From d3d3ea2e8af6416406a84bfa4972d29d7ecde5e3 Mon Sep 17 00:00:00 2001 From: Marco Favero Date: Tue, 16 Feb 2021 15:58:25 +0100 Subject: [PATCH 1/3] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 4b655c0..ac40f9e 100644 --- a/README.md +++ b/README.md @@ -35,6 +35,7 @@ The variables that can be passed to this role and a brief description about them | Variable | Default | Description | Can be changed | |---------------------------------|----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------| | dirsrv_suffix | dc=example,dc=com | Suffix of the DIT. All entries in the server will be placed under this suffix. Normally it's made from the domain components (*dc*) of your company main domain. E.g. if you're from example.co.uk and the server will be at ldap-server.example.co.uk, set the suffix to `dc=example,dc=co,dc=uk`, leaving out the subdomain part (`ldap-server`) since it's irrelevant. | **No** | +| dirsrv_othersuffixes | [] | List of other suffixes dicts in the form `{ name: , dn: }` | **No** | | dirsrv_rootdn | cn=Directory Manager | Root DN, or "administrator" account username. Bind with this DN to bypass all authorization controls. | **No** | | dirsrv_rootdn_password | | Password for root DN, you *must* define this variable or the role will fail. | **No** | | dirsrv_fqdn | {{ansible_nodename}} | Server FQDN, e.g. `ldap.example.com`. If the server hostname is already an FQDN, the default should pick it up. | **No** | From 059811bec27167030c5abe2531d31ba4d5d65f7c Mon Sep 17 00:00:00 2001 From: Marco Favero Date: Wed, 17 Feb 2021 16:41:18 +0100 Subject: [PATCH 2/3] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index ac40f9e..18991c2 100644 --- a/README.md +++ b/README.md @@ -71,6 +71,7 @@ These variables only affect on installations of 389DS version 1.4.X and have no | dirsrv_selfsigned_cert | True² | Determines wether 389DS will generate a self-signed certificate and enable TLS automatically. | **No** | | dirsrv_selfsigned_cert_duration | 24² | Validity in months of the self-signed certificate generated by 389DS. | **No** | | dirsrv_create_suffix_entry | False² | Determines wether 389DS will generate a suffix entry in the directory with the given suffix: `cn={{ dirsrv_suffix }}` | **No** | +| dirsrv_rundir | | Configures a specific path for `run_dir`. | **No** | ### Interoperability between 1.3.X and 1.4.X From 2df4d197ad474cde782564a02fbf34f2d184d8df Mon Sep 17 00:00:00 2001 From: Marco Favero Date: Wed, 17 Feb 2021 16:42:32 +0100 Subject: [PATCH 3/3] Allow multiple backends and run_dir. --- defaults/main.yml | 2 ++ templates/install-v1.inf.j2 | 3 ++- templates/install-v2.inf.j2 | 20 ++++++++++++++++++-- 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 214341f..043cf82 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,6 +3,8 @@ # Instance settings dirsrv_suffix: dc=example,dc=com +dirsrv_bename: userRoot +dirsrv_othersuffixes: [] dirsrv_rootdn: cn=Directory Manager # dirsrv_rootdn_password: secret dirsrv_fqdn: "{{ ansible_nodename }}" diff --git a/templates/install-v1.inf.j2 b/templates/install-v1.inf.j2 index f166b72..4c99770 100644 --- a/templates/install-v1.inf.j2 +++ b/templates/install-v1.inf.j2 @@ -18,6 +18,7 @@ SuiteSpotGroup = dirsrv ServerPort = 389 ServerIdentifier = {{ dirsrv_serverid }} Suffix = {{ dirsrv_suffix }} +ds_bename = {{ dirsrv_bename }} RootDN = {{ dirsrv_rootdn }} RootDNPwd = {{ dirsrv_rootdn_password }} {% if dirsrv_install_examples %} @@ -32,4 +33,4 @@ RootDNPwd = {{ dirsrv_rootdn_password }} InstallLdifFile = /tmp/{{ file|basename }} {% endfor %} {% endif %} -{% endif %} \ No newline at end of file +{% endif %} diff --git a/templates/install-v2.inf.j2 b/templates/install-v2.inf.j2 index e982428..d05ea1c 100644 --- a/templates/install-v2.inf.j2 +++ b/templates/install-v2.inf.j2 @@ -21,8 +21,11 @@ self_sign_cert = {{ "True" if dirsrv_selfsigned_cert else "False" }} {% if dirsrv_selfsigned_cert_duration is defined %} self_sign_cert_valid_months = {{ dirsrv_selfsigned_cert_duration }} {% endif %} +{% if dirsrv_rundir is defined %} +run_dir = {{ dirsrv_rundir }} +{% endif %} -[backend-userroot] +[backend-{{ dirsrv_bename }}] {% if dirsrv_install_examples %} sample_entries = yes {% else %} @@ -31,4 +34,17 @@ sample_entries = no suffix = {{ dirsrv_suffix }} {% if dirsrv_create_suffix_entry is defined %} create_suffix_entry = {{ "True" if dirsrv_create_suffix_entry else "False" }} -{% endif %} \ No newline at end of file +{% endif %} +{% for suffix in dirsrv_othersuffixes %} + +[backend-{{ suffix.name }}] +{% if dirsrv_install_examples %} +sample_entries = yes +{% else %} +sample_entries = no +{% endif %} +suffix = {{ suffix.dn }} +{% if dirsrv_create_suffix_entry is defined %} +create_suffix_entry = {{ "True" if dirsrv_create_suffix_entry else "False" }} +{% endif %} +{% endfor %}