This repository has been archived by the owner on Dec 24, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
playbook.yml
58 lines (56 loc) · 1.62 KB
/
playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
- hosts: controllers
gather_facts: no
roles:
- role: openssl
tags: openssl
- hosts: nodes
pre_tasks:
- name: Install requirements
pip:
extra_args: -U
requirements: "{{ lookup('fileglob', 'requirements.pip') }}"
- include_vars: roles/openssl/defaults/main.yml
- include_vars: roles/openldap/defaults/main.yml
- copy:
src: "{{ local_ldap_dir_certs }}/{{ item }}"
dest: "{{ ldap_dir_certs }}/"
owner: 389
group: 389
loop:
- ca.crt
- dhparam.pem
- server.key
- copy:
src: "{{ local_ldap_dir_certs }}/{{ ansible_host }}.crt"
dest: "{{ ldap_dir_certs }}/server.crt"
owner: 389
group: 389
roles:
- role: openldap
tags: openldap
- hosts: seed_node
tasks:
- block:
- include_vars: roles/openldap/defaults/main.yml
- name: Wait for ldap to start
shell: docker exec {{ docker_compose_project }}_server_1 ldapsearch -b "{{ ldap_base_dn }}" -Y EXTERNAL -Q -H ldapi:///
register: ret
retries: "{{ ldap_wait_retries }}"
delay: "{{ ldap_wait_delay }}"
until: |
ret.rc == 0
or ret.rc == 32
ignore_errors: yes
- name: Create domain object
shell:
cmd: |
docker exec -i {{ docker_compose_project }}_server_1 ldapadd -D "cn=admin,{{ ldap_base_dn }}" -w {{ ldap_pass_admin }} -H ldap://localhost <<!
dn: {{ ldap_base_dn }}
objectClass: dcObject
objectClass: organization
o: {{ ldap_organisation }}
dc: {{ ldap_domain.split('.')[0] }}
!
ignore_errors: yes
when: docker_compose_command != 'down'
tags: seed