mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-09-21 22:40:41 +02:00
Get rid of ldap.archlinux.org in favor keycloak.archlinux.org
This commit is contained in:
parent
24262f6d4b
commit
080bece133
15
archlinux.tf
15
archlinux.tf
@ -76,21 +76,6 @@ resource "hcloud_server" "gitlab" {
|
||||
}
|
||||
}
|
||||
|
||||
resource "hcloud_rdns" "ldap" {
|
||||
server_id = "${hcloud_server.ldap.id}"
|
||||
ip_address = "${hcloud_server.ldap.ipv4_address}"
|
||||
dns_ptr = "ldap.archlinux.org"
|
||||
}
|
||||
|
||||
resource "hcloud_server" "ldap" {
|
||||
name = "ldap.archlinux.org"
|
||||
image = "${data.hcloud_image.archlinux.id}"
|
||||
server_type = "cx11"
|
||||
lifecycle {
|
||||
ignore_changes = [image]
|
||||
}
|
||||
}
|
||||
|
||||
resource "hcloud_rdns" "matrix" {
|
||||
server_id = "${hcloud_server.matrix.id}"
|
||||
ip_address = "${hcloud_server.matrix.ipv4_address}"
|
||||
|
18
roles/keycloak/tasks/main.yml
Normal file
18
roles/keycloak/tasks/main.yml
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
|
||||
- name: install keycloak
|
||||
pacman: name=keycloak state=present
|
||||
|
||||
# - name: start dirsrv service
|
||||
# service: name=dirsrv
|
||||
# Levente TODO
|
||||
|
||||
# - name: open firewall hole
|
||||
# firewalld: port={{ item }} permanent=true state=enabled immediate=yes
|
||||
# when: configure_firewall
|
||||
# with_items:
|
||||
# Levente TODO
|
||||
# - 389
|
||||
# - 636
|
||||
# tags:
|
||||
# - firewall
|
@ -1,59 +0,0 @@
|
||||
---
|
||||
|
||||
- name: install ldap
|
||||
pacman: name=389-ds-base,python-lib389 state=present
|
||||
|
||||
# - name: start dirsrv service
|
||||
# service: name=dirsrv
|
||||
|
||||
- name: create parent entry categories
|
||||
ldap_entry:
|
||||
dn: ou={{item}},dc=archlinux,dc=org
|
||||
objectClass:
|
||||
- top
|
||||
- organizationalUnit
|
||||
attributes:
|
||||
ou: {{item}}
|
||||
with_items:
|
||||
- users
|
||||
- groups
|
||||
|
||||
- name: create user entries
|
||||
ldap_entry:
|
||||
dn: uid={{item.key}},ou=users,dc=archlinux,dc=org
|
||||
objectClass:
|
||||
- top
|
||||
- person
|
||||
- inetOrgPerson
|
||||
- organizationalPerson
|
||||
- posixAccount
|
||||
attributes:
|
||||
uid: {{item.key}}
|
||||
givenName: {{item.value.name}}
|
||||
with_dict: "{{ arch_users }}"
|
||||
|
||||
- name: create group entries
|
||||
ldap_entry:
|
||||
dn: cn={{item}},ou=groups,dc=archlinux,dc=org
|
||||
objectClass:
|
||||
- top
|
||||
- posixGroup
|
||||
with_items: "{{ arch_groups }}"
|
||||
|
||||
#TODO
|
||||
#- name: associate groups with users
|
||||
# ldap_attr:
|
||||
# dn: cn={{ TODO GROUP HERE }},ou=groups,dc=archlinux,dc=org
|
||||
# name: memberuid
|
||||
# values: {{ TODO USER HERE }}
|
||||
# state: present
|
||||
# with_
|
||||
|
||||
- name: open firewall hole
|
||||
firewalld: port={{ item }} permanent=true state=enabled immediate=yes
|
||||
when: configure_firewall
|
||||
with_items:
|
||||
- 389
|
||||
- 636
|
||||
tags:
|
||||
- firewall
|
Loading…
Reference in New Issue
Block a user