ldap_servers:
hosts:
dev-ds11.pixelpark.com:
+ rid_token: '1'
dev-ds12.pixelpark.com:
+ rid_token: '2'
dev-ds13.pixelpark.com:
+ rid_token: '3'
providers:
hosts:
dev-ds11.pixelpark.com:
lapd_suffix_re: 'o=isp'
example_db_suffix: 'dc=my-domain,dc=com'
example_db_suffix_re: 'dc=my-domain,\s*dc=com'
+ admin_bind_dn_prefix: 'cn=admin'
+ repl_retry: '5 +'
+ repl_timeout: '3'
+
--- /dev/null
+---
+
+- name: "Acticvating SyncRepl consumers for databases ..."
+ include_tasks: "consumers_per_db.yaml"
+ loop:
+ - '{0}config'
+ - "{{ main_database_name }}"
+ loop_control:
+ loop_var: database_name
+
--- /dev/null
+---
+
+- set_fact:
+ db_suffix: 'cn=config'
+ when: database_name == '{0}config'
+
+- set_fact:
+ db_suffix: "{{ ansible_local.openldap_dbs[database_name].suffix }}"
+ when: database_name != '{0}config'
+
+- set_fact:
+ bind_dn: "{{ admin_bind_dn_prefix }},{{ db_suffix }}"
+
+- set_fact:
+ db_dn: "{{ database_name }},cn=config"
+
+- name: "Acticvating SyncRepl consumers for database '{{ database_name }}' for providers ..."
+ include_tasks: "consumers_per_provider.yaml"
+ loop: "{{ groups['providers'] }}"
+ loop_control:
+ loop_var: provider_host
--- /dev/null
+---
+
+- name: "Acticvating SyncRepl consumers for database '{{ database_name }}' and provider {{ provider_host }} ..."
+ block:
+
+ - set_fact:
+ db_id_token: "{{ database_name | regex_replace('\\{', '') | regex_replace('\\}.*', '') }}"
+
+ - set_fact:
+ rid: "{{ hostvars[provider_host].rid_token }}{{ rid_token }}{{ db_id_token }}"
+
+ - set_fact:
+ provider_uri: "ldaps://{{ hostvars[provider_host].ansible_fqdn }}"
+
+ - name: "Applying SyncRepl consumers for database '{{ database_name }}' and provider {{ provider_host }} ..."
+ block:
+
+ - name: "Initializing LDIF file for applying SyncRepl consumers"
+ tempfile:
+ state: 'file'
+ prefix: 'syncrepl.'
+ suffix: '.ldif'
+ register: syncrepl_file
+
+ - name: "Get content of applying SyncRepl consumers"
+ template:
+ src: "templates/syncrepl-add.ldif.j2"
+ dest: "{{ syncrepl_file.path }}"
+ owner: root
+ group: root
+ mode: 0644
+
+ - name: "Get content of applying SyncRepl consumers file"
+ shell: "cat '{{ syncrepl_file.path }}'"
+ register: content_syncrepl_file
+ changed_when: False
+ no_log: True
+
+ - name: "Show content of applying SyncRepl consumers file."
+ debug: msg={{ content_syncrepl_file.stdout_lines }}
+
+ # TODO - Apply fehlt
+
+ rescue:
+ - name: "Failing base installation of OpenLDAP server because of some errors."
+ fail:
+ msg: "I caught an error"
+
+ always:
+
+ - name: "Removing applying SyncRepl consumers file ..."
+ file:
+ path: "{{ syncrepl_file.path }}"
+ state: absent
+
+ # TODO - When Klausel für Apply block fehlt
+
+ when: provider_host != ansible_fqdn
+
- include: 'providers.yaml'
when: "'providers' in group_names"
+- include: 'consumers.yaml'
+ when: "'consumers' in group_names"
+
--- /dev/null
+dn: {{ db_dn }}
+changetype: modify
+add: olcSyncRepl
+olcSyncRepl: rid={{ rid }}
+ provider={{ provider_uri }}
+ binddn="{{ bind_dn }}"
+ bindmethod=simple
+ credentials="{{ admin_password }}"
+ searchbase="{{ db_suffix }}"
+ type=refreshAndPersist
+ retry="{{ repl_retry }}"
+ timeout={{ repl_timeout }}
+
+# vim: filetype=ldif
--- /dev/null
+$ANSIBLE_VAULT;1.1;AES256
+34303038326262643563373065326338636430353835376234333765333262633632316437663061
+3766643036346335653461323439653930376537623435390a353739393439306638363138343261
+65643866303332616361613165313062366235313361393831643134616134653261306263346164
+6465666463633430660a323037303661386634666230613639636439626536396436313636353461
+36633336643035386433346330323361393633336636623965356266623735373139363763663566
+30353033653035303037626637663430643761373962623136396435353439386363623939373564
+396237663734616534623462336636303262
projects / pixelpark / ldap-migration.git / commitdiff