You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
45 lines
1.5 KiB
45 lines
1.5 KiB
2 years ago
|
- name: FreeIPA Server Setup
|
||
|
|
hosts: freeipadcs
|
||
|
|
tasks:
|
||
|
|
- name: Verifying dependencies
|
||
|
|
ansible.builtin.package:
|
||
|
|
name:
|
||
|
|
- freeipa-server
|
||
|
|
- freeipa-server-dns
|
||
|
|
- freeipa-server-trust-ad
|
||
|
|
- mlocate
|
||
|
|
- vim
|
||
|
|
state: present
|
||
|
|
|
||
|
|
- name: Checking chronyd.service for lxc compatibility
|
||
|
|
ansible.builtin.replace:
|
||
|
|
regexp: '^ExecStart=\/usr\/sbin\/chronyd \$OPTIONS'
|
||
|
|
replace: 'ExecStart=/usr/sbin/chronyd -x $OPTIONS'
|
||
|
|
path: /etc/systemd/system/multi-user.target.wants/chronyd.service
|
||
|
|
register: updated_systemd
|
||
|
|
|
||
|
|
- name: Reloading systemd daemon if necessary
|
||
|
|
ansible.builtin.shell:
|
||
|
|
cmd: systemctl daemon-reload
|
||
|
|
when: updated_systemd.changed
|
||
|
|
|
||
|
|
- name: Checking for configured FreeIPA install
|
||
|
|
ansible.builtin.stat:
|
||
|
|
path: /etc/ipa/default.conf
|
||
|
|
register: freeipa_defaultconf
|
||
|
|
- name: Checking for configured ADTrust module
|
||
|
|
ansible.builtin.stat:
|
||
|
|
path: /var/lib/samba/smbprofile.tdb
|
||
|
|
register: freeipa_smbconf
|
||
|
|
|
||
|
|
- name: Check for FreeIPA config
|
||
|
|
ansible.builtin.debug:
|
||
|
|
msg: 'FreeIPA installation ready. Run ipa-server-install on the server to perform an interactive configuration.'
|
||
|
|
when: not freeipa_defaultconf.stat.exists
|
||
|
|
|
||
|
|
- name: Check for FreeIPA AD Trust config
|
||
|
|
ansible.builtin.debug:
|
||
|
|
msg: 'FreeIPA AD Trust module installation ready. Run ipa-adtrust-install on the server to perform an interactive configuration.'
|
||
|
|
when: not freeipa_smbconf.stat.exists
|
||
|
|
|