diff --git a/deployment/ipa/ipaservices-baremetal-ansible.yaml b/deployment/ipa/ipaservices-baremetal-ansible.yaml index 30eb17f778..06e666f949 100644 --- a/deployment/ipa/ipaservices-baremetal-ansible.yaml +++ b/deployment/ipa/ipaservices-baremetal-ansible.yaml @@ -64,6 +64,10 @@ parameters: default: True description: Set to true to enroll the base server (computes, controllers) type: boolean + IdMModifyDNS: + default: True + description: Set to false to disable DNS records manipulation in the FreeIPA server. + type: boolean IdMZoneSplitIPv4: default: 1 description: The level by which the PTR DNS record is split when creating zones. @@ -102,6 +106,7 @@ outputs: vars: tripleo_ipa_ptr_zone_split_ipv4: {get_param: IdMZoneSplitIPv4} tripleo_ipa_ptr_zone_split_ipv6: {get_param: IdMZoneSplitIPv6} + when: {get_param: IdMModifyDNS} environment: if: - idm_server_provided @@ -131,17 +136,17 @@ outputs: path: /etc/ipa/default.conf register: ipa_conf_exists - block: - - name: register as an ipa client - import_role: - name: ipaclient - - name: restart certmonger service - systemd: - state: restarted - daemon_reload: true - name: certmonger.service + - name: register as an ipa client + import_role: + name: ipaclient + - name: restart certmonger service + systemd: + state: restarted + daemon_reload: true + name: certmonger.service when: - - idm_enroll_base_server|bool - - not ipa_conf_exists.stat.exists + - idm_enroll_base_server|bool + - not ipa_conf_exists.stat.exists scale_tasks: - when: step|int == 1 tags: down