majic-ansible-roles Changeset

Changeset - 4c5f1593c786

Parent rev.

Child rev.

[Not reviewed]

0 1 1

Branko Majic (branko) - 9 years ago 2015-08-30 19:22:46
branko@majic.rs

MAR-19: Make the ldap client configuration optional.

2 files changed with 4 insertions and 1 deletions:

docs/rolereference.rst

roles/ldap_client/defaults/main.yml

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -297,97 +297,97 @@ packages on all servers: @@
   ---
   os_users:
     - name: admin
       uid: 1000
       additional_groups:
         - sudo
       authorized_keys:
         - "{{ lookup('file', '/home/admin/.ssh/id_rsa.pub') }}"
       password: '$6$AaJRWtqyX5pk$IP8DUjgY0y2zqMom9BAc.O9qHoQWLFCmEsPRCika6l/Xh87cp2SnlMywH0.r4uEcbHnoicQG46V9VrJ8fxp2d.'
     - name: john
       uid: 1001
       password: '$6$AaJRWtqyX5pk$IP8DUjgY0y2zqMom9BAc.O9qHoQWLFCmEsPRCika6l/Xh87cp2SnlMywH0.r4uEcbHnoicQG46V9VrJ8fxp2d.'
   os_groups:
     - name: localusers
       gid: 2500
   common_packages:
     - emacs23-nox
     - screen
     - debconf-utils
   ca_certificates:
     - ../certs/truststore.pem
   incoming_connection_limit: 2/second
   incoming_connection_limit_burst: 6
 .. _ldap_client:
 LDAP Client
 -----------
 The ``ldap_client`` role can be used for setting-up an OpenLDAP client on
 destination machine.
 The role implements the following:
 * Installs OpenLDAP client tools.
 * Sets-up global configuration file for OpenLDAP clients at /etc/ldap/ldap.conf.
 Parameters
 ~~~~~~~~~~
-**ldap_client_config** (list, mandatory)
+**ldap_client_config** (list, optional, ``[]``)
   A list of configuration options that should be put into the LDAP configuration
   file. Each item is a dictionary with the following options defining the
   configuration parameter:
   **comment** (string, mandatory)
     Comment that will be shown in the file just above the configuration option.
   **option** (string, mandatory)
     Name of configuration option.
   **value** (string, mandatory)
     Value for configuration option.
 Examples
 ~~~~~~~~
 Here is an example configuration for setting some common LDAP client options:
 .. code-block:: yaml
   ---
   ldap_client_config:
     - comment: Set the base DN
       option: BASE
       value: dc=example,dc=com
     - comment: Set the default URI
       option: URI
       value: ldap://ldap.example.com/
     - comment: Set the truststore for TLS/SSL
       option: TLS_CACERT
       value: /etc/ssl/certs/example_ca.pem
     - commment: Force basic server certificate verification
       option: TLS_REQCERT
       value: demand
     - comment: Disable CRL checks for server certificate
       option: TLS_CRLCHECK
       value: none
 LDAP Server
 -----------
 The ``ldap_server`` role can be used for setting-up an OpenLDAP server on
 destination machine.
 The role implements the following:

roles/ldap_client/defaults/main.yml

➞

Show inline comments

		new file 100644
		---

		ldap_client_config: []
		\ No newline at end of file

0 comments (0 inline, 0 general)