Initial import; migrate some roles from irl.wip
This commit is contained in:
commit
2ba6c6691b
44 changed files with 1573 additions and 0 deletions
25
roles/baseline/tasks/ipaclient.yml
Normal file
25
roles/baseline/tasks/ipaclient.yml
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
- name: FreeIPA Client | PATCH | Join IPA domain
|
||||
ansible.builtin.include_role:
|
||||
role: freeipa.ansible_freeipa.ipaclient
|
||||
vars:
|
||||
ipaclient_hostname: "{{ inventory_hostname }}"
|
||||
|
||||
- name: FreeIPA Client | AUDIT | Check current authselect configuration
|
||||
ansible.builtin.command: authselect current
|
||||
register: freeipa_authselect_status
|
||||
changed_when: false
|
||||
|
||||
- name: FreeIPA Client | PATCH | Apply authselect profile with sssd, sudo, and mkhomedir if not set
|
||||
ansible.builtin.command: authselect select sssd with-sudo with-mkhomedir --force
|
||||
when: >
|
||||
'Profile ID: sssd' not in freeipa_authselect_status.stdout or
|
||||
'with-sudo' not in freeipa_authselect_status.stdout or
|
||||
'with-mkhomedir' not in freeipa_authselect_status.stdout
|
||||
|
||||
- name: FreeIPA Client | PATCH | Enable oddjobd.service (for with-mkhomedir feature)
|
||||
ansible.builtin.systemd_service:
|
||||
name: oddjobd.service
|
||||
state: started
|
||||
enabled: true
|
||||
masked: false
|
||||
Loading…
Add table
Add a link
Reference in a new issue