Fixes for freeipa_setup.sh

We make the following changes in this review:
a) We only remove openstack-dashboard if it exists
   as the script fails otherwise

b) We differentiate between the set of packages that we install
   when using CentOS/RHEL7 and when using Centos/RHEL8
   This condition is needed because some packages do either not
   exist in RHEL8 or have changed names entirely.

c) We do not enable haveged unconditionally since it does not
   exist in rhel8 and we also do not remove ssl.conf unconditionally
   on rhel8 as that breaks things as well.

It is expected that the list for RHEL8 might change over time as
things get added (e.g. EPEL).

Change-Id: I10e082c0bc75677115364c055209344d1b094fec
This commit is contained in:
Michele Baldessari 2019-03-19 13:49:27 +01:00
parent 5859b3caed
commit 9b88439ebb

View File

@ -39,11 +39,20 @@ fi
echo "nameserver 8.8.8.8" >> /etc/resolv.conf echo "nameserver 8.8.8.8" >> /etc/resolv.conf
echo "nameserver 8.8.4.4" >> /etc/resolv.conf echo "nameserver 8.8.4.4" >> /etc/resolv.conf
yum -q -y remove openstack-dashboard if rpm -q openstack-dashboard; then
yum -q -y remove openstack-dashboard
fi
source /etc/os-release
# RHEL8.0 does not have epel yet
if [[ $VERSION_ID == 8* ]]; then
PKGS="ipa-server ipa-server-dns rng-tools git"
else
PKGS="ipa-server ipa-server-dns epel-release rng-tools mod_nss git haveged"
fi
# Install the needed packages # Install the needed packages
yum -q install -y ipa-server ipa-server-dns epel-release rng-tools mod_nss git yum -q install -y $PKGS
yum -q install -y haveged
# Prepare hostname # Prepare hostname
hostnamectl set-hostname --static $Hostname hostnamectl set-hostname --static $Hostname
@ -83,11 +92,13 @@ EOF
iptables-restore < freeipa-iptables-rules.txt iptables-restore < freeipa-iptables-rules.txt
# Entropy generation; otherwise, ipa-server-install will lag. # Entropy generation; otherwise, ipa-server-install will lag.
chkconfig haveged on if [[ $VERSION_ID != 8* ]]; then
systemctl start haveged chkconfig haveged on
systemctl start haveged
# Remove conflicting httpd configuration # Remove conflicting httpd configuration
rm -f /etc/httpd/conf.d/ssl.conf rm -f /etc/httpd/conf.d/ssl.conf
fi
# Set up FreeIPA # Set up FreeIPA
ipa-server-install -U -r `hostname -d|tr "[a-z]" "[A-Z]"` \ ipa-server-install -U -r `hostname -d|tr "[a-z]" "[A-Z]"` \