jonathan/infra
1
0
Fork 0
Code Actions Activity

this should all work

Browse Source
This commit is contained in:
Jonathan DeMasi
2026-01-24 23:55:47 -07:00
parent bb6c2032ee
commit 63da7e8ae4
2 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ansible/roles/openldap_server/tasks/main.yaml
View File

@@ -1,8 +1,8 @@
- import_tasks: install.yaml - import_tasks: install.yaml
- import_tasks: disable_ldaps.yaml - import_tasks: disable_ldaps.yaml
- import_tasks: schemas.yaml - import_tasks: schemas.yaml
#- import_tasks: config.yaml - import_tasks: config.yaml
#- import_tasks: find_database.yaml - import_tasks: find_database.yaml
#- import_tasks: manager.yaml - import_tasks: manager.yaml
#- import_tasks: tls.yaml - import_tasks: tls.yaml
#- import_tasks: acls.yaml - import_tasks: acls.yaml

20
ansible/roles/openldap_server/tasks/schemas.yaml
View File

@@ -40,16 +40,16 @@
# group: ldap # group: ldap
# mode: '0600' # mode: '0600'
- name: Ensure custom LDAP schemas (sudo + openssh) are loaded #- name: Ensure custom LDAP schemas (sudo + openssh) are loaded
ansible.builtin.command: > # ansible.builtin.command: >
ldapadd -Y EXTERNAL -H ldapi:/// -f {{ item.file }} # ldapadd -Y EXTERNAL -H ldapi:/// -f {{ item.file }}
args: # args:
creates: "/etc/openldap/schema/.{{ item.name }}_loaded" # creates: "/etc/openldap/schema/.{{ item.name }}_loaded"
loop: # loop:
- { name: "sudo", file: "/etc/openldap/schema/sudo.ldif" } # - { name: "sudo", file: "/etc/openldap/schema/sudo.ldif" }
- { name: "openssh", file: "/etc/openldap/schema/openssh.ldif" } # - { name: "openssh", file: "/etc/openldap/schema/openssh.ldif" }
loop_control: # loop_control:
label: "{{ item.name }}" # label: "{{ item.name }}"
# Touch marker files for idempotency (optional but recommended) # Touch marker files for idempotency (optional but recommended)
- name: Ensure marker files exist - name: Ensure marker files exist