From b23e9400c36acf9856606165489e8828c2cf8dd5 Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Fri, 11 Oct 2019 06:25:21 +0200
Subject: ipa-client and fine tunning

---
 roles/ands_idm/tasks/setup_ipa.yml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 roles/ands_idm/tasks/setup_ipa.yml

(limited to 'roles/ands_idm/tasks/setup_ipa.yml')

diff --git a/roles/ands_idm/tasks/setup_ipa.yml b/roles/ands_idm/tasks/setup_ipa.yml
new file mode 100644
index 0000000..06fe6da
--- /dev/null
+++ b/roles/ands_idm/tasks/setup_ipa.yml
@@ -0,0 +1,20 @@
+- name: Install ipa-client
+  package: name=ipa-client state=present
+
+- name: "Check if ipa is already configured"
+  shell: "grep {{ ands_domain }} /etc/krb5.conf"
+  register: ipa_check
+  changed_when: ipa_check is failed
+  failed_when: false
+
+- name: "Read FQDN"
+  command: "cat /etc/hostname"
+  register: hostname
+  changed_when: false
+
+- name: "Configure ipa"
+  command: "/usr/sbin/ipa-client-install  -p admin  -w {{ config.ands_idm_admin_password | quote }} --hostname={{ hostname.stdout }} --domain={{ ands_domain }} --server={{ ands_idm_server }} --enable-dns-updates --mkhomedir --request-cert  --unattended"
+  when: 
+    - ipa_check.rc != 0
+  
+
-- 
cgit v1.2.1