File tree 5 files changed +17
-20
lines changed
5 files changed +17
-20
lines changed Original file line number Diff line number Diff line change @@ -63,22 +63,19 @@ Run the corresponding task with:
6363ansible-playbook tests/monitoring.yml -i tests/inventory
6464```
6565
66- Test for RHEL
67- -------------
6866
69- here sample of what certificates configuration can be :
67+ If you want to install openldap on RHEL-like OS with certificates, you can define them in ` tests/standalone.yml ` :
7068
7169```
72- ldaptoolbox_openldap_sslgroup=root
7370ldaptoolbox_openldap_olcTLSCACertificateFile=/etc/pki/ca-trust/source/anchors/ca-cert.pem
7471ldaptoolbox_openldap_olcTLSCertificateFile=/etc/pki/tls/certs/ldaps-cert.pem
75- ldaptoolbox_openldap_olcTLSCertificateKeyFile=/etc/pki/tls/private/ldaps.key"
72+ ldaptoolbox_openldap_olcTLSCertificateKeyFile=/etc/pki/tls/private/ldaps.key
7673```
7774
78- can be run with extra-vars :
75+ You can also overload these variables in the command line :
7976
8077```
81- ansible-playbook tests/standalone.yml -i tests/inventory --ask-vault-pass --extra-vars "ldaptoolbox_openldap_sslgroup=root ldaptoolbox_openldap_olcTLSCACertificateFile=/etc/pki/ca-trust/source/anchors/ca-cert.pem ldaptoolbox_openldap_olcTLSCertificateFile=/etc/pki/tls/certs/ldaps-cert.pem ldaptoolbox_openldap_olcTLSCertificateKeyFile=/etc/pki/tls/private/ldaps.key"
78+ ansible-playbook tests/standalone.yml -i tests/inventory --ask-vault-pass --extra-vars "ldaptoolbox_openldap_olcTLSCACertificateFile=/etc/pki/ca-trust/source/anchors/ca-cert.pem ldaptoolbox_openldap_olcTLSCertificateFile=/etc/pki/tls/certs/ldaps-cert.pem ldaptoolbox_openldap_olcTLSCertificateKeyFile=/etc/pki/tls/private/ldaps.key"
8279```
8380
8481License
Original file line number Diff line number Diff line change @@ -25,7 +25,7 @@ ldaptoolbox_openldap_configuration_prefix: "config"
2525ldaptoolbox_openldap_configuration_owner : ldap
2626ldaptoolbox_openldap_configuration_group : ldap
2727ldaptoolbox_openldap_configuration_mode : 0600
28- ldaptoolbox_openldap_sslgroup : ssl-cert
28+ ldaptoolbox_openldap_sslgroup : " {{ 'root' if ansible_os_family == 'RedHat' else ' ssl-cert' }} "
2929
3030# OpenLDAP LTB CLI command path
3131ldaptoolbox_openldap_slapd_cli_cmd : /usr/local/openldap/sbin/slapd-cli
@@ -44,9 +44,9 @@ ldaptoolbox_openldap_custom_schema_list: []
4444ldaptoolbox_openldap_schema_dir : /usr/local/openldap/etc/openldap/schema
4545
4646# Certificates
47- ldaptoolbox_openldap_olcTLSCACertificateFile : /etc/ssl/certs/ca-certificates.crt
48- ldaptoolbox_openldap_olcTLSCertificateFile : /etc/ssl/certs/ssl-cert-snakeoil.pem
49- ldaptoolbox_openldap_olcTLSCertificateKeyFile : /etc/ssl/private/ssl-cert-snakeoil.key
47+ ldaptoolbox_openldap_olcTLSCACertificateFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/certs/ca-certificates.crt' }} "
48+ ldaptoolbox_openldap_olcTLSCertificateFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/certs/ssl-cert-snakeoil.pem' }} "
49+ ldaptoolbox_openldap_olcTLSCertificateKeyFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/private/ssl-cert-snakeoil.key' }} "
5050ldaptoolbox_openldap_olcTLSProtocolMin : 3.3
5151
5252# Log level
Original file line number Diff line number Diff line change 1313 - ldaptoolbox_openldap_custom_schema_srcdir : " {{ playbook_dir }}/files/ldaptoolbox.oldap/usr/local/openldap/etc/openldap/schema"
1414 - ldaptoolbox_openldap_custom_schema_list : [ custom.ldif ]
1515 # define certificates (must be deployed before)
16- - ldaptoolbox_openldap_olcTLSCACertificateFile : /etc/ssl/certs/ca-certificates.crt
17- - ldaptoolbox_openldap_olcTLSCertificateFile : /etc/ssl/certs/ssl-cert-snakeoil.pem
18- - ldaptoolbox_openldap_olcTLSCertificateKeyFile : /etc/ssl/private/ssl-cert-snakeoil.key
16+ - ldaptoolbox_openldap_olcTLSCACertificateFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/certs/ca-certificates.crt' }} "
17+ - ldaptoolbox_openldap_olcTLSCertificateFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/certs/ssl-cert-snakeoil.pem' }} "
18+ - ldaptoolbox_openldap_olcTLSCertificateKeyFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/private/ssl-cert-snakeoil.key' }} "
1919 # Accounts and passwords
2020 - ldaptoolbox_openldap_config_olcRootDN : cn=admin,cn=config
2121 - ldaptoolbox_openldap_config_olcRootPW_hash : " {{ ldaptoolbox_openldap_config_olcRootPW_hash_vault }}"
Original file line number Diff line number Diff line change 1313 - ldaptoolbox_openldap_custom_schema_srcdir : " {{ playbook_dir }}/files/ldaptoolbox.oldap/usr/local/openldap/etc/openldap/schema"
1414 - ldaptoolbox_openldap_custom_schema_list : [ custom.ldif ]
1515 # define certificates (must be deployed before)
16- - ldaptoolbox_openldap_olcTLSCACertificateFile : /etc/ssl/certs/ca-certificates.crt
17- - ldaptoolbox_openldap_olcTLSCertificateFile : /etc/ssl/certs/ssl-cert-snakeoil.pem
18- - ldaptoolbox_openldap_olcTLSCertificateKeyFile : /etc/ssl/private/ssl-cert-snakeoil.key
16+ - ldaptoolbox_openldap_olcTLSCACertificateFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/certs/ca-certificates.crt' }} "
17+ - ldaptoolbox_openldap_olcTLSCertificateFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/certs/ssl-cert-snakeoil.pem' }} "
18+ - ldaptoolbox_openldap_olcTLSCertificateKeyFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/private/ssl-cert-snakeoil.key' }} "
1919 # Accounts and passwords
2020 - ldaptoolbox_openldap_config_olcRootDN : cn=admin,cn=config
2121 - ldaptoolbox_openldap_config_olcRootPW_hash : " {{ ldaptoolbox_openldap_config_olcRootPW_hash_vault }}"
Original file line number Diff line number Diff line change 1313 - ldaptoolbox_openldap_custom_schema_srcdir : " {{ playbook_dir }}/files/ldaptoolbox.oldap/usr/local/openldap/etc/openldap/schema"
1414 - ldaptoolbox_openldap_custom_schema_list : [ custom.ldif ]
1515 # define certificates (must be deployed before)
16- - ldaptoolbox_openldap_olcTLSCACertificateFile : /etc/ssl/certs/ca-certificates.crt
17- - ldaptoolbox_openldap_olcTLSCertificateFile : /etc/ssl/certs/ssl-cert-snakeoil.pem
18- - ldaptoolbox_openldap_olcTLSCertificateKeyFile : /etc/ssl/private/ssl-cert-snakeoil.key
16+ - ldaptoolbox_openldap_olcTLSCACertificateFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/certs/ca-certificates.crt' }} "
17+ - ldaptoolbox_openldap_olcTLSCertificateFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/certs/ssl-cert-snakeoil.pem' }} "
18+ - ldaptoolbox_openldap_olcTLSCertificateKeyFile : " {{ '' if ansible_os_family == 'RedHat' else ' /etc/ssl/private/ssl-cert-snakeoil.key' }} "
1919 # Accounts and passwords
2020 - ldaptoolbox_openldap_config_olcRootDN : cn=admin,cn=config
2121 - ldaptoolbox_openldap_config_olcRootPW_hash : " {{ ldaptoolbox_openldap_config_olcRootPW_hash_vault }}"
You can’t perform that action at this time.
0 commit comments