kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-06 02:11:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Optimized RBAC via LDAP

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-07-04 08:03:27 +02:00
parent a9f55579a2
commit ee0561db72
25 changed files with 316 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/docker-ldap/tasks/add_user_objects.yml
View File

@@ -21,6 +21,8 @@
attributes:
objectClass: "{{ missing_auxiliary }}"
state: present
async: 60
poll: 0
loop: "{{ ldap_users_with_classes.results }}"
loop_control:
label: "{{ item.dn }}"

8
roles/docker-ldap/tasks/create_ldif_files.yml
View File

@@ -1,9 +1,11 @@
# In own task file for easier looping
- name: "Create LDIF files at {{ ldif_host_path }}{{ folder }}"
template:
src: "{{ item }}"
dest: "{{ ldif_host_path }}{{ folder }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: '770'
loop: "{{ lookup('fileglob', role_path ~ '/templates/ldif/' ~ folder ~ '/*.j2', wantlist=True) }}"
loop: >-
{{
lookup('fileglob', role_path ~ '/templates/ldif/' ~ folder ~ '/*.j2', wantlist=True)
| sort
}}
notify: "Import {{ folder }} LDIF files"

4
roles/docker-ldap/tasks/main.yml
View File

@@ -78,6 +78,8 @@
uidNumber: "{{ item.value.uid | int }}"
gidNumber: "{{ item.value.gid | int }}"
state: present # ↳ creates but never updates
async: 60
poll: 0
loop: "{{ users | dict2items }}"
loop_control:
label: "{{ item.key }}"
@@ -95,6 +97,8 @@
objectClass: "{{ ldap.user_objects.structural }}"
mail: "{{ item.value.email }}"
state: exact
async: 60
poll: 0
loop: "{{ users | dict2items }}"
loop_control:
label: "{{ item.key }}"