infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

Actually those tasks must be run on the IPA server

Browse source 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2020-10-15 18:04:21 +02:00
parent 2cc20bb1af
commit 35f2aeb15d
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD
1 changed files with 20 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

36
roles/ipsilon/tasks/main.yml
View file

@ -124,6 +124,26 @@
- include_role:
name: ipa/client
- name: Add the ipsilon HBAC service in IPA
ipahbacsvc:
name: ipsilon
description: Ipsilon authentication service
ipaadmin_password: "{{ ipa_admin_password }}"
delegate_to: "{{ ipa_server }}"
tags:
- ipsilon
- name: Allow login through ipsilon
ipahbacrule:
name: ipsilon_login
description: Login through ipsilon
hbacsvc:
- ipsilon
ipaadmin_password: "{{ ipa_admin_password }}"
delegate_to: "{{ ipa_server }}"
tags:
- ipsilon
- name: Get admin ticket
shell: echo "{{ipa_admin_password}}" | kinit admin
check_mode: no
@ -145,22 +165,6 @@
tags:
- ipsilon
- name: Add the ipsilon HBAC service in IPA
ipahbacsvc:
name: ipsilon
description: Ipsilon authentication service
tags:
- ipsilon
- name: Allow login through ipsilon
ipahbacrule:
name: ipsilon_login
description: Login through ipsilon
hbacsvc:
- ipsilon
tags:
- ipsilon
- name: Destroy admin ticket
command: kdestroy -A
tags: