[proxmox] Deploy service-proxmox-user on virtus to sync the list of users

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2022-06-28 11:35:20 +02:00 · 2022-06-28 11:35:20 +02:00 · 070e69cccd
parent 0f84e0da18
commit 070e69cccd
8 changed files with 61 additions and 1 deletions
--- a/group_vars/virtu.yml
+++ b/group_vars/virtu.yml
@ -4,3 +4,23 @@ glob_debian_images:
  rsync_host: 'eclat.adm.crans.org'
  rsync_module: 'mirror'
  include_extra_images: false
+
+glob_service_proxmox_user:
+  git:
+    remote: https://gitlab.adm.crans.org/nounous/proxmox-user.git
+    version: main
+  name: proxmox-user
+  install_dir: /var/local/services/proxmox-user
+  generated: false
+  cron:
+    frequency: "*/2 * * * *"
+    options: ""
+  config:
+    ldap:
+      admin:
+        uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
+        userBase: "ou=passwd,dc=crans,dc=org"
+        realm: "pam"
+  dependencies:
+    - python3-jinja2
+    - python3-ldap
--- a/group_vars/virtu_adh.yml
+++ b/group_vars/virtu_adh.yml
@ -0,0 +1,25 @@
+glob_service_proxmox_user:
+  git:
+    remote: https://gitlab.adm.crans.org/nounous/proxmox-user.git
+    version: main
+  name: proxmox-user
+  install_dir: /var/local/services/proxmox-user
+  generated: false
+  cron:
+    frequency: "*/2 * * * *"
+    options: ""
+  config:
+    ldap:
+      admin:
+        uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
+        userBase: "ou=passwd,dc=crans,dc=org"
+        realm: "pam"
+      user:
+        uri: "ldaps://{{ query('ldap', 'ip', 'flirt', 'adm') | ipv4 | first }}/"
+        userBase: "ou=users,dc=adh,dc=crans,dc=org"
+        realm: "pve"
+        binddn: "{{ vault.ldap_adh_reader.binddn }}"
+        passwd: "{{ vault.ldap_adh_reader.bindpass }}"
+  dependencies:
+    - python3-jinja2
+    - python3-ldap
--- a/host_vars/daniel.adm.crans.org.yml
+++ b/host_vars/daniel.adm.crans.org.yml
@ -8,3 +8,6 @@ loc_postgres:
  version: 13
  replica: true
  addresses: "['daniel.adm.crans.org'] + {{ query('ldap', 'ip', 'daniel', 'adm') | ipaddr('address') }}"
+
+loc_service_proxmox_user:
+  cron: null
--- a/host_vars/gulp.adm.crans.org.yml
+++ b/host_vars/gulp.adm.crans.org.yml
@ -1,3 +1,6 @@
 ---
 loc_debian_images:
  include_extra_images: true
+
+loc_service_proxmox_user:
+  cron: null
--- a/host_vars/jack.adm.crans.org.yml
+++ b/host_vars/jack.adm.crans.org.yml
@ -8,3 +8,6 @@ loc_postgres:
  version: 13
  replica: true
  addresses: "['jack.adm.crans.org'] + {{ query('ldap', 'ip', 'jack', 'adm') | ipaddr('address') }}"
+
+loc_service_proxmox_user:
+  cron: null
--- a/host_vars/odlyd.adm.crans.org.yml
+++ b/host_vars/odlyd.adm.crans.org.yml
@ -1,3 +1,6 @@
 ---
 loc_debian_images:
  include_extra_images: true
+
+loc_service_proxmox_user:
+  cron: null
--- a/plays/root.yml
+++ b/plays/root.yml
@ -3,8 +3,11 @@
 # root is the first playbook to launch (as root) whe initiation a new server

 - hosts: virtu
+  vars:
+    service: "{{ glob_service_proxmox_user | default({}) | combine(loc_service_proxmox_user | default({})) }}"
  roles:
    - proxmox-apt-sources
+    - service

 - hosts: server
  roles:
--- a/roles/service/tasks/main.yml
+++ b/roles/service/tasks/main.yml
@ -55,7 +55,7 @@
  template:
    src: cron.d/service.j2
    dest: "/etc/cron.d/services-{{ service.name }}"
-  when: service.cron is defined
+  when: service.cron is defined and service.cron.frequency is defined

 - name: Deploy service configuration
  template: