source-git / ansible-freeipa

Clone
Source Code
GIT

Files

  1.   8cb997ec381282b8888e66c53a8504627fea72e2
  2.   tests
  3.   external-signed-ca-with-manual-copy
  4.   install-server-with-external-ca-with-manual-copy.yml
Blob Blame History Raw 
---
- name: Playbook to configure IPA server step1
  hosts: ipaserver
  become: true
  vars:
    ipaserver_external_ca: yes

  roles:
  - role: ipaserver
    state: present

  post_tasks:
  - name: Copy CSR /root/ipa.csr from node to "{{ groups.ipaserver[0] + '-ipa.csr' }}"
    fetch:
      src: /root/ipa.csr
      dest: "{{ groups.ipaserver[0] + '-ipa.csr' }}"
      flat: yes

- name: Get /root/ipa.csr, create CA, sign with our CA and copy to node
  hosts: localhost
  gather_facts: false

  tasks:
  - name: Run external-ca.sh
    command: >
      /bin/bash
      external-ca.sh
      "{{ groups.ipaserver[0] }}"
      "{{ ipaserver_domain | default(groups.ipaserver[0].split('.')[1:] | join ('.')) }}"
    args:
      chdir: "{{ playbook_dir }}"

- name: Playbook to configure IPA server step2
  hosts: ipaserver
  become: true
  vars:
    ipaserver_external_cert_files: "/root/chain.crt"
    #ipaserver_external_ca_file: "cacert.asc"

  pre_tasks:
  - name: Copy "{{ groups.ipaserver[0] + '-chain.crt' }}" to /root/chain.crt on node
    copy:
      src: "{{ groups.ipaserver[0] + '-chain.crt' }}"
      dest: "/root/chain.crt"
      force: yes

  roles:
  - role: ipaserver
    state: present

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation