e3da2c2e3e
A role to setup a host as a kerberos client This is largely a port of the client ports of openstack-infra/puppet-kerberos. This is a generic role because it will be used from Zuul jobs (wheel-builds) and in the control-plane (servers mounting AFS) Tested-By: https://review.openstack.org/589335 Needed-By: https://review.openstack.org/590636 Change-Id: I4b38ea7ec2325071a67068555ef47e15d559c18e
39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
- name: Get OS specific package names
|
|
include_vars: "{{ lookup('first_found', params) }}"
|
|
vars:
|
|
params:
|
|
files:
|
|
- "{{ ansible_distribution }}.{{ ansible_architecture }}.yaml"
|
|
- "{{ ansible_distribution }}.yaml"
|
|
- "{{ ansible_os_family }}.yaml"
|
|
- "default.yaml"
|
|
paths:
|
|
- vars
|
|
|
|
- name: Check package names
|
|
fail:
|
|
msg: 'No kerberos client packages defined for this platform'
|
|
when: not kerberos_client_packages
|
|
|
|
- name: Install configuration file
|
|
template:
|
|
dest: /etc/krb5.conf
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
src: etc/krb5.conf.j2
|
|
become: yes
|
|
|
|
# NOTE(ianw): urgh, we have to install with yum directly to enable
|
|
# epel on CentOS for kstart, which is a pretty hard dependency for
|
|
# useful automation. If this ever changes, remove this and we can
|
|
# just go back to generic package: installer.
|
|
- name: Distro install kerberos client packages
|
|
include_tasks: "{{ lookup('first_found', params) }}"
|
|
vars:
|
|
params:
|
|
files:
|
|
- "{{ansible_distribution}}.yaml"
|
|
- "default.yaml"
|
|
paths:
|
|
- install-packages |