Add ldap-adm.adm.crans.org as main slapd server

2022-11-04 19:35:59 +01:00 · 2022-11-04 19:35:59 +01:00 · 90f4028597
parent 9377f67598
commit 90f4028597
8 changed files with 14 additions and 8 deletions
--- a/group_vars/all/ldap.yml
+++ b/group_vars/all/ldap.yml
@ -3,6 +3,7 @@ glob_ldap:
  uri: 'ldap://re2o-ldap.adm.crans.org/'
  users_base: 'cn=Utilisateurs,dc=crans,dc=org'
  servers:
+    - 172.16.10.100
    - 172.16.10.1
    - 172.16.10.11
    - 172.16.10.12
--- a/group_vars/all/ssh_known_hosts.yml
+++ b/group_vars/all/ssh_known_hosts.yml
@ -12,4 +12,4 @@ glob_service_ssh_known_hosts:
    frequency: "*/10 * * * *"
  config:
    ldap:
-      server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
+      server: "ldaps://{{ query('ldap', 'ip', 'ldap-adm', 'adm') | ansible.utils.ipv4 | first }}"
--- a/group_vars/prometheus.yml
+++ b/group_vars/prometheus.yml
@ -13,7 +13,7 @@ glob_service_prometheus_target:
    options: ""
  config:
    ldap:
-      server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
+      server: "ldaps://{{ query('ldap', 'ip', 'ldap-adh', 'adm') | ansible.utils.ipv4 | first }}"

 glob_ninjabot:
  config:
--- a/group_vars/slapd.yml
+++ b/group_vars/slapd.yml
@ -1,7 +1,7 @@
 ---
 glob_slapd:
-  master_ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
+  master_ip: "{{ query('ldap', 'ip', 'ldap-adm', 'adm') | ansible.utils.ipv4 | first }}"
  regex: "^(role:(dhcp|dns|dns-primary|dns-secondary|ftp|gitlab|miroir|ntp|pve|radius|backup)|ecdsa-sha2-nistp256:.*|ssh-(ed25519|dss|rsa):.*|description:.*|location:.*)$"
-  replication_credentials: "{{ vault.slapd.tealc.replication_credentials }}"
-  private_key: "{{ vault.slapd.tealc.private_key }}"
-  certificate: "{{ vault.slapd.tealc.certificate }}"
+  replication_credentials: "{{ vault.slapd.main.replication_credentials }}"
+  private_key: "{{ vault.slapd.main.private_key }}"
+  certificate: "{{ vault.slapd.main.certificate }}"
--- a/group_vars/virtu_adh.yml
+++ b/group_vars/virtu_adh.yml
@ -12,7 +12,7 @@ glob_service_proxmox_user:
  config:
    ldap:
      admin:
-        uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
+        uri: "ldaps://{{ query('ldap', 'ip', 'ldap-adm', 'adm') | ansible.utils.ipv4 | first }}/"
        userBase: "ou=passwd,dc=crans,dc=org"
        realm: "pam"
      user:
--- a/host_vars/boeing.adm.crans.org.yml
+++ b/host_vars/boeing.adm.crans.org.yml
@ -63,7 +63,7 @@ loc_wireguard:
 loc_service_proxy:
  config:
    ldap:
-      server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
+      server: "ldaps://{{ query('ldap', 'ip', 'ldap-adm', 'adm') | ansible.utils.ipv4 | first }}/"
    protocol: "proxy"
    filter: "adm.crans.org"
    proxy:
--- a/host_vars/ldap-adm.adm.crans.org.yml
+++ b/host_vars/ldap-adm.adm.crans.org.yml
@ -0,0 +1,3 @@
+loc_slapd:
+  ip: "{{ query('ldap', 'ip', 'ldap-adm', 'adm') | ipv4 | first }}"
+  replica: false
--- a/2
+++ b/2
@ -238,6 +238,7 @@ helloworld.adm.crans.org
 daniel.adm.crans.org
 ft.adm.crans.org
 jack.adm.crans.org
+ldap-adm.adm.crans.org
 sam.adm.crans.org
 sputnik.adm.crans.org
 tealc.adm.crans.org
@ -317,6 +318,7 @@ irc.adm.crans.org
 jitsi.adm.crans.org
 kenobi.adm.crans.org
 kiwi.adm.crans.org
+ldap-adm.adm.crans.org
 linx.adm.crans.org
 mailman.adm.crans.org
 neree.adm.crans.org