autofs: Initial version of role

roles/autofs/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: restart autofs
+  service:
+    name: autofs
+    state: restarted

roles/autofs/tasks/main.yml

@@ -0,0 +1,49 @@
+---
+- name: install packages
+  package:
+    name: autofs
+    state: installed
+
+- name: configure ldap server for autofs
+  lineinfile:
+    dest: /etc/autofs.conf
+    regexp: '^#?ldap_uri\s*=.*'
+    line: "ldap_uri = {% for u in ldap_server %}ldaps://{{ u }} {% endfor %}"
+  notify: restart autofs
+
+- name: configure ldap schema for autofs
+  lineinfile:
+    dest: /etc/autofs.conf
+    line: "{{ item }}"
+    insertbefore: "^# auth_conf_file"
+  notify: restart autofs
+  with_items:
+    - value_attribute = automountInformation
+    - entry_attribute = automountKey
+    - map_attribute = ou
+    - entry_object_class = automount
+    - map_object_class = organizationalUnit
+
+- name: configure ldap auth for autofs
+  template:
+    dest: /etc/autofs_ldap_auth.conf
+    src: autofs_ldap_auth.conf.j2
+    mode: 0600
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: restart autofs
+
+- name: create auto.master config
+  template:
+    dest: /etc/auto.master
+    src: auto.master.j2
+    mode: 0644
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: restart autofs
+
+- name: start autofs service
+  service:
+    name: autofs
+    state: started
+    enabled: true

roles/autofs/templates/auto.master.j2

@@ -0,0 +1,2 @@
+/home  ldap:///ou=People,{{ ldap_basedn }} rw,nosuid,nodev
+/roles ldap:///ou=Groups,{{ ldap_basedn }} rw,nosuid,nodev --ghost

roles/autofs/templates/autofs_ldap_auth.conf.j2

@@ -0,0 +1,9 @@
+<?xml version="1.0" ?>
+<autofs_ldap_sasl_conf
+    usetls="no"
+    tlsrequired="no"
+    authrequired="yes"
+    authtype="EXTERNAL"
+    external_cert="{{ tls_certs }}/{{ inventory_hostname }}.crt"
+    external_key="{{ tls_private }}/{{ inventory_hostname }}.key"
+/>