From 9566df9f564c88e343a19839974dbfd997ab6b80 Mon Sep 17 00:00:00 2001 From: Grzegorz Grasza Date: Wed, 29 Apr 2020 13:01:02 +0200 Subject: [PATCH] Add an option to disable the DNS record modification in FreeIPA This also fixes indentation so that it is the same as in stable/train branch. Change-Id: I3ad37fc2fc80c92970c569f3cd1d94833df0890c --- .../ipa/ipaservices-baremetal-ansible.yaml | 25 +++++++++++-------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/deployment/ipa/ipaservices-baremetal-ansible.yaml b/deployment/ipa/ipaservices-baremetal-ansible.yaml index 0c6b00146f..a35b496126 100644 --- a/deployment/ipa/ipaservices-baremetal-ansible.yaml +++ b/deployment/ipa/ipaservices-baremetal-ansible.yaml @@ -63,6 +63,10 @@ parameters: default: True description: Set to true to enroll the base server (computes, controllers) type: boolean + IdMModifyDNS: + default: True + description: Set to false to disable DNS records manipulation in the FreeIPA server. + type: boolean IdMZoneSplitIPv4: default: 1 description: The level by which the PTR DNS record is split when creating zones. @@ -96,6 +100,7 @@ outputs: vars: tripleo_ipa_ptr_zone_split_ipv4: {get_param: IdMZoneSplitIPv4} tripleo_ipa_ptr_zone_split_ipv6: {get_param: IdMZoneSplitIPv6} + when: {get_param: IdMModifyDNS} environment: IPA_HOST: {get_param: IdMServer} IPA_USER: "nova/{{ ansible_fqdn }}" @@ -121,17 +126,17 @@ outputs: path: /etc/ipa/default.conf register: ipa_conf_exists - block: - - name: register as an ipa client - import_role: - name: ipaclient - - name: restart certmonger service - systemd: - state: restarted - daemon_reload: true - name: certmonger.service + - name: register as an ipa client + import_role: + name: ipaclient + - name: restart certmonger service + systemd: + state: restarted + daemon_reload: true + name: certmonger.service when: - - idm_enroll_base_server|bool - - not ipa_conf_exists.stat.exists + - idm_enroll_base_server|bool + - not ipa_conf_exists.stat.exists scale_tasks: - when: step|int == 1 tags: down