mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-09-24 19:16:26 +02:00
Kevin Veen-Birkenbach
208848579d
- Add handlers/main.yml to load memberof/refint modules and import groups via docker exec - Use OPENLDAP_CONTAINER consistently (replace OPENLDAP_NAME) - Rename tasks/ldifs_creation.yml -> tasks/_ldifs_creation.yml and update includes - Drop default param from get_app_conf calls; add explicit meta: flush_handlers - docker-compose: honor OPENLDAP_NETWORK_EXPOSE_LOCAL | bool; minor formatting - env template: formatting/comments consistency - Remove unused 01_rbac_group.ldif.j2; rename 02_rbac_roles -> 01_rbac_roles and fix filter to LDAP - vars: rename OPENLDAP_NAME -> OPENLDAP_CONTAINER; prune LDIF schema type Conversation: https://chatgpt.com/share/68d1d25d-e788-800f-bfb6-13b1f5bc6121
41 lines
2.0 KiB
YAML
41 lines
2.0 KiB
YAML
- name: Load memberof module from file in OpenLDAP container
|
|
shell: >
|
|
docker exec -i {{ OPENLDAP_CONTAINER }} ldapmodify -Y EXTERNAL -H ldapi:/// -f "{{ [OPENLDAP_LDIF_PATH_DOCKER, 'configuration/01_member_of_configuration.ldif' ] | path_join }}"
|
|
listen:
|
|
- "Import configuration LDIF files"
|
|
# @todo Remove the following ignore errors when setting up a new server
|
|
# Just here because debugging would take to much time
|
|
ignore_errors: true
|
|
|
|
- name: Refint Module Activation for OpenLDAP
|
|
shell: >
|
|
docker exec -i {{ OPENLDAP_CONTAINER }} ldapadd -Y EXTERNAL -H ldapi:/// -f "{{ [ OPENLDAP_LDIF_PATH_DOCKER, 'configuration/02_member_of_configuration.ldif' ] | path_join }}"
|
|
listen:
|
|
- "Import configuration LDIF files"
|
|
register: ldapadd_result
|
|
failed_when: ldapadd_result.rc not in [0, 68]
|
|
# @todo Remove the following ignore errors when setting up a new server
|
|
# Just here because debugging would take to much time
|
|
ignore_errors: true
|
|
|
|
- name: Refint Overlay Configuration for OpenLDAP
|
|
shell: >
|
|
docker exec -i {{ OPENLDAP_CONTAINER }} ldapmodify -Y EXTERNAL -H ldapi:/// -f "{{ [ OPENLDAP_LDIF_PATH_DOCKER, 'configuration/03_member_of_configuration.ldif' ] | path_join }}"
|
|
listen:
|
|
- "Import configuration LDIF files"
|
|
register: ldapadd_result
|
|
failed_when: ldapadd_result.rc not in [0, 68]
|
|
# @todo Remove the following ignore errors when setting up a new server
|
|
# Just here because debugging would take to much time
|
|
ignore_errors: true
|
|
|
|
- name: "Import users, groups, etc. to LDAP"
|
|
shell: >
|
|
docker exec -i {{ OPENLDAP_CONTAINER }} ldapadd -x -D "{{ LDAP.DN.ADMINISTRATOR.DATA }}" -w "{{ LDAP.BIND_CREDENTIAL }}" -c -f "{{ [ OPENLDAP_LDIF_PATH_DOCKER, 'groups', (item | basename | regex_replace('\.j2$', '')) ] | path_join }}"
|
|
register: ldapadd_result
|
|
changed_when: "'adding new entry' in ldapadd_result.stdout"
|
|
failed_when: ldapadd_result.rc not in [0, 20, 68, 65]
|
|
listen:
|
|
- "Import groups LDIF files"
|
|
loop: "{{ query('fileglob', role_path ~ '/templates/ldif/groups/*.j2') | sort }}"
|