2017-01-12 17:36:59 +01:00
|
|
|
- name: LDAP packages are installed
|
2017-01-11 17:35:46 +01:00
|
|
|
apt:
|
|
|
|
name: '{{ item }}'
|
|
|
|
state: present
|
|
|
|
with_items:
|
|
|
|
- slapd
|
|
|
|
- ldap-utils
|
|
|
|
- ldapvi
|
2017-10-03 22:58:49 +02:00
|
|
|
- shelldap
|
|
|
|
|
|
|
|
- name: "Is /root/.ldapvirc present ?"
|
|
|
|
stat:
|
|
|
|
path: /root/.ldapvirc
|
|
|
|
check_mode: no
|
|
|
|
register: root_ldapvirc_path
|
2017-01-12 17:36:59 +01:00
|
|
|
|
|
|
|
- name: apg package is installed
|
|
|
|
apt:
|
|
|
|
name: apg
|
|
|
|
state: present
|
2017-10-03 22:58:49 +02:00
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
|
|
|
- name: create a password for cn=admin
|
|
|
|
command: "apg -n 1 -m 16 -M lcN"
|
|
|
|
register: ldap_admin_password
|
|
|
|
changed_when: False
|
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
|
|
|
- name: create a password for cn=nagios
|
|
|
|
command: "apg -n 1 -m 16 -M lcN"
|
|
|
|
register: ldap_nagios_password
|
|
|
|
changed_when: False
|
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
|
|
|
- name: hash password for cn=admin
|
|
|
|
command: "slappasswd -s {{ ldap_admin_password.stdout }}"
|
|
|
|
register: ldap_admin_password_ssha
|
|
|
|
changed_when: False
|
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
|
|
|
- name: hash password for cn=nagios
|
|
|
|
command: "slappasswd -s {{ ldap_nagios_password.stdout }}"
|
|
|
|
register: ldap_nagios_password_ssha
|
|
|
|
changed_when: False
|
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
|
|
|
- name: create ldapvirc config
|
|
|
|
template:
|
|
|
|
src: ldapvirc.j2
|
|
|
|
dest: /root/.ldapvirc
|
|
|
|
mode: "0640"
|
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
|
|
|
- name: upload ldap initial config
|
|
|
|
template:
|
|
|
|
src: config_ldapvi.j2
|
|
|
|
dest: /root/evolinux_ldap_config.ldapvi
|
|
|
|
mode: "0640"
|
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
|
|
|
- name: upload ldap initial entries
|
|
|
|
template:
|
|
|
|
src: first-entries.ldif.j2
|
|
|
|
dest: /root/evolinux_ldap_first-entries.ldif
|
|
|
|
mode: "0640"
|
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
|
|
|
- name: inject config
|
|
|
|
command: ldapvi -Y EXTERNAL -h ldapi:// --ldapmodify /root/evolinux_ldap_config.ldapvi
|
|
|
|
environment:
|
|
|
|
TERM: xterm
|
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
|
|
|
- name: inject first entries
|
|
|
|
command: slapadd -l /root/evolinux_ldap_first-entries.ldif
|
|
|
|
when: not root_ldapvirc_path.stat.exists
|
|
|
|
|
2017-10-10 16:12:08 +02:00
|
|
|
- name: upload custom schema
|
|
|
|
copy:
|
|
|
|
src: "{{ ldap_schema }}"
|
|
|
|
dest: "/root/{{ ldap_schema }}"
|
|
|
|
mode: "0640"
|
2017-10-31 10:36:18 +01:00
|
|
|
when: not root_ldapvirc_path.stat.exists and ldap_schema is defined
|
2017-10-10 16:12:08 +02:00
|
|
|
|
|
|
|
- name: inject custom schema
|
|
|
|
command: "ldapadd -Y EXTERNAL -H ldapi:/// -f /root/{{ ldap_schema }}"
|
2017-10-31 10:36:18 +01:00
|
|
|
when: not root_ldapvirc_path.stat.exists and ldap_schema is defined
|