2023-04-19 14:02:21 +02:00
|
|
|
---
|
|
|
|
# tasks file for Ansible-Lldap-Role
|
2023-04-19 16:45:51 +02:00
|
|
|
|
2023-04-19 17:18:24 +02:00
|
|
|
- name: Ensure install dir exist
|
|
|
|
ansible.builtin.file:
|
|
|
|
path: "{{ lldap_install_dir }}"
|
|
|
|
owner: "root"
|
|
|
|
group: "root"
|
|
|
|
mode: "755"
|
|
|
|
state: directory
|
|
|
|
|
2023-04-19 16:45:51 +02:00
|
|
|
- name: Download lldap
|
|
|
|
ansible.builtin.unarchive:
|
|
|
|
src: "{{ lldap_dowload_url }}"
|
|
|
|
dest: "{{ lldap_install_dir }}"
|
|
|
|
remote_src: true
|
|
|
|
extra_opts:
|
|
|
|
- --strip-components=1
|
|
|
|
|
|
|
|
- name: Create lldap user
|
|
|
|
ansible.builtin.user:
|
|
|
|
name: "{{ lldap_run_user }}"
|
|
|
|
system: true
|
|
|
|
shell: /bin/bash
|
|
|
|
home: "/var/lib/lldap"
|
|
|
|
create_home: true
|
|
|
|
|
|
|
|
- name: Add lldap service file
|
|
|
|
ansible.builtin.template:
|
|
|
|
src: lldap.service.j2
|
|
|
|
dest: /etc/systemd/system/lldap.service
|
|
|
|
mode: "644"
|
|
|
|
|
|
|
|
- name: Ensure lldap data dir exist
|
|
|
|
ansible.builtin.file:
|
|
|
|
path: "{{ lldap_data_dir }}"
|
|
|
|
owner: "{{ lldap_run_user }}"
|
|
|
|
group: "{{ lldap_run_group }}"
|
|
|
|
mode: "750"
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
- name: Ensure lldap config dir exist
|
|
|
|
ansible.builtin.file:
|
|
|
|
path: "{{ lldap_config_dir }}"
|
|
|
|
owner: "root"
|
|
|
|
group: "{{ lldap_run_group }}"
|
|
|
|
mode: "770"
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
- name: Update lldap config
|
|
|
|
ansible.builtin.template:
|
|
|
|
src: lldap-config.toml.j2
|
|
|
|
dest: "{{ lldap_config_dir }}/lldap-config.toml"
|
|
|
|
owner: "root"
|
|
|
|
group: "{{ lldap_run_group }}"
|
|
|
|
mode: "640"
|
|
|
|
notify: Restart lldap
|
|
|
|
|
|
|
|
- name: Enable and start lldap service
|
|
|
|
ansible.builtin.systemd:
|
|
|
|
name: lldap
|
|
|
|
daemon_reload: true
|
|
|
|
enabled: true
|
|
|
|
state: started
|