foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

write ldap datadirectory handling more cleanly

Browse source
This commit is contained in:
Timo Makinen 2019-05-31 18:56:24 +03:00
parent a3ea2437a3
commit 80b017b5d1
3 changed files with 22 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

1
host_vars/ldap01.home.foo.sh.yml
View file

@ -3,4 +3,5 @@ interfaces: [[20, "52:54:00:ac:dc:1f"]]
vmhost: vmhost01.home.foo.sh vmhost: vmhost01.home.foo.sh
datadisk_size: [10] datadisk_size: [10]
ldap_datadir: /export/ldap
ldap_master: true ldap_master: true

1
roles/ldap/server/defaults/main.yml
View file

@ -1,3 +1,4 @@
--- ---
ldap_server_cert: "{% if ldap_master is defined %}ldap01.foo.sh{% else %}\ ldap_server_cert: "{% if ldap_master is defined %}ldap01.foo.sh{% else %}\
ldap.foo.sh{% endif %}" ldap.foo.sh{% endif %}"
ldap_datadir: /srv/ldap

23
roles/ldap/server/tasks/main.yml
View file

@ -7,14 +7,13 @@
- openldap-servers - openldap-servers
- ldapvi - ldapvi
- block: - name: fix selinux context from ldap data diretory
- name: fix selinux context from ldap data directory
sefcontext: sefcontext:
path: /export/ldap(/.*)? path: "{{ ldap_datadir }}(/.*)?"
setype: slapd_db_t setype: slapd_db_t
- name: create ldap data directory - name: create ldap data directory
file: file:
path: /export/ldap path: "{{ ldap_datadir }}"
state: directory state: directory
mode: 0700 mode: 0700
owner: ldap owner: ldap
@ -27,21 +26,7 @@
owner: root owner: root
group: root group: root
follow: false follow: false
when: ldap_master is defined when: ldap_datadir != "/srv/ldap"
- block:
- name: fix selinux context from ldap data directory
sefcontext:
path: /srv/ldap(/.*)?
setype: slapd_db_t
- name: create ldap data directory
file:
path: /srv/ldap
state: directory
mode: 0700
owner: ldap
group: ldap
when: ldap_msater is not defined
- name: remove nss cert databases - name: remove nss cert databases
file: file: