Changeset - a6633bcc83d1
Parent rev.
Child rev.
[Not reviewed]
0 4 0
Branko Majic (branko) - 9 years ago 2015-05-05 00:21:28
branko@majic.rs
MAR-13: Added a hack to restart the slapd server once the group for OpenLDAP has been changed (otherwise the user can't read the TLS key, and error happens). Fixed some service resources to be explicitly enabled.
4 files changed with 9 insertions and 4 deletions:
roles/common/tasks/main.yml
1
1
roles/ldap_server/tasks/main.yml
5
roles/mail_server/tasks/main.yml
2
2
roles/prosody/tasks/main.yml
1
1
0 comments (0 inline, 0 general)
roles/common/tasks/main.yml
Show inline comments
 
@@ -79,4 +79,4 @@
 
    - Restart ferm
 

			




	
	
	
		
 
- name: Enable ferm service

			




	
	
	
		
 
  service: name=ferm state=started

			




	
	
	
		
 
  service: name=ferm enabled=yes state=started

			




        

    


    
    

    

        

                

                    roles/ldap_server/tasks/main.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -11,6 +11,11 @@

			




	
	
	
		
 

			




	
	
	
		
 
- name: Allow OpenLDAP user to traverse the directory with TLS private keys

			




	
	
	
		
 
  user: name=openldap append=yes groups=ssl-cert

			




	
	
	
		
 
  register: openldap_in_ssl_cert

			




	
	
	
		
 

			




	
	
	
		
 
- name: Restart slapd if group membership has changed

			




	
	
	
		
 
  service: name=slapd state=restarted

			




	
	
	
		
 
  when: openldap_in_ssl_cert.changed

			




	
	
	
		
 

			




	
	
	
		
 
- name: Install Python LDAP bindings

			




	
	
	
		
 
  apt: name=python-ldap state=installed

			




        

    


    
    

    

        

                

                    roles/mail_server/tasks/main.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -121,13 +121,13 @@

			




	
	
	
		
 
    - Restart Postfix

			




	
	
	
		
 

			




	
	
	
		
 
- name: Enable ClamAV service

			




	
	
	
		
 
  service: name="{{ item }}" state=started

			




	
	
	
		
 
  service: name="{{ item }}" enabled=yes state=started

			




	
	
	
		
 
  with_items:

			




	
	
	
		
 
    - clamav-daemon

			




	
	
	
		
 
    - clamav-freshclam

			




	
	
	
		
 

			




	
	
	
		
 
- name: Enable ClamAV milter service.

			




	
	
	
		
 
  service: name=clamav-milter state=started

			




	
	
	
		
 
  service: name=clamav-milter enabled=yes state=started

			




	
	
	
		
 

			




	
	
	
		
 
- name: Enable Postfix service

			




	
	
	
		
 
  service: name=postfix enabled=yes state=started

			




        

    


    
    

    

        

                

                    roles/prosody/tasks/main.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -51,7 +51,7 @@

			




	
	
	
		
 
    - Restart Prosody

			




	
	
	
		
 

			




	
	
	
		
 
- name: Enable and start Prosody service

			




	
	
	
		
 
  service: name=prosody state=started

			




	
	
	
		
 
  service: name=prosody enabled=yes state=started

			




	
	
	
		
 

			




	
	
	
		
 
- name: Deploy firewall configuration for XMPP server

			




	
	
	
		
 
  copy: src="ferm_xmpp.conf" dest="/etc/ferm/conf.d/30-xmpp.conf" owner=root group=root mode=640

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.