Skip to content
Permalink
96f415e4a4
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

comanage-registry-training-ansible/roles/training/tasks/main.yml

Go to file
 
 
Cannot retrieve contributors at this time
175 lines (155 sloc) 4.64 KB
Raw Blame
---
- name: Add training user to Docker group
user:
name: training
groups: docker
append: yes
- name: Add training user to sudo group
user:
name: training
groups: sudo
append: yes
- name: Install convenience packages
ansible.builtin.apt:
pkg:
- emacs
- nano
state: present
- name: Create volume mount point directories
file:
path: "{{ item }}"
state: directory
mode: '0755'
loop:
- /srv/docker/srv/comanage-registry/local
- /srv/docker/var/lib/ldap
- /srv/docker/var/lib/mysql
- /srv/docker/etc/ldap/slapd.d
- /srv/docker/etc/shibboleth
- /srv/docker/etc/apache2/sites-available
- /srv/docker/etc/httpd/conf.d
- /srv/docker/ldif
- name: Copy service stack file
copy:
src: comanage-registry-stack.yml
dest: /home/training/comanage-registry-stack.yml
owner: training
group: training
mode: '0644'
# Do not overwrite an existing file even if it has been
# modified.
force: "{{ force_update_stack_file }}"
tags:
- update_stack_file
- name: Create userPassword hash for LDIF input file
command:
argv:
- "/usr/sbin/slappasswd"
- "-c"
- "$6$rounds=5000$%.86s"
- "-s"
- "{{ comanage_training_password }}"
delegate_to: localhost
register: slappasswd_out
tags:
- update_structure_ldif_file
- name: Record userPassword hash for LDIF input file
set_fact:
comanage_training_password_hash: "{{ slappasswd_out.stdout }}"
tags:
- update_structure_ldif_file
- name: Copy structure LDIF input file
template:
src: config-always-01.ldif
dest: /srv/docker/ldif/config-always-01.ldif
owner: root
group: root
mode: '0644'
force: "{{ force_update_structure_ldif_file }}"
tags:
- update_structure_ldif_file
- name: Copy olcAccess LDIF input file
copy:
src: config-always-all-olcAccess.ldif
dest: /srv/docker/ldif/config-always-all-olcAccess.ldif
owner: root
group: root
mode: '0644'
- name: Create secret olc_root_pw
community.general.docker_secret:
name: olc_root_pw
data: "{{ comanage_training_password_hash }}"
state: present
- name: Create secret olc_root_dn_password
community.general.docker_secret:
name: olc_root_dn_password
data: "{{ comanage_training_password }}"
state: present
- name: Create secret comanage_registry_email_account_password
community.general.docker_secret:
name: comanage_registry_email_account_password
data: "{{ comanage_registry_email_account_password }}"
state: present
- name: Create secret shibboleth_sp_encrypt_cert
community.general.docker_secret:
name: shibboleth_sp_encrypt_cert
data: "{{ shibboleth_sp_encrypt_cert }}"
state: present
- name: Create secret shibboleth_sp_encrypt_privkey
community.general.docker_secret:
name: shibboleth_sp_encrypt_privkey
data: "{{ shibboleth_sp_encrypt_privkey }}"
state: present
- name: Create secret shibboleth_sp_signing_cert
community.general.docker_secret:
name: shibboleth_sp_signing_cert
data: "{{ shibboleth_sp_signing_cert }}"
state: present
- name: Create secret shibboleth_sp_signing_privkey
community.general.docker_secret:
name: shibboleth_sp_signing_privkey
data: "{{ shibboleth_sp_signing_privkey }}"
state: present
- name: Copy Shibboleth SP configuration files
copy:
src: "{{ item }}"
dest: "/srv/docker/etc/shibboleth/{{ item }}"
owner: root
group: root
mode: '0644'
loop:
- shibboleth2.xml
- attribute-map.xml
- name: Copy Shibboleth SP metadata file
template:
src: idp-metadata.xml
dest: "/srv/docker/etc/shibboleth/idp-metadata.xml"
owner: root
group: root
mode: '0644'
- name: Copy Apache configuration file
template:
src: 000-comanage.conf
#dest: /srv/docker/etc/apache2/sites-available/000-comanage.conf
dest: /srv/docker/etc/httpd/conf.d/000-comanage.conf
owner: root
group: root
mode: '0644'
- name: Copy registar FileSource CSV input file
copy:
src: registrar.csv
dest: /srv/docker/srv/comanage-registry/local/registrar.csv
owner: root
group: root
mode: '0644'
tags:
- update_csv
- name: Copy human resources FileSource CSV input file
copy:
src: hr.csv
dest: /srv/docker/srv/comanage-registry/local/hr.csv
owner: root
group: root
mode: '0644'
tags:
- update_csv