
|
||||||
|
- name: "Prepare FAS if required"
|
||||||
|
shell: "set -o pipefail && echo \"{{ ipaadmin_password }}\" | kinit {{ ipa_admin }}"
|
||||||
|
check_mode: false
|
||||||
|
changed_when: "1 != 1"
|
||||||
|
when: ipa_fas
|
||||||
|
|
||||||
|
- name: "Apply FAS"
|
||||||
|
command: "ipa group-mod --fasgroup {{ ipa_group }}"
|
||||||
|
check_mode: false
|
||||||
|
changed_when: "1 != 1"
|
||||||
|
when: ipa_fas
|
@ -13,6 +13,7 @@
|
|||||||
- name: "Checking for user variables"
|
- name: "Checking for user variables"
|
||||||
assert:
|
assert:
|
||||||
that:
|
that:
|
||||||
|
- ipa_admin | mandatory
|
||||||
- ipaadmin_password | mandatory
|
- ipaadmin_password | mandatory
|
||||||
- ipa_service | mandatory
|
- ipa_service | mandatory
|
||||||
success_msg: "Required variables provided"
|
success_msg: "Required variables provided"
|
||||||
@ -20,6 +21,7 @@
|
|||||||
|
|
||||||
- name: "Creating Kerberos Service"
|
- name: "Creating Kerberos Service"
|
||||||
freeipa.ansible_freeipa.ipaservice:
|
freeipa.ansible_freeipa.ipaservice:
|
||||||
|
ipaadmin_principal: "{{ ipa_admin }}"
|
||||||
ipaadmin_password: "{{ ipaadmin_password }}"
|
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||||
name: "{{ ipa_service }}"
|
name: "{{ ipa_service }}"
|
||||||
skip_host_check: "{{ ipa_skip_host_check | default(false) }}"
|
skip_host_check: "{{ ipa_skip_host_check | default(false) }}"
|
||||||
|
@ -13,6 +13,7 @@
|
|||||||
- name: "Checking for user variables"
|
- name: "Checking for user variables"
|
||||||
assert:
|
assert:
|
||||||
that:
|
that:
|
||||||
|
- ipa_admin | mandatory
|
||||||
- ipaadmin_password | mandatory
|
- ipaadmin_password | mandatory
|
||||||
- ipa_name | mandatory
|
- ipa_name | mandatory
|
||||||
- ipa_first | mandatory
|
- ipa_first | mandatory
|
||||||
@ -25,6 +26,7 @@
|
|||||||
|
|
||||||
- name: "Creating User Account"
|
- name: "Creating User Account"
|
||||||
freeipa.ansible_freeipa.ipauser:
|
freeipa.ansible_freeipa.ipauser:
|
||||||
|
ipaadmin_principal: "{{ ipa_admin }}"
|
||||||
ipaadmin_password: "{{ ipaadmin_password }}"
|
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||||
name: "{{ ipa_name }}"
|
name: "{{ ipa_name }}"
|
||||||
first: "{{ ipa_first }}"
|
first: "{{ ipa_first }}"
|
Loading…
Reference in New Issue
Block a user