source-git / ansible-freeipa

Clone
Source Code
GIT

Blame README-hbacsvcgroup.md

c8 c8s master
  1.   d886cd8282716b4b21e40f06f5a5d492345979a0
  2.   README-hbacsvcgroup.md
Blob History Raw
Packit 8cb997 
HBACsvcgroup module
Packit 8cb997 
===================
Packit 8cb997
Packit 8cb997 
Description
Packit 8cb997 
-----------
Packit 8cb997
Packit 8cb997 
The hbacsvcgroup (HBAC Service Group) module allows to ensure presence and absence of HBAP Service Groups and members of the groups.
Packit 8cb997
Packit 8cb997
Packit 8cb997 
Features
Packit 8cb997 
--------
Packit 8cb997 
* HBAC Service Group management
Packit 8cb997
Packit 8cb997
Packit 8cb997 
Supported FreeIPA Versions
Packit 8cb997 
--------------------------
Packit 8cb997
Packit 8cb997 
FreeIPA versions 4.4.0 and up are supported by the ipahbacsvcgroup module.
Packit 8cb997
Packit 8cb997
Packit 8cb997 
Requirements
Packit 8cb997 
------------
Packit 8cb997
Packit 8cb997 
**Controller**
Packit 8cb997 
* Ansible version: 2.8+
Packit 8cb997
Packit 8cb997 
**Node**
Packit 8cb997 
* Supported FreeIPA version (see above)
Packit 8cb997
Packit 8cb997
Packit 8cb997 
Usage
Packit 8cb997 
=====
Packit 8cb997
Packit 8cb997 
Example inventory file
Packit 8cb997
Packit 8cb997 
```ini
Packit 8cb997 
[ipaserver]
Packit 8cb997 
ipaserver.test.local
Packit 8cb997 
```
Packit 8cb997
Packit 8cb997
Packit 8cb997 
Example playbook to make sure HBAC Service Group login exists:
Packit 8cb997
Packit 8cb997 
```yaml
Packit 8cb997 
---
Packit 8cb997 
- name: Playbook to handle hbacsvcgroups
Packit 8cb997 
  hbacsvcs: ipaserver
Packit 8cb997 
  become: true
Packit 8cb997
Packit 8cb997 
  tasks:
Packit 8cb997 
  # Ensure HBAC Service Group login is present
Packit 8cb997 
  - ipahbacsvcgroup:
Packit 8cb997 
      ipaadmin_password: MyPassword123
Packit 8cb997 
      name: login
Packit 8cb997 
```
Packit 8cb997
Packit 8cb997
Packit 8cb997 
Example playbook to make sure HBAC Service Group login exists with the only HBAC Service sshd:
Packit 8cb997
Packit 8cb997 
```yaml
Packit 8cb997 
---
Packit 8cb997 
- name: Playbook to handle hbacsvcgroups
Packit 8cb997 
  hbacsvcs: ipaserver
Packit 8cb997 
  become: true
Packit 8cb997
Packit 8cb997 
  tasks:
Packit 8cb997 
  # Ensure HBAC Service Group login is present with the only HBAC Service sshd
Packit 8cb997 
  - ipahbacsvcgroup:
Packit 8cb997 
      ipaadmin_password: MyPassword123
Packit 8cb997 
      name: login
Packit 8cb997 
      hbacsvc:
Packit 8cb997 
      - sshd
Packit 8cb997 
```
Packit 8cb997
Packit 8cb997 
Example playbook to make sure HBAC Service sshd is present in HBAC Service Group login:
Packit 8cb997
Packit 8cb997 
```yaml
Packit 8cb997 
---
Packit 8cb997 
- name: Playbook to handle hbacsvcgroups
Packit 8cb997 
  hbacsvcs: ipaserver
Packit 8cb997 
  become: true
Packit 8cb997
Packit 8cb997 
  tasks:
Packit 8cb997 
  # Ensure HBAC Service sshd is present in HBAC Service Group login
Packit 8cb997 
  - ipahbacsvcgroup:
Packit 8cb997 
      ipaadmin_password: MyPassword123
Packit 8cb997 
      name: login
Packit 8cb997 
      hbacsvc:
Packit 8cb997 
      - sshd
Packit 8cb997 
      action: member
Packit 8cb997 
```
Packit 8cb997
Packit 8cb997 
Example playbook to make sure HBAC Service sshd is absent in HBAC Service Group login:
Packit 8cb997
Packit 8cb997 
```yaml
Packit 8cb997 
---
Packit 8cb997 
- name: Playbook to handle hbacsvcgroups
Packit 8cb997 
  hbacsvcs: ipaserver
Packit 8cb997 
  become: true
Packit 8cb997
Packit 8cb997 
  tasks:
Packit 8cb997 
  # Ensure HBAC Service sshd is present in HBAC Service Group login
Packit 8cb997 
  - ipahbacsvcgroup:
Packit 8cb997 
      ipaadmin_password: MyPassword123
Packit 8cb997 
      name: login
Packit 8cb997 
      hbacsvc:
Packit 8cb997 
      - sshd
Packit 8cb997 
      action: member
Packit 8cb997 
      state: absent
Packit 8cb997 
```
Packit 8cb997
Packit 8cb997 
Example playbook to make sure HBAC Service Group login is absent:
Packit 8cb997
Packit 8cb997 
```yaml
Packit 8cb997 
---
Packit 8cb997 
- name: Playbook to handle hbacsvcgroups
Packit 8cb997 
  hbacsvcs: ipaserver
Packit 8cb997 
  become: true
Packit 8cb997
Packit 8cb997 
  tasks:
Packit 8cb997 
  # Ensure HBAC Service Group login is present
Packit 8cb997 
  - ipahbacsvcgroup:
Packit 8cb997 
      ipaadmin_password: MyPassword123
Packit 8cb997 
      name: login
Packit 8cb997 
      state: absent
Packit 8cb997 
```
Packit 8cb997
Packit 8cb997
Packit 8cb997 
Variables
Packit 8cb997 
=========
Packit 8cb997
Packit 8cb997 
ipahbacsvcgroup
Packit 8cb997 
---------------
Packit 8cb997
Packit 8cb997 
Variable | Description | Required
Packit 8cb997 
-------- | ----------- | --------
Packit 8cb997 
`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
Packit 8cb997 
`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
Packit 8cb997 
`name` \| `cn` | The list of hbacsvcgroup name strings. | no
Packit 8cb997 
`description` | The hbacsvcgroup description string. | no
Packit 8cb997 
`nomembers` | Suppress processing of membership attributes. (bool) | no
Packit 8cb997 
`hbacsvc` | List of hbacsvc name strings assigned to this hbacsvcgroup. | no
Packit 8cb997 
`action` | Work on hbacsvcgroup or member level. It can be on of `member` or `hbacsvcgroup` and defaults to `hbacsvcgroup`. | no
Packit 8cb997 
`state` | The state to ensure. It can be one of `present` or `absent`, default: `present`. | no
Packit 8cb997
Packit 8cb997
Packit 8cb997 
Authors
Packit 8cb997 
=======
Packit 8cb997
Packit 8cb997 
Thomas Woerner

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation