actcur-ansible/role-ipa-server
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
role-ipa-server/tasks/main.yml
Beth 72e4afa255 Added configuration for ipa server role (#1) 
Reviewed-on: #1
Co-authored-by: Beth <ejparker@actcur.com>
Co-committed-by: Beth <ejparker@actcur.com>
2025-03-30 00:06:20 -05:00

48 lines
No EOL
1.2 KiB
YAML
Raw Blame History

#SPDX-License-Identifier: MIT-0
---
# tasks file for role-ipa-server
- name: install freeipa-server
ansible.builtin.package:
name: freeipa-server
state: present
- name: install ipa-server-dns
ansible.builtin.package:
name: ipa-server-dns
state: present
#this should be moved to a dedicated firewall role down the road
- name: permit ipa-server traffic through firewall
ansible.posix.firewalld:
service: freeipa-4
state: enabled
permanent: true
immediate: true
offline: true
- name: deploy replication script
ansible.builtin.copy:
src: files/replicate.sh
dest: /scripts/replicate.sh
#this should be moved to dedicated selinux role down the road
- name: Disable SELinux
ansible.posix.selinux:
state: disabled
# create letsencrypt setup script if certbot is enabled
- name: check if letsencrypt is set up
ansible.builtin.command: '[ -d "/etc/letsencrypt/" ]'
register: result
ignore_errors: true
- name: check if ipaserver is ready
ansible.builtin.command: '[ -d "/var/lib/ipa/certs/" ]'
register: result2
ignore_errors: true
- name: deploy letsencrypt setup script
ansible.builtin.copy:
src: files/setup-le.sh
dest: /scripts/setup-le.sh
when: (result is succeeded) and (result2 is succeeded)
Reference in a new issue View git blame Copy permalink