kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-06 02:11:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Optimized RBAC implementation

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-07-03 22:51:42 +02:00
parent 1486862327
commit a93e1520d4
20 changed files with 106 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/docker-ldap/tasks/add_user_objects.yml
View File

@@ -3,7 +3,7 @@
server_uri: "{{ ldap_server_uri }}"
bind_dn: "{{ ldap.dn.administrator.data }}"
bind_pw: "{{ ldap.bind_credential }}"
dn: "{{ ldap.dn.users }}"
dn: "{{ ldap.dn.ou.users }}"
scope: subordinate
filter: "{{ ldap.filters.users.all }}"
attrs:

6
roles/docker-ldap/tasks/main.yml
View File

@@ -63,7 +63,7 @@
###############################################################################
- name: Ensure LDAP users exist
community.general.ldap_entry:
dn: "{{ ldap.attributes.user_id }}={{ item.key }},{{ ldap.dn.users }}"
dn: "{{ ldap.attributes.user_id }}={{ item.key }},{{ ldap.dn.ou.users }}"
server_uri: "{{ ldap_server_uri }}"
bind_dn: "{{ ldap.dn.administrator.data }}"
bind_pw: "{{ ldap.bind_credential }}"
@@ -87,7 +87,7 @@
###############################################################################
- name: Ensure required objectClass values and mail address are present
community.general.ldap_attrs:
dn: "{{ ldap.attributes.user_id }}={{ item.key }},{{ ldap.dn.users }}"
dn: "{{ ldap.attributes.user_id }}={{ item.key }},{{ ldap.dn.ou.users }}"
server_uri: "{{ ldap_server_uri }}"
bind_dn: "{{ ldap.dn.administrator.data }}"
bind_pw: "{{ ldap.bind_credential }}"
@@ -101,7 +101,7 @@
- name: "Ensure container for application roles exists"
community.general.ldap_entry:
dn: "{{ ldap.dn.application_roles }}"
dn: "{{ ldap.dn.ou.roles }}"
server_uri: "{{ ldap_server_uri }}"
bind_dn: "{{ ldap.dn.administrator.data }}"
bind_pw: "{{ ldap.bind_credential }}"