78 lines
1.7 KiB
Text
78 lines
1.7 KiB
Text
{##only run if freeipa is enabled##}
|
|
{%- if grains['freeipa_enabled'] is defined -%}
|
|
{%- if grains['freeipa_enabled'] == true %}
|
|
{% set hostname=grains['host'] %}
|
|
{% set ip=grains['fqdn_ip4'][0] %}
|
|
install_sssd:
|
|
pkg.installed:
|
|
- name: sssd
|
|
|
|
/etc/sssd/sssd.conf:
|
|
file.managed:
|
|
- source: salt://systems/core/freeipa/manual/sssd.conf
|
|
- user: root
|
|
- group: root
|
|
- mode: 600
|
|
- template: jinja
|
|
- context:
|
|
hostname: {{hostname}}
|
|
|
|
/etc/nsswitch.conf:
|
|
file.managed:
|
|
- source: salt://systems/core/freeipa/manual/nsswitch.conf
|
|
- user: root
|
|
- group: root
|
|
- mode: 644
|
|
|
|
/etc/nscd.conf:
|
|
file.managed:
|
|
- source: salt://systems/core/freeipa/manual/nscd.conf
|
|
- user: root
|
|
- group: root
|
|
- mode: 644
|
|
|
|
/etc/krb5.conf:
|
|
file.managed:
|
|
- source: salt://systems/core/freeipa/manual/krb5.conf
|
|
- user: root
|
|
- group: root
|
|
- mode: 644
|
|
|
|
/etc/pam.d:
|
|
file.recurse:
|
|
- source: salt://systems/core/freeipa/manual/pam.d/
|
|
- user: root
|
|
- group: root
|
|
- dir_mode: 755
|
|
- file_mode: 644
|
|
|
|
/etc/sudoers.d/freeipa:
|
|
file.managed:
|
|
- source: salt://systems/core/freeipa/manual/sudoers
|
|
- user: root
|
|
- group: root
|
|
- mode: 644
|
|
|
|
freeipa_sssd_service:
|
|
service.running:
|
|
- name: sssd
|
|
- enable: true
|
|
- watch:
|
|
- file: /etc/sssd/sssd.conf
|
|
- file: /etc/nsswitch.conf
|
|
- file: /etc/nscd.conf
|
|
- file: /etc/krb5.conf
|
|
- file: /etc/pam.d
|
|
|
|
freeipa_nscd_service:
|
|
service.running:
|
|
- name: nscd
|
|
- enable: true
|
|
- watch:
|
|
- file: /etc/sssd/sssd.conf
|
|
- file: /etc/nsswitch.conf
|
|
- file: /etc/nscd.conf
|
|
- file: /etc/krb5.conf
|
|
- file: /etc/pam.d
|
|
{% endif %}
|
|
{% endif %}
|