kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-07-19 15:04:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added provisioning switches for openldap to improve performance

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-07-14 08:45:53 +02:00
parent c6f49dc6e2
commit 732607bbb6
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
7 changed files with 19 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
roles/svc-db-openldap/config/main.yml
View File

@ -9,10 +9,12 @@ images:
webinterface: "lam" # The webinterface which should be used. Possible: lam and phpldapadmin webinterface: "lam" # The webinterface which should be used. Possible: lam and phpldapadmin
features: features:
ldap: true ldap: true
import: provisioning:
# Here it's possible to define what can be imported. # Here it's possible to define what should be imported and updated.
# It doesn't make sense to let the import run everytime because its very time consuming # It doesn't make sense to let the import run everytime because its very time consuming
credentials: true configuration: true # E.g. MemberOf and Hashed Password Configuration
schemas: true credentials: true # Administrator Password
entries: true schemas: true # E.g. Nextcloud, Openssl
users: true users: true # E.g. User, group and role entries
groups: true # Roles and Groups import
update: true # User Class updates

0
roles/svc-db-openldap/tasks/03_entries.yml → roles/svc-db-openldap/tasks/03_users.yml
View File

0
roles/svc-db-openldap/tasks/04_user_updates.yml → roles/svc-db-openldap/tasks/04_update.yml
View File

15
roles/svc-db-openldap/tasks/main.yml
View File

@ -36,7 +36,9 @@
- name: "Reset LDAP Credentials" - name: "Reset LDAP Credentials"
include_tasks: 01_credentials.yml include_tasks: 01_credentials.yml
when: applications | get_app_conf(application_id, 'network.local', True) when:
- applications | get_app_conf(application_id, 'network.local', True)
- applications | get_app_conf(application_id, 'provisioning.credentials', True)
- name: "create directory {{ldif_host_path}}{{item}}" - name: "create directory {{ldif_host_path}}{{item}}"
file: file:
@ -51,6 +53,7 @@
- configuration - configuration
loop_control: loop_control:
loop_var: folder loop_var: folder
when: applications | get_app_conf(application_id, 'provisioning.configuration', True)
- name: flush LDIF handlers - name: flush LDIF handlers
meta: flush_handlers meta: flush_handlers
@ -63,16 +66,20 @@
- name: "Include Schemas (if enabled)" - name: "Include Schemas (if enabled)"
include_tasks: 02_schemas.yml include_tasks: 02_schemas.yml
when: applications | get_app_conf(application_id, 'provisioning.schemas', True)
- name: "Import LDAP Entries (if enabled)" - name: "Import LDAP Entries (if enabled)"
include_tasks: 03_entries.yml include_tasks: 03_users.yml
when: applications | get_app_conf(application_id, 'provisioning.users', True)
- name: "Import LDIF Data (if enabled)" - name: "Import LDIF Data (if enabled)"
include_tasks: ldifs_creation.yml include_tasks: ldifs_creation.yml
loop: loop:
- data - groups
loop_control: loop_control:
loop_var: folder loop_var: folder
when: applications | get_app_conf(application_id, 'provisioning.groups', True)
- name: "Add Objects to all users" - name: "Add Objects to all users"
include_tasks: 04_user_updates.yml include_tasks: 04_update.yml
when: applications | get_app_conf(application_id, 'provisioning.update', True)

0
roles/svc-db-openldap/templates/ldif/data/01_rbac_group.ldif.j2 → roles/svc-db-openldap/templates/ldif/groups/01_rbac_group.ldif.j2
View File

0
roles/svc-db-openldap/templates/ldif/data/02_rbac_roles.ldif.j2 → roles/svc-db-openldap/templates/ldif/groups/02_rbac_roles.ldif.j2
View File

0
roles/svc-db-openldap/templates/ldif/data/README.md → roles/svc-db-openldap/templates/ldif/groups/README.md
View File