Install keytab from dovecot role and not from playbook

2021-03-11 06:18:47 +00:00 · 2021-03-11 06:18:47 +00:00 · 856fb13822
commit 856fb13822
parent 1120dfde5f
2 changed files with 8 additions and 4 deletions
--- a/playbooks/mail.yml
+++ b/playbooks/mail.yml
@ -15,10 +15,6 @@
      principals:
        - "host/{{ inventory_hostname }}@{{ kerberos_realm }}"
        - "smtp/{{ mail_server }}@{{ kerberos_realm }}"
-    - role: kerberos/keytab
-      keytab: /etc/dovecot/dovecot.keytab
-      principals:
-        - "imap/{{ mail_server }}@{{ kerberos_realm }}"
    - nfs-client
    - sssd
    - autofs
--- a/roles/dovecot/tasks/main.yml
+++ b/roles/dovecot/tasks/main.yml
@ -5,6 +5,14 @@
    name: dovecot
    state: installed

+- name: create kerberos keytab
+  include_role:
+    name: kerberos/keytab
+  vars:
+    keytab: /etc/dovecot/dovecot.keytab
+    principals:
+      - "imap/{{ mail_server }}@{{ kerberos_realm }}"
+
 - name: install privatekey
  copy:
    dest: "{{ tls_private }}/{{ mail_server }}.key"