|
Packit Service |
0a38ef |
# -*- coding: utf-8 -*-
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
# Authors:
|
|
Packit Service |
0a38ef |
# Thomas Woerner <twoerner@redhat.com>
|
|
Packit Service |
0a38ef |
#
|
|
Packit Service |
0a38ef |
# Based on ipa-replica-install code
|
|
Packit Service |
0a38ef |
#
|
|
Packit Service |
0a38ef |
# Copyright (C) 2018 Red Hat
|
|
Packit Service |
0a38ef |
# see file 'COPYING' for use and warranty information
|
|
Packit Service |
0a38ef |
#
|
|
Packit Service |
0a38ef |
# This program is free software; you can redistribute it and/or modify
|
|
Packit Service |
0a38ef |
# it under the terms of the GNU General Public License as published by
|
|
Packit Service |
0a38ef |
# the Free Software Foundation, either version 3 of the License, or
|
|
Packit Service |
0a38ef |
# (at your option) any later version.
|
|
Packit Service |
0a38ef |
#
|
|
Packit Service |
0a38ef |
# This program is distributed in the hope that it will be useful,
|
|
Packit Service |
0a38ef |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
0a38ef |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
Packit Service |
0a38ef |
# GNU General Public License for more details.
|
|
Packit Service |
0a38ef |
#
|
|
Packit Service |
0a38ef |
# You should have received a copy of the GNU General Public License
|
|
Packit Service |
0a38ef |
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
from __future__ import print_function
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
ANSIBLE_METADATA = {
|
|
Packit Service |
0a38ef |
'metadata_version': '1.0',
|
|
Packit Service |
0a38ef |
'supported_by': 'community',
|
|
Packit Service |
0a38ef |
'status': ['preview'],
|
|
Packit Service |
0a38ef |
}
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
DOCUMENTATION = '''
|
|
Packit Service |
0a38ef |
---
|
|
Packit Service |
0a38ef |
module: ipareplica_setup_ds
|
|
Packit Service |
0a38ef |
short description: Setup DS
|
|
Packit Service |
0a38ef |
description:
|
|
Packit Service |
0a38ef |
Setup DS
|
|
Packit Service |
0a38ef |
options:
|
|
Packit Service |
0a38ef |
dm_password:
|
|
Packit Service |
0a38ef |
description: Directory Manager password
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
password:
|
|
Packit Service |
0a38ef |
description: Admin user kerberos password
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
ip_addresses:
|
|
Packit Service |
0a38ef |
description: List of Master Server IP Addresses
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
domain:
|
|
Packit Service |
0a38ef |
description: Primary DNS domain of the IPA deployment
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
realm:
|
|
Packit Service |
0a38ef |
description: Kerberos realm name of the IPA deployment
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
hostname:
|
|
Packit Service |
0a38ef |
description: Fully qualified name of this host
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
ca_cert_files:
|
|
Packit Service |
0a38ef |
description:
|
|
Packit Service |
0a38ef |
List of files containing CA certificates for the service certificate
|
|
Packit Service |
0a38ef |
files
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
no_host_dns:
|
|
Packit Service |
0a38ef |
description: Do not use DNS for hostname lookup during installation
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
setup_adtrust:
|
|
Packit Service |
0a38ef |
description: Configure AD trust capability
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
setup_ca:
|
|
Packit Service |
0a38ef |
description: Configure a dogtag CA
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
setup_kra:
|
|
Packit Service |
0a38ef |
description: Configure a dogtag KRA
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
setup_dns:
|
|
Packit Service |
0a38ef |
description: Configure bind with our zone
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
no_pkinit:
|
|
Packit Service |
0a38ef |
description: Disable pkinit setup steps
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
dirsrv_config_file:
|
|
Packit Service |
0a38ef |
description:
|
|
Packit Service |
0a38ef |
The path to LDIF file that will be used to modify configuration of
|
|
Packit Service |
0a38ef |
dse.ldif during installation of the directory server instance
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
dirsrv_cert_files:
|
|
Packit Service |
0a38ef |
description:
|
|
Packit Service |
0a38ef |
Files containing the Directory Server SSL certificate and private key
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
force_join:
|
|
Packit Service |
0a38ef |
description: Force client enrollment even if already enrolled
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
subject_base:
|
|
Packit Service |
0a38ef |
description:
|
|
Packit Service |
0a38ef |
The certificate subject base (default O=<realm-name>).
|
|
Packit Service |
0a38ef |
RDNs are in LDAP order (most specific RDN first).
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
server:
|
|
Packit Service |
0a38ef |
description: Fully qualified name of IPA server to enroll to
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
ccache:
|
|
Packit Service |
0a38ef |
description: The local ccache
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
installer_ccache:
|
|
Packit Service |
0a38ef |
description: The installer ccache setting
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
_ca_enabled:
|
|
Packit Service |
0a38ef |
description: The installer _ca_enabled setting
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
_dirsrv_pkcs12_info:
|
|
Packit Service |
0a38ef |
description: The installer _dirsrv_pkcs12_info setting
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
_top_dir:
|
|
Packit Service |
0a38ef |
description: The installer _top_dir setting
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
_add_to_ipaservers:
|
|
Packit Service |
0a38ef |
description: The installer _add_to_ipaservers setting
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
_ca_subject:
|
|
Packit Service |
0a38ef |
description: The installer _ca_subject setting
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
_subject_base:
|
|
Packit Service |
0a38ef |
description: The installer _subject_base setting
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
dirman_password:
|
|
Packit Service |
0a38ef |
description: Directory Manager (master) password
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
config_setup_ca:
|
|
Packit Service |
0a38ef |
description: The config setup_ca setting
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
config_master_host_name:
|
|
Packit Service |
0a38ef |
description: The config master_host_name setting
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
config_ca_host_name:
|
|
Packit Service |
0a38ef |
description: The config ca_host_name setting
|
|
Packit Service |
0a38ef |
required: no
|
|
Packit Service |
0a38ef |
config_ips:
|
|
Packit Service |
0a38ef |
description: The config ips setting
|
|
Packit Service |
0a38ef |
required: yes
|
|
Packit Service |
0a38ef |
author:
|
|
Packit Service |
0a38ef |
- Thomas Woerner
|
|
Packit Service |
0a38ef |
'''
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
EXAMPLES = '''
|
|
Packit Service |
0a38ef |
'''
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
RETURN = '''
|
|
Packit Service |
0a38ef |
'''
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
import os
|
|
Packit Service |
0a38ef |
import inspect
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
from ansible.module_utils.basic import AnsibleModule
|
|
Packit Service |
0a38ef |
from ansible.module_utils.ansible_ipa_replica import (
|
|
Packit Service |
0a38ef |
AnsibleModuleLog, setup_logging, installer, DN, paths, sysrestore,
|
|
Packit Service |
0a38ef |
ansible_module_get_parsed_ip_addresses,
|
|
Packit Service |
0a38ef |
gen_env_boostrap_finalize_core, constants, api_bootstrap_finalize,
|
|
Packit Service |
0a38ef |
gen_ReplicaConfig, gen_remote_api, redirect_stdout, ipaldap,
|
|
Packit Service |
0a38ef |
install_replica_ds, install_dns_records, ntpinstance, ScriptError
|
|
Packit Service |
0a38ef |
)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
def main():
|
|
Packit Service |
0a38ef |
ansible_module = AnsibleModule(
|
|
Packit Service |
0a38ef |
argument_spec=dict(
|
|
Packit Service |
0a38ef |
# basic
|
|
Packit Service |
0a38ef |
dm_password=dict(required=False, no_log=True),
|
|
Packit Service |
0a38ef |
password=dict(required=False, no_log=True),
|
|
Packit Service |
0a38ef |
ip_addresses=dict(required=False, type='list', default=[]),
|
|
Packit Service |
0a38ef |
domain=dict(required=False),
|
|
Packit Service |
0a38ef |
realm=dict(required=False),
|
|
Packit Service |
0a38ef |
hostname=dict(required=False),
|
|
Packit Service |
0a38ef |
ca_cert_files=dict(required=False, type='list', default=[]),
|
|
Packit Service |
0a38ef |
no_host_dns=dict(required=False, type='bool', default=False),
|
|
Packit Service |
0a38ef |
# server
|
|
Packit Service |
0a38ef |
setup_adtrust=dict(required=False, type='bool'),
|
|
Packit Service |
0a38ef |
setup_ca=dict(required=False, type='bool'),
|
|
Packit Service |
0a38ef |
setup_kra=dict(required=False, type='bool'),
|
|
Packit Service |
0a38ef |
setup_dns=dict(required=False, type='bool'),
|
|
Packit Service |
0a38ef |
no_pkinit=dict(required=False, type='bool', default=False),
|
|
Packit Service |
0a38ef |
dirsrv_config_file=dict(required=False),
|
|
Packit Service |
0a38ef |
# ssl certificate
|
|
Packit Service |
0a38ef |
dirsrv_cert_files=dict(required=False, type='list', default=[]),
|
|
Packit Service |
0a38ef |
# client
|
|
Packit Service |
0a38ef |
force_join=dict(required=False, type='bool'),
|
|
Packit Service |
0a38ef |
# certificate system
|
|
Packit Service |
0a38ef |
subject_base=dict(required=True),
|
|
Packit Service |
0a38ef |
# additional
|
|
Packit Service |
0a38ef |
server=dict(required=True),
|
|
Packit Service |
0a38ef |
ccache=dict(required=True),
|
|
Packit Service |
0a38ef |
installer_ccache=dict(required=True),
|
|
Packit Service |
0a38ef |
_ca_enabled=dict(required=False, type='bool'),
|
|
Packit Service |
0a38ef |
_dirsrv_pkcs12_info=dict(required=False, type='list'),
|
|
Packit Service |
0a38ef |
_top_dir=dict(required=True),
|
|
Packit Service |
0a38ef |
_add_to_ipaservers=dict(required=True, type='bool'),
|
|
Packit Service |
0a38ef |
_ca_subject=dict(required=True),
|
|
Packit Service |
0a38ef |
_subject_base=dict(required=True),
|
|
Packit Service |
0a38ef |
dirman_password=dict(required=True, no_log=True),
|
|
Packit Service |
0a38ef |
config_setup_ca=dict(required=True, type='bool'),
|
|
Packit Service |
0a38ef |
config_master_host_name=dict(required=True),
|
|
Packit Service |
0a38ef |
config_ca_host_name=dict(required=True),
|
|
Packit Service |
0a38ef |
config_ips=dict(required=False, type='list', default=[]),
|
|
Packit Service |
0a38ef |
),
|
|
Packit Service |
0a38ef |
supports_check_mode=True,
|
|
Packit Service |
0a38ef |
)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
ansible_module._ansible_debug = True
|
|
Packit Service |
0a38ef |
setup_logging()
|
|
Packit Service |
0a38ef |
ansible_log = AnsibleModuleLog(ansible_module)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
# get parameters #
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
options = installer
|
|
Packit Service |
0a38ef |
options.dm_password = ansible_module.params.get('dm_password')
|
|
Packit Service |
0a38ef |
options.password = options.dm_password
|
|
Packit Service |
0a38ef |
options.admin_password = ansible_module.params.get('password')
|
|
Packit Service |
0a38ef |
options.ip_addresses = ansible_module_get_parsed_ip_addresses(
|
|
Packit Service |
0a38ef |
ansible_module)
|
|
Packit Service |
0a38ef |
options.domain_name = ansible_module.params.get('domain')
|
|
Packit Service |
0a38ef |
options.realm_name = ansible_module.params.get('realm')
|
|
Packit Service |
0a38ef |
options.host_name = ansible_module.params.get('hostname')
|
|
Packit Service |
0a38ef |
options.ca_cert_files = ansible_module.params.get('ca_cert_files')
|
|
Packit Service |
0a38ef |
options.no_host_dns = ansible_module.params.get('no_host_dns')
|
|
Packit Service |
0a38ef |
# server
|
|
Packit Service |
0a38ef |
options.setup_adtrust = ansible_module.params.get('setup_adtrust')
|
|
Packit Service |
0a38ef |
options.setup_ca = ansible_module.params.get('setup_ca')
|
|
Packit Service |
0a38ef |
options.setup_kra = ansible_module.params.get('setup_kra')
|
|
Packit Service |
0a38ef |
options.setup_dns = ansible_module.params.get('setup_dns')
|
|
Packit Service |
0a38ef |
options.no_pkinit = ansible_module.params.get('no_pkinit')
|
|
Packit Service |
0a38ef |
options.dirsrv_config_file = ansible_module.params.get(
|
|
Packit Service |
0a38ef |
'dirsrv_config_file')
|
|
Packit Service |
0a38ef |
# ssl certificate
|
|
Packit Service |
0a38ef |
options.dirsrv_cert_files = ansible_module.params.get('dirsrv_cert_files')
|
|
Packit Service |
0a38ef |
# client
|
|
Packit Service |
0a38ef |
options.force_join = ansible_module.params.get('force_join')
|
|
Packit Service |
0a38ef |
# certificate system
|
|
Packit Service |
0a38ef |
options.external_ca = ansible_module.params.get('external_ca')
|
|
Packit Service |
0a38ef |
options.external_cert_files = ansible_module.params.get(
|
|
Packit Service |
0a38ef |
'external_cert_files')
|
|
Packit Service |
0a38ef |
options.subject_base = ansible_module.params.get('subject_base')
|
|
Packit Service |
0a38ef |
if options.subject_base is not None:
|
|
Packit Service |
0a38ef |
options.subject_base = DN(options.subject_base)
|
|
Packit Service |
0a38ef |
options.ca_subject = ansible_module.params.get('ca_subject')
|
|
Packit Service |
0a38ef |
# additional
|
|
Packit Service |
0a38ef |
# options._host_name_overridden = ansible_module.params.get(
|
|
Packit Service |
0a38ef |
# '_hostname_overridden')
|
|
Packit Service |
0a38ef |
options.server = ansible_module.params.get('server')
|
|
Packit Service |
0a38ef |
master_host_name = ansible_module.params.get('config_master_host_name')
|
|
Packit Service |
0a38ef |
ccache = ansible_module.params.get('ccache')
|
|
Packit Service |
0a38ef |
os.environ['KRB5CCNAME'] = ccache
|
|
Packit Service |
0a38ef |
# os.environ['KRB5CCNAME'] = ansible_module.params.get('installer_ccache')
|
|
Packit Service |
0a38ef |
installer._ccache = ansible_module.params.get('installer_ccache')
|
|
Packit Service |
0a38ef |
ca_enabled = ansible_module.params.get('_ca_enabled')
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
dirsrv_pkcs12_info = ansible_module.params.get('_dirsrv_pkcs12_info')
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
options.subject_base = ansible_module.params.get('subject_base')
|
|
Packit Service |
0a38ef |
if options.subject_base is not None:
|
|
Packit Service |
0a38ef |
options.subject_base = DN(options.subject_base)
|
|
Packit Service |
0a38ef |
options._top_dir = ansible_module.params.get('_top_dir')
|
|
Packit Service |
0a38ef |
options._add_to_ipaservers = ansible_module.params.get(
|
|
Packit Service |
0a38ef |
'_add_to_ipaservers')
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
options._ca_subject = ansible_module.params.get('_ca_subject')
|
|
Packit Service |
0a38ef |
options._subject_base = ansible_module.params.get('_subject_base')
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
dirman_password = ansible_module.params.get('dirman_password')
|
|
Packit Service |
0a38ef |
config_setup_ca = ansible_module.params.get('config_setup_ca')
|
|
Packit Service |
0a38ef |
config_master_host_name = ansible_module.params.get(
|
|
Packit Service |
0a38ef |
'config_master_host_name')
|
|
Packit Service |
0a38ef |
config_ca_host_name = ansible_module.params.get('config_ca_host_name')
|
|
Packit Service |
0a38ef |
config_ips = ansible_module_get_parsed_ip_addresses(ansible_module,
|
|
Packit Service |
0a38ef |
"config_ips")
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
# init #
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
fstore = sysrestore.FileStore(paths.SYSRESTORE)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
ansible_log.debug("== INSTALL ==")
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
options = installer
|
|
Packit Service |
0a38ef |
promote = installer.promote
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
env = gen_env_boostrap_finalize_core(paths.ETC_IPA,
|
|
Packit Service |
0a38ef |
constants.DEFAULT_CONFIG)
|
|
Packit Service |
0a38ef |
api_bootstrap_finalize(env)
|
|
Packit Service |
0a38ef |
config = gen_ReplicaConfig()
|
|
Packit Service |
0a38ef |
config.subject_base = options.subject_base
|
|
Packit Service |
0a38ef |
config.dirman_password = dirman_password
|
|
Packit Service |
0a38ef |
config.setup_ca = config_setup_ca
|
|
Packit Service |
0a38ef |
config.master_host_name = config_master_host_name
|
|
Packit Service |
0a38ef |
config.ca_host_name = config_ca_host_name
|
|
Packit Service |
0a38ef |
config.ips = config_ips
|
|
Packit Service |
0a38ef |
config.promote = installer.promote
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
remote_api = gen_remote_api(master_host_name, paths.ETC_IPA)
|
|
Packit Service |
0a38ef |
installer._remote_api = remote_api
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
conn = remote_api.Backend.ldap2
|
|
Packit Service |
0a38ef |
ccache = os.environ['KRB5CCNAME']
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
cafile = paths.IPA_CA_CRT
|
|
Packit Service |
0a38ef |
try:
|
|
Packit Service |
0a38ef |
ansible_log.debug("-- CONNECT --")
|
|
Packit Service |
0a38ef |
if promote:
|
|
Packit Service |
0a38ef |
conn.connect(ccache=ccache)
|
|
Packit Service |
0a38ef |
else:
|
|
Packit Service |
0a38ef |
# dmlvl 0 replica install should always use DM credentials
|
|
Packit Service |
0a38ef |
# to create remote LDAP connection. Since ACIs permitting hosts
|
|
Packit Service |
0a38ef |
# to manage their own services were added in 4.2 release,
|
|
Packit Service |
0a38ef |
# the master denies this operations.
|
|
Packit Service |
0a38ef |
conn.connect(bind_dn=ipaldap.DIRMAN_DN, cacert=cafile,
|
|
Packit Service |
0a38ef |
bind_pw=dirman_password)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
ansible_log.debug("-- CONFIGURE DIRSRV --")
|
|
Packit Service |
0a38ef |
# Configure dirsrv
|
|
Packit Service |
0a38ef |
with redirect_stdout(ansible_log):
|
|
Packit Service |
0a38ef |
argspec = inspect.getargspec(install_replica_ds)
|
|
Packit Service |
0a38ef |
if "promote" in argspec.args:
|
|
Packit Service |
0a38ef |
ds = install_replica_ds(config, options, ca_enabled,
|
|
Packit Service |
0a38ef |
remote_api,
|
|
Packit Service |
0a38ef |
ca_file=cafile,
|
|
Packit Service |
0a38ef |
promote=promote,
|
|
Packit Service |
0a38ef |
pkcs12_info=dirsrv_pkcs12_info)
|
|
Packit Service |
0a38ef |
else:
|
|
Packit Service |
0a38ef |
if "fstore" in argspec.args:
|
|
Packit Service |
0a38ef |
ds = install_replica_ds(config, options, ca_enabled,
|
|
Packit Service |
0a38ef |
remote_api,
|
|
Packit Service |
0a38ef |
ca_file=cafile,
|
|
Packit Service |
0a38ef |
pkcs12_info=dirsrv_pkcs12_info,
|
|
Packit Service |
0a38ef |
fstore=fstore)
|
|
Packit Service |
0a38ef |
else:
|
|
Packit Service |
0a38ef |
ds = install_replica_ds(config, options, ca_enabled,
|
|
Packit Service |
0a38ef |
remote_api,
|
|
Packit Service |
0a38ef |
ca_file=cafile,
|
|
Packit Service |
0a38ef |
pkcs12_info=dirsrv_pkcs12_info)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
ansible_log.debug("-- INSTALL DNS RECORDS --")
|
|
Packit Service |
0a38ef |
# Always try to install DNS records
|
|
Packit Service |
0a38ef |
argspec = inspect.getargspec(install_dns_records)
|
|
Packit Service |
0a38ef |
if "fstore" not in argspec.args:
|
|
Packit Service |
0a38ef |
install_dns_records(config, options, remote_api)
|
|
Packit Service |
0a38ef |
else:
|
|
Packit Service |
0a38ef |
install_dns_records(config, options, remote_api, fstore=fstore)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
# TODO: check if ntp needs to be enabled later on
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
ansible_log.debug("-- NTP LDAP ENABLE --")
|
|
Packit Service |
0a38ef |
if ntpinstance is not None:
|
|
Packit Service |
0a38ef |
ntpinstance.ntp_ldap_enable(config.host_name, ds.suffix,
|
|
Packit Service |
0a38ef |
remote_api.env.realm)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
except (ScriptError, RuntimeError) as e:
|
|
Packit Service |
0a38ef |
ansible_module.fail_json(msg=str(e))
|
|
Packit Service |
0a38ef |
finally:
|
|
Packit Service |
0a38ef |
if conn.isconnected():
|
|
Packit Service |
0a38ef |
ansible_log.debug("-- DISCONNECT --")
|
|
Packit Service |
0a38ef |
conn.disconnect()
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
# done #
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
ansible_module.exit_json(changed=True,
|
|
Packit Service |
0a38ef |
ds_suffix=str(ds.suffix),
|
|
Packit Service |
0a38ef |
ds_ca_subject=str(ds.ca_subject))
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
if __name__ == '__main__':
|
|
Packit Service |
0a38ef |
main()
|