commit
8bb913af14
|
|
@ -6,4 +6,4 @@ ldap:
|
||||||
|
|
||||||
# Parameters for debian mirror
|
# Parameters for debian mirror
|
||||||
debian_mirror: http://mirror.adm.crans.org/debian
|
debian_mirror: http://mirror.adm.crans.org/debian
|
||||||
debian_components: main non_free
|
debian_components: main non-free
|
||||||
|
|
|
||||||
|
|
@ -28,6 +28,9 @@
|
||||||
- hosts: slapd
|
- hosts: slapd
|
||||||
vars:
|
vars:
|
||||||
slapd: '{{ glob_slapd | combine(loc_slapd | default({})) }}'
|
slapd: '{{ glob_slapd | combine(loc_slapd | default({})) }}'
|
||||||
|
ldap:
|
||||||
|
private_key: "{{ vault_ldap_private_key }}"
|
||||||
|
certificate: "{{ vault_ldap_certificate }}"
|
||||||
roles:
|
roles:
|
||||||
- slapd
|
- slapd
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -15,11 +15,15 @@
|
||||||
|
|
||||||
- name: Deploy slapd configuration
|
- name: Deploy slapd configuration
|
||||||
template:
|
template:
|
||||||
src: ldap/slapd.conf.j2
|
src: "ldap/{{ item.dest }}.j2"
|
||||||
dest: /etc/ldap/slapd.conf
|
dest: "/etc/ldap/{{ item.dest }}"
|
||||||
mode: 0600
|
mode: "{{ item.mode }}"
|
||||||
owner: openldap
|
owner: openldap
|
||||||
group: openldap
|
group: openldap
|
||||||
|
loop:
|
||||||
|
- { dest: slapd.conf, mode: "0600" }
|
||||||
|
- { dest: ldap.key, mode: "0600" }
|
||||||
|
- { dest: ldap.pem, mode: "0644" }
|
||||||
notify: Restart slapd
|
notify: Restart slapd
|
||||||
|
|
||||||
- name: Deploy ldap services
|
- name: Deploy ldap services
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
{{ ldap.private_key }}
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
{{ ldap.certificate }}
|
||||||
|
|
@ -35,9 +35,8 @@ moduleload syncprov
|
||||||
# TODO FAIRE LES CERTIFICATS
|
# TODO FAIRE LES CERTIFICATS
|
||||||
# TLS Certificates
|
# TLS Certificates
|
||||||
#TLSCipherSuite HIGH:MEDIUM:-SSLv2:-SSLv3
|
#TLSCipherSuite HIGH:MEDIUM:-SSLv2:-SSLv3
|
||||||
#TLSCACertificateFile /etc/ssl/certs/ServENS.crt
|
TLSCertificateFile /etc/ldap/ldap.pem
|
||||||
#TLSCertificateFile /etc/ldap/ldap.pem
|
TLSCertificateKeyFile /etc/ldap/ldap.key
|
||||||
#TLSCertificateKeyFile /etc/ldap/ldap.key
|
|
||||||
|
|
||||||
# The maximum number of entries that is returned for a search operation
|
# The maximum number of entries that is returned for a search operation
|
||||||
sizelimit 500
|
sizelimit 500
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue