Merge "FreeIPA: Make OTP and FreeIPA server parameters optional"
This commit is contained in:
commit
6190f56a51
|
@ -13,10 +13,12 @@ parameters:
|
||||||
type: string
|
type: string
|
||||||
|
|
||||||
FreeIPAOTP:
|
FreeIPAOTP:
|
||||||
|
default: ''
|
||||||
description: 'OTP that will be used for FreeIPA enrollment'
|
description: 'OTP that will be used for FreeIPA enrollment'
|
||||||
type: string
|
type: string
|
||||||
hidden: true
|
hidden: true
|
||||||
FreeIPAServer:
|
FreeIPAServer:
|
||||||
|
default: ''
|
||||||
description: 'FreeIPA server DNS name'
|
description: 'FreeIPA server DNS name'
|
||||||
type: string
|
type: string
|
||||||
FreeIPAIPAddress:
|
FreeIPAIPAddress:
|
||||||
|
@ -36,18 +38,27 @@ resources:
|
||||||
- name: ipa_ip
|
- name: ipa_ip
|
||||||
config: |
|
config: |
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
sed -i "/${ipa_server}/d" /etc/hosts
|
# If no IPA server was given as a parameter, it will be assumed from
|
||||||
# Optionally add the FreeIPA server IP to /etc/hosts
|
# DNS.
|
||||||
if [ -n "${ipa_ip}" ]; then
|
if [ -n "${ipa_server}" ]; then
|
||||||
echo "${ipa_ip} ${ipa_server}" >> /etc/hosts
|
sed -i "/${ipa_server}/d" /etc/hosts
|
||||||
|
# Optionally add the FreeIPA server IP to /etc/hosts
|
||||||
|
if [ -n "${ipa_ip}" ]; then
|
||||||
|
echo "${ipa_ip} ${ipa_server}" >> /etc/hosts
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
# Set the node's domain if needed
|
# Set the node's domain if needed
|
||||||
if [ ! $(hostname -f | grep "${ipa_domain}$") ]; then
|
if [ ! $(hostname -f | grep "${ipa_domain}$") ]; then
|
||||||
hostnamectl set-hostname "$(hostname).${ipa_domain}"
|
hostnamectl set-hostname "$(hostname).${ipa_domain}"
|
||||||
fi
|
fi
|
||||||
yum install -y ipa-client
|
yum install -y ipa-client
|
||||||
# Enroll. If there is already keytab, we have already done this.
|
# Enroll. If there is already keytab, we have already done this. If
|
||||||
|
# this node hasn't enrolled and the OTP is missing, fail.
|
||||||
if [ ! -f /etc/krb5.keytab ]; then
|
if [ ! -f /etc/krb5.keytab ]; then
|
||||||
|
if [ -z "${otp}" ]; then
|
||||||
|
echo "OTP is missing"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
ipa-client-install --server ${ipa_server} -w ${otp} \
|
ipa-client-install --server ${ipa_server} -w ${otp} \
|
||||||
--domain=${ipa_domain} -U
|
--domain=${ipa_domain} -U
|
||||||
fi
|
fi
|
||||||
|
|
Loading…
Reference in New Issue