openstack
/
tripleo-quickstart-extras
Code Issues Proposed changes
tripleo-quickstart-extras/roles/freeipa-setup/tasks/main.yml

48 lines
2.0 KiB
YAML
Raw Blame History

---
- block:
- name: Set FreeIPA admin password
set_fact:
freeipa_admin_password: "{{ lookup('pipe','uuidgen') }}"
cacheable: true
when: freeipa_admin_password is not defined
- name: Set directory manager password
set_fact:
directory_manager_password: "{{ lookup('pipe','uuidgen') }}"
cacheable: true
when: directory_manager_password is not defined
- name: Create FreeIPA deployment script
template:
src: deploy_freeipa.sh.j2
dest: "~{{ supplemental_user }}/deploy_freeipa.sh"
mode: 0744
# This can be removed once rhbz#1892216 is fixed and released
# (in launchpad #1902478)
# We need to install openjdk beforehand (as it is installed by the freeipa)
# script and then downgrade it in case the version is the known broken one
- name: Workaround for newer JDK breaking FreeIPA
become: true
shell: |
set -e
dnf install -y 'dnf-command(versionlock)'
export NODEPOOL_CENTOS_MIRROR={{ lookup('env','NODEPOOL_CENTOS_MIRROR')|default('http://mirror.centos.org/centos', true) }}
curl -O $NODEPOOL_CENTOS_MIRROR/8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64.rpm
curl -O $NODEPOOL_CENTOS_MIRROR/8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-headless-1.8.0.265.b01-0.el8_2.x86_64.rpm
curl -O $NODEPOOL_CENTOS_MIRROR/8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-devel-1.8.0.265.b01-0.el8_2.x86_64.rpm
dnf install -y java-1.8.0-openjdk*rpm
dnf versionlock add java-1.8.0-openjdk java-1.8.0-openjdk-headless java-1.8.0-openjdk-devel
dnf versionlock list > /var/log/versionlock.log
when: ansible_distribution_major_version is version('8', '>=')
- name: Deploy FreeIPA
become: true
shell: "~{{ supplemental_user }}/deploy_freeipa.sh &> ~{{ supplemental_user }}/deploy_freeipa.log"
- include: ipa_prep.yml
when: enable_tls_everywhere|bool and prepare_ipa|bool and not undercloud_enable_novajoin|bool
tags:
- undercloud-install
View Git Blame Copy Permalink