History

Harry Rybacki 38ef0457f8 Ensure NSS package is updated for FreeIPA deploy There is an issue with older versions of NSS that will result in the CA server not launching and subsequently blowing up the FreeIPA deployment. The resulting logs do not clearly identify this package as the culprit. Change-Id: Ibb3b62253c1a1ae4f7fb56791619a84ce9f9042f		2019-12-11 15:33:55 -05:00
..
defaults	Add support for creating sub-CAs in FreeIPA role	2018-01-19 10:28:23 +00:00
meta	Adopt yamllint strict linting	2018-11-26 12:37:21 +00:00
tasks	Use shell when deploying FreeIPA	2018-01-16 11:33:57 +01:00
templates	Ensure NSS package is updated for FreeIPA deploy	2019-12-11 15:33:55 -05:00
README.md	Adapt code to newer code style (linters)	2018-11-16 12:42:51 +00:00

FreeIPA Setup

An Ansible role to setup a FreeIPA server

Requirements

This role requires a running host to deploy FreeIPA

freeipa_hostname: <'ipa.tripleodomain'> -- Hostname for the FreeIPA server
freeipa_ip: <'192.168.24.250'> -- IP for the FreeIPA server
directory_manager_password: -- Password for the directory manager
freeipa_admin_password: -- FreeIPA server admin password
undercloud_fqdn: <'undercloud.tripleodomain'> -- FQDN for the undercloud
provisioning_cidr: <'{{ freeipa_ip }}/24'> -- If set, it adds the given CIDR to the provisioning interface (which is hardcoded to eth1)
supplemental_user: The user which is used to deploy FreeIpa on the supplemental node
ipa_server_install_params: <''> -- Additional parameters to pass to the ipa-server-install command

Sample playbook to call the role

# Deploy the FreeIPA Server
- name:  Deploy FreeIPA
  hosts: freeipa_host
  gather_facts: false
  roles:
    - freeipa-setup