Kevin Veen-Birkenbach
716ebef33b
This commit updates multiple roles to ensure compatibility with Ansible 2.20. Several include paths and task-loading mechanisms required adjustments, as Ansible 2.20 applies stricter evaluation rules for complex Jinja expressions and no longer resolves certain relative include paths the way Ansible 2.18 did. Key changes: - Replaced legacy once_finalize.yml and once_flag.yml with the new structure under tasks/utils/once/finalize.yml and tasks/utils/once/flag.yml. - Updated all include_tasks statements to use 'path_join' with playbook_dir, ensuring deterministic and absolute file resolution across roles. - Fixed all network helper includes by converting direct relative paths such as 'roles/docker-compose/tasks/utils/network.yml' to proper Jinja-evaluated paths. - Normalized MATOMO_* variable names for consistency with the updated variable scope behavior in Ansible 2.20. - Removed deprecated patterns that were implicitly supported in Ansible 2.18 but break under the more strict variable and path resolution model in 2.20. These changes are part of the full migration step required to ensure the infinito-nexus roles remain stable, deterministic, and forward-compatible with Ansible 2.20. Details of the discussion and reasoning can be found in this conversation: https://chatgpt.com/share/69300a8d-24d4-800f-bec0-e895a695618a
LDAP
Description
Unleash the potential of centralized identity management with OpenLDAP. This powerful directory service provides a robust platform for managing users, groups, and organizational units while ensuring secure, scalable, and efficient authentication and authorization.
Overview
Deploy OpenLDAP in a Docker environment with support for TLS-secured communication via an NGINX stream proxy. OpenLDAP offers advanced directory management capabilities, including flexible schema definitions, dynamic configuration overlays, and comprehensive query support with LDAP search utilities.
For further setup instructions and advanced configuration details, please refer to the following resources available in this directory:
Features
- Centralized Identity Management: Maintain a unified repository for all users and groups with robust organizational structures.
- Flexible Schema Support: Customize and extend directory schemas to meet diverse organizational requirements.
- Secure Communications: Enable TLS encryption for data in transit when accessed through an NGINX reverse proxy.
- Dynamic Configuration: Leverage runtime configuration overlays to adjust directory settings without downtime.
- Comprehensive Query Capabilities: Utilize LDAP search tools to efficiently query and manage directory data.
- High Performance and Scalability: Designed to handle large-scale deployments with rapid lookup and authentication response times.
Further Resources
Credits
Developed and maintained by Kevin Veen-Birkenbach.
Learn more at veen.world.
Part of the Infinito.Nexus Project
Licensed under Infinito.Nexus NonCommercial License.