Thomas Constans
15911cbd6f
- setup ssl (WIP) - setup replication provider (WIP) - setup replication consumer (WIP) ssl and replication provider seems to be ok (need to test on clean machine) replication consumer needs more testing
68 lines
2.1 KiB
Markdown
68 lines
2.1 KiB
Markdown
Role Name
|
|
=========
|
|
|
|
install openldap servers on CentOS - should work on RH too
|
|
|
|
Requirements
|
|
------------
|
|
|
|
none
|
|
|
|
Role Variables
|
|
--------------
|
|
defined in vars/main.yml and vars/CentOS.yml
|
|
|
|
* ldap_domain - example
|
|
* ldap_domain_ex - net
|
|
* ldap_suffix - constructed from variables above example.net
|
|
* ldap_admin_dn - cn=manager,{{ ldap_suffix }}
|
|
* ldap_admin_password - 123Soleil - should be in a vault ...)
|
|
* ldap_packages - liste of packages - should be the only thing to change to
|
|
adapt to other distro
|
|
* ldap_service - name of service unit file - slapd
|
|
* ldap_user - slapd service account
|
|
* import_data - bool - control wether we import initial data from LDIF files you will have put in templates subdirectory. Default No
|
|
* ldap_schemas - list of additionnal schema names to load - default cosine
|
|
* ldap_replication_consumer - bool -true to setup a replication consumer
|
|
* ldap_replication_provider - bool -true to setup a replication provider
|
|
* ldap_replication_account - account used for replication
|
|
* ldap_replication_password - account password used for replication
|
|
- ldap_replication_provider_uri - ldap uri of provider server
|
|
* ldap_have_ssl - boolean - wether we use ssl or not
|
|
* ldap_ssl_dir - directory where certificates will be stored
|
|
* ldap_ssl_cert_path - {{ ldap_ssl_dir }}/{{ ansible_fqdn }}_fullchain.pem
|
|
* ldap_ssl_cacert_path - {{ ldap_ssl_dir }}/{{ ansible_fqdn }}_fullchain.pem
|
|
* ldap_ssl_key_path - {{ ldap_ssl_dir }}/{{ ansible_fqdn }}_privkey.pem
|
|
|
|
|
|
Dependencies
|
|
------------
|
|
|
|
None
|
|
|
|
Example Playbook
|
|
----------------
|
|
|
|
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
|
|
|
|
- hosts: servers
|
|
roles:
|
|
- role: slapd
|
|
vars:
|
|
ldap_domain: example
|
|
ldap_domain_ex: net
|
|
import_data: true
|
|
ldap_schemas:
|
|
- cosine
|
|
- nis
|
|
- inetorgperson
|
|
|
|
License
|
|
-------
|
|
|
|
BSD
|
|
Author Information
|
|
------------------
|
|
|
|
Thomas C <thomas@opendoor.fr>
|