neuro_ansible/install_ldap_389ds.yaml

---
- name: install ldap
  hosts: all
  become: true

  tasks:
    - name: remove other files
      include_tasks: yaml_sub/install_docker.yaml

    - name: remove other files
      include_tasks: yaml_sub/myrepo_clean.yaml

    - name: update file myrepo.repo
      import_tasks: yaml_sub/myrepo_data.yaml

    - name: install sssd
      dnf:
        name: "sssd,sssd-client"
        state: latest
        update_cache: true
        skip_broken: true
        nobest: false
        allowerasing: true

    - name: install 389
      dnf:
        name: "389-ds-base"
        state: latest
        update_cache: true
        skip_broken: true
        nobest: false
        allowerasing: true

    - name: Create volume lam_etc
      community.docker.docker_volume:
        name: lam_etc
        state: present

    - name: Create lam container
      community.docker.docker_container:
        name: semaphore
        image: ldapaccountmanager/lam
        state: started
        recreate: yes
        restart_policy: always
        published_ports:
          - "80:80/tcp"
        volumes:
          - lam_etc:/var/lib/ldap-account-manager/config
        env:
	  LAM_SKIP_PRECONFIGURE: false
	  LDAP_DOMAIN: ldap.neuro.uni-bremen.de
	  LDAP_BASE_DN: dc=ldap,dc=neuro,dc=uni-bremen,dc=de
	  LDAP_USERS_DN: ou=people,dc=ldap,dc=neuro,dc=uni-bremen,dc=de
	  LDAP_GROUPS_DN: ou=groups,dc=my-domain,dc=com
	  LDAP_SERVER: ldap://10.10.0.4:389
# xxxxxx
	  LDAP_USER: cn=admin,dc=ldap,dc=neuro,dc=uni-bremen,dc=de
# xxxxxx
	  LAM_PASSWORD: lam
	  LAM_CONFIGURATION_DATABASE: files
	  LAM_DISABLE_TLS_CHECK: false
	  LDAP_ORGANISATION: "Neuro-Physik ITP"
# xxxxxx
	  LDAP_ADMIN_PASSWORD: adminpw
# xxxxxx
	  LDAP_READONLY_USER_PASSWORD: readonlypw


    - name: set instance.inf
      blockinfile:
        path: /root/instance.inf
        state: present
        create: true
        owner: "root"
        group: "root"
        mode: "0666"
        block: |
          [general]
          full_machine_name = ldap.neuro.uni-bremen.de
          start = True
          
          [slapd]
          instance_name = localhost
# xxxxxx
          root_password = SOMEPASSWORD
          port = 389
          secure_port = 636
          self_sign_cert = True
          
          [backend-userroot]
          sample_entries = yes
          suffix = dc=ldap,dc=neuro,dc=uni-bremen,dc=de


# dscreate from-file instance.inf
# systemctl status dirsrv@localhost.service
# ldapsearch -x -H ldap://10.10.0.4 -s base -b "" "objectclass=*"
Add files via upload 2024-03-29 02:08:17 +01:00			`---`
			`- name: install ldap`
			`hosts: all`
			`become: true`

			`tasks:`
Add files via upload 2024-04-04 13:53:58 +02:00			`- name: remove other files`
			`include_tasks: yaml_sub/install_docker.yaml`

Add files via upload 2024-03-29 02:08:17 +01:00			`- name: remove other files`
			`include_tasks: yaml_sub/myrepo_clean.yaml`
Add files via upload 2024-04-04 13:53:58 +02:00
Add files via upload 2024-03-29 02:08:17 +01:00			`- name: update file myrepo.repo`
			`import_tasks: yaml_sub/myrepo_data.yaml`

			`- name: install sssd`
			`dnf:`
			`name: "sssd,sssd-client"`
			`state: latest`
			`update_cache: true`
			`skip_broken: true`
			`nobest: false`
			`allowerasing: true`

			`- name: install 389`
			`dnf:`
Add files via upload 2024-04-04 13:53:58 +02:00			`name: "389-ds-base"`
Add files via upload 2024-03-29 02:08:17 +01:00			`state: latest`
			`update_cache: true`
			`skip_broken: true`
			`nobest: false`
			`allowerasing: true`

Add files via upload 2024-04-04 13:53:58 +02:00			`- name: Create volume lam_etc`
			`community.docker.docker_volume:`
			`name: lam_etc`
			`state: present`

			`- name: Create lam container`
			`community.docker.docker_container:`
			`name: semaphore`
			`image: ldapaccountmanager/lam`
			`state: started`
			`recreate: yes`
			`restart_policy: always`
			`published_ports:`
			`- "80:80/tcp"`
			`volumes:`
			`- lam_etc:/var/lib/ldap-account-manager/config`
			`env:`
			`LAM_SKIP_PRECONFIGURE: false`
			`LDAP_DOMAIN: ldap.neuro.uni-bremen.de`
			`LDAP_BASE_DN: dc=ldap,dc=neuro,dc=uni-bremen,dc=de`
			`LDAP_USERS_DN: ou=people,dc=ldap,dc=neuro,dc=uni-bremen,dc=de`
			`LDAP_GROUPS_DN: ou=groups,dc=my-domain,dc=com`
			`LDAP_SERVER: ldap://10.10.0.4:389`
			`# xxxxxx`
			`LDAP_USER: cn=admin,dc=ldap,dc=neuro,dc=uni-bremen,dc=de`
			`# xxxxxx`
			`LAM_PASSWORD: lam`
			`LAM_CONFIGURATION_DATABASE: files`
			`LAM_DISABLE_TLS_CHECK: false`
			`LDAP_ORGANISATION: "Neuro-Physik ITP"`
			`# xxxxxx`
			`LDAP_ADMIN_PASSWORD: adminpw`
			`# xxxxxx`
			`LDAP_READONLY_USER_PASSWORD: readonlypw`


Add files via upload 2024-03-29 02:08:17 +01:00			`- name: set instance.inf`
			`blockinfile:`
			`path: /root/instance.inf`
			`state: present`
			`create: true`
			`owner: "root"`
			`group: "root"`
			`mode: "0666"`
			`block: \|`
			`[general]`
			`full_machine_name = ldap.neuro.uni-bremen.de`
			`start = True`

			`[slapd]`
			`instance_name = localhost`
Add files via upload 2024-04-04 13:53:58 +02:00			`# xxxxxx`
Add files via upload 2024-03-29 02:08:17 +01:00			`root_password = SOMEPASSWORD`
			`port = 389`
			`secure_port = 636`
			`self_sign_cert = True`

			`[backend-userroot]`
			`sample_entries = yes`
			`suffix = dc=ldap,dc=neuro,dc=uni-bremen,dc=de`


			`# dscreate from-file instance.inf`
			`# systemctl status dirsrv@localhost.service`
			`# ldapsearch -x -H ldap://10.10.0.4 -s base -b "" "objectclass=*"`