diff --git a/README.md b/README.md index 694b2c4..4c2a99b 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,7 @@ The variables that can be passed to this role and a brief description about them | dirsrv_serverid | default | Server ID or instance ID. All the data related to the instance configured by this role will end up in /etc/dirsrv/slapd-*default*, /var/log/dirsrv/slapd-*default*, etc... You could use your company name, e.g. for Foo Bar, Inc set the variable to `foobar` and the directories will be named slapd-foobar. | ยน | | dirsrv_install_examples | false | Create example entries under the suffix during installation | **No** | | dirsrv_install_additional_ldif | [] | Install these additional LDIF files, by default none (empty array). This corresponds to the `InstallLdifFile` directive in the inf installation file. | **No** | +| dirsrv_listen_host | | Listen on these addresses/hostnames. If not set (default) does nothing, if set to a string will set the `nsslapd-listenhost` attribute. Set to `[]` to delete the attribute. | Yes | | dirsrv_logging | see below | see below | Yes | | dirsrv_plugins_enabled | {} | Enable or disable plugins, see below for details. By default no plugins are enabled or disabled. | Yes | | dirsrv_dna_plugin | see below | Configuration for the DNA (Distributed Numeric Assignment) plugin. | Yes | diff --git a/defaults/main.yml b/defaults/main.yml index 8ab9c12..4b18a3f 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -87,6 +87,7 @@ dirsrv_password_storage_scheme: [] dirsrv_ldapi_enabled: false dirsrv_sasl_plain_enabled: true +dirsrv_listen_host: # Display supported cipher suites: # ldapsearch -xLLL -H ldap://server.example.com:389 -D "cn=Directory Manager" -W -b 'cn=encryption,cn=config' -s base nsSSLSupportedCiphers -o ldif-wrap=no dn: cn=encryption,cn=config diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml index 91bea45..4b8318c 100644 --- a/molecule/default/playbook.yml +++ b/molecule/default/playbook.yml @@ -8,4 +8,5 @@ dirsrv_suffix: "dc=example,dc=local" dirsrv_serverid: test dirsrv_rootdn_password: secret + dirsrv_listen_host: 0.0.0.0 dirsrv_tls_enabled: false diff --git a/molecule/other_features/playbook.yml b/molecule/other_features/playbook.yml index 0a4f4c1..ab59b1c 100644 --- a/molecule/other_features/playbook.yml +++ b/molecule/other_features/playbook.yml @@ -9,6 +9,7 @@ dirsrv_password_storage_scheme: "PBKDF2_SHA256" dirsrv_serverid: test dirsrv_rootdn_password: secret + dirsrv_listen_host: 0.0.0.0 dirsrv_tls_enabled: false dirsrv_install_examples: true dirsrv_ldapi_enabled: true diff --git a/molecule/tls/playbook.yml b/molecule/tls/playbook.yml index 5e70166..b0d142d 100644 --- a/molecule/tls/playbook.yml +++ b/molecule/tls/playbook.yml @@ -7,6 +7,7 @@ dirsrv_suffix: "dc=test,dc=local" dirsrv_serverid: test dirsrv_rootdn_password: secret + dirsrv_listen_host: 0.0.0.0 dirsrv_tls_enabled: true dirsrv_tls_cert_file: tls_test_local_cert.pem dirsrv_tls_key_file: tls_test_local.key diff --git a/tasks/main.yml b/tasks/main.yml index a676e9a..39f912a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -63,6 +63,16 @@ bind_dn: "{{ dirsrv_rootdn }}" bind_pw: "{{ dirsrv_rootdn_password }}" +- name: Configure listen address + ldap_attr: + params: "{{ dirsrv_ldap_auth }}" + dn: "cn=config" + name: "nsslapd-listenhost" + values: "{{ dirsrv_listen_host }}" + state: exact + notify: dirsrv restart + when: dirsrv_listen_host != None + - include: configure_authentication.yml - include: configure_logging.yml