From: Frank Brehm Date: Thu, 15 Oct 2020 16:29:37 +0000 (+0200) Subject: Providing provider overlay X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=44533961a98ada734f1e813c821aabf8464b816b;p=pixelpark%2Fldap-migration.git Providing provider overlay --- diff --git a/roles/base/tasks/main.yaml b/roles/base/tasks/main.yaml index 9901fdc..28f6aab 100644 --- a/roles/base/tasks/main.yaml +++ b/roles/base/tasks/main.yaml @@ -13,11 +13,18 @@ changed_when: False register: main_database_rdn +- set_fact: + main_database_name: "{{ main_database_rdn.stdout | regex_replace('olcDatabase=', '', ignorecase=1) }}" + - name: "Failing because main database for suffix '{{ lapd_suffix }}' not found." fail: msg: "Failed to detect main database for suffix '{{ lapd_suffix }}'." when: main_database_rdn.rc != 0 - include: 'overlays0-memberof.yaml' + - include: 'config_root_account.yaml' +- include: 'providers.yaml' + when: "'providers' in group_names" + diff --git a/roles/base/tasks/provider-overlay.yaml b/roles/base/tasks/provider-overlay.yaml new file mode 100644 index 0000000..72dbbc9 --- /dev/null +++ b/roles/base/tasks/provider-overlay.yaml @@ -0,0 +1,55 @@ +--- + +################################################################ +# Acticvating provider overlay + +- name: "Detecting, whether the provider overlay is applied on database '{{ item }}'." + shell: "ldapsearch -Q -Y EXTERNAL -H ldapi:/// -LLL -s sub -b 'olcDatabase={{ item }},cn=config' -o ldif-wrap=no 'objectClass=olcSyncProvConfig' olcOverlay | grep -i '^olcOverlay:' | sed -e 's/^olcOverlay:[ ]*//i'" + changed_when: False + ignore_errors: True + register: provider_overlay + +- name: "Acticvating provider overlay for database '{{ item }}'." + block: + + - name: "Initializing LDIF file for adding provider overlay" + tempfile: + state: 'file' + prefix: 'overlay.provider.' + suffix: '.ldif' + register: provider_overlay_file + + - name: "Get content of adding provider overlay to database '{{ item }}'." + template: + src: "templates/overlay-provider.ldif.j2" + dest: "{{ provider_overlay_file.path }}" + owner: root + group: root + mode: 0644 + + - name: "Get file content of adding provider overlay to database '{{ item }}'." + shell: "cat '{{ provider_overlay_file.path }}'" + register: provider_overlay_file_content + changed_when: False + no_log: True + + - name: "Show content of file adding provider overlay to database '{{ item }}'." + debug: msg={{ provider_overlay_file_content.stdout_lines }} + + - name: "Applying provider overlay to database '{{ item }}'." + shell: "ldapadd -Q -Y EXTERNAL -H ldapi:/// -f '{{ provider_overlay_file.path }}'" + + rescue: + - name: "Failing base installation of OpenLDAP server because of some errors." + fail: + msg: "I caught an error" + + always: + + - name: "Removing file fo adding provider overlay to database '{{ item }}' ..." + file: + path: "{{ provider_overlay_file.path }}" + state: absent + + when: provider_overlay.stdout == '' + diff --git a/roles/base/tasks/providers.yaml b/roles/base/tasks/providers.yaml new file mode 100644 index 0000000..384888b --- /dev/null +++ b/roles/base/tasks/providers.yaml @@ -0,0 +1,8 @@ +--- + +- name: "Acticvating provider overlay for databases ..." + include_tasks: "provider-overlay.yaml" + loop: + - '{0}config' + - "{{ main_database_name }}" + diff --git a/roles/base/templates/overlay-provider.ldif.j2 b/roles/base/templates/overlay-provider.ldif.j2 new file mode 100644 index 0000000..33d5d0c --- /dev/null +++ b/roles/base/templates/overlay-provider.ldif.j2 @@ -0,0 +1,8 @@ +dn: olcOverlay=syncprov,olcDatabase={{ item }},cn=config +changetype: add +objectClass: olcConfig +objectClass: olcOverlayConfig +objectClass: olcSyncProvConfig +olcOverlay: syncprov + +# vim: filetype=ldif