194 lines
5.6 KiB
YAML
194 lines
5.6 KiB
YAML
|
- hosts: '{{ variable_host | default("lab15_standard") }}'
|
||
|
|
gather_facts: no
|
||
|
|
become: yes
|
||
|
|
tasks:
|
||
|
|
- name: Install dependencies to LDAP and autofs
|
||
|
|
apt:
|
||
|
|
pkg:
|
||
|
|
- ssh
|
||
|
|
- openssh-server
|
||
|
|
- nscd
|
||
|
|
- autofs
|
||
|
|
- autofs-ldap
|
||
|
|
- libpam-ldap
|
||
|
|
- ldap-utils
|
||
|
|
- libnss-ldap
|
||
|
|
|
||
|
|
- name: /etc/ldap.conf set base dc=root,dc=kcir,dc=pwr,dc=edu,dc=pl
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/ldap.conf
|
||
|
|
regexp: 'base dc'
|
||
|
|
line: 'base dc=root,dc=kcir,dc=pwr,dc=edu,dc=pl'
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: /etc/ldap.conf set uri ldap://whitney.kcir.pwr.edu.pl/
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/ldap.conf
|
||
|
|
regexp: 'ldapi'
|
||
|
|
line: 'uri ldap://whitney.kcir.pwr.edu.pl/'
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: /etc/ldap.conf set ldap_version 3
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/ldap.conf
|
||
|
|
regexp: 'ldap_version'
|
||
|
|
line: 'ldap_version 3'
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: /etc/ldap.conf set binddn cn=ldap,dc=kcir,dc=pwr,dc=edu,dc=pl
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/ldap.conf
|
||
|
|
regexp: 'binddn cn'
|
||
|
|
line: 'binddn cn=ldap,dc=kcir,dc=pwr,dc=edu,dc=pl'
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: /etc/ldap.conf set bindpw .1kcir1.
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/ldap.conf
|
||
|
|
regexp: 'bindpw'
|
||
|
|
line: 'bindpw .1kcir1.'
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: /etc/ldap.conf set ssl start_tls
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/ldap.conf
|
||
|
|
regexp: 'ssl start_tls'
|
||
|
|
line: 'ssl start_tls'
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: /etc/nsswitch.conf automount files ldap
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/nsswitch.conf
|
||
|
|
line: "automount:\tfiles ldap"
|
||
|
|
|
||
|
|
- name: /etc/nsswitch.conf passwd files systemd ldap
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/ldap.conf
|
||
|
|
regexp: 'passwd:'
|
||
|
|
line: "passwd:\tfiles systemd ldap"
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: /etc/nsswitch.conf group files systemd ldap
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/ldap.conf
|
||
|
|
regexp: 'group:'
|
||
|
|
line: "group:\tfiles systemd ldap"
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: /etc/nsswitch.conf shadow files ldap
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/ldap.conf
|
||
|
|
regexp: 'shadow:'
|
||
|
|
line: "shadow:\tfiles ldap"
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: Set /etc/autofs.conf ldap_uri = "ldap://whitney.kcir.pwr.edu.pl/"
|
||
|
|
ini_file:
|
||
|
|
path: /etc/autofs.conf
|
||
|
|
section: autofs
|
||
|
|
option: ldap_uri
|
||
|
|
value: '"ldap://whitney.kcir.pwr.edu.pl/"'
|
||
|
|
|
||
|
|
- name: Set /etc/autofs.conf search_base = "dc=kcir,dc=pwr,dc=edu,dc=pl"
|
||
|
|
ini_file:
|
||
|
|
path: /etc/autofs.conf
|
||
|
|
section: autofs
|
||
|
|
option: search_base
|
||
|
|
value: dc=kcir,dc=pwr,dc=edu,dc=pl
|
||
|
|
|
||
|
|
- name: Set /etc/autofs_ldap_auth.conf usetls
|
||
|
|
xml:
|
||
|
|
path: /etc/autofs_ldap_auth.conf
|
||
|
|
xpath: /autofs_ldap_sasl_conf
|
||
|
|
attribute: usetls
|
||
|
|
value: 'yes'
|
||
|
|
state: present
|
||
|
|
|
||
|
|
- name: Set /etc/autofs_ldap_auth.conf tlsrequired
|
||
|
|
xml:
|
||
|
|
path: /etc/autofs_ldap_auth.conf
|
||
|
|
xpath: /autofs_ldap_sasl_conf
|
||
|
|
attribute: tlsrequired
|
||
|
|
value: 'yes'
|
||
|
|
state: present
|
||
|
|
|
||
|
|
- name: Set /etc/autofs_ldap_auth.conf authrequired
|
||
|
|
xml:
|
||
|
|
path: /etc/autofs_ldap_auth.conf
|
||
|
|
xpath: /autofs_ldap_sasl_conf
|
||
|
|
attribute: authrequired
|
||
|
|
value: simple
|
||
|
|
state: present
|
||
|
|
|
||
|
|
- name: Set /etc/autofs_ldap_auth.conf user
|
||
|
|
xml:
|
||
|
|
path: /etc/autofs_ldap_auth.conf
|
||
|
|
xpath: /autofs_ldap_sasl_conf
|
||
|
|
attribute: user
|
||
|
|
value: cn=ldap,dc=kcir,dc=pwr,dc=edu,dc=pl
|
||
|
|
state: present
|
||
|
|
|
||
|
|
- name: Set /etc/autofs_ldap_auth.conf secret
|
||
|
|
xml:
|
||
|
|
path: /etc/autofs_ldap_auth.conf
|
||
|
|
xpath: /autofs_ldap_sasl_conf
|
||
|
|
attribute: secret
|
||
|
|
value: .1kcir1.
|
||
|
|
state: present
|
||
|
|
|
||
|
|
- name: make /etc/auto.home
|
||
|
|
file:
|
||
|
|
path: /etc/auto.home
|
||
|
|
state: touch
|
||
|
|
|
||
|
|
|
||
|
|
- name: /etc/auto.home lab localhost:/export/home/lab
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/auto.home
|
||
|
|
line: "lab\tlocalhost:/export/home/lab"
|
||
|
|
|
||
|
|
- name: /etc/auto.home student localhost:/export/home/student
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/auto.home
|
||
|
|
line: "student\tlocalhost:/export/home/student"
|
||
|
|
|
||
|
|
- name: /etc/auto.home +auto.home
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/auto.home
|
||
|
|
line: '+auto.home'
|
||
|
|
|
||
|
|
- name: /etc/auto.master /home auto.home
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/auto.master
|
||
|
|
line: "/home\tauto.home"
|
||
|
|
|
||
|
|
- name: mkdir mkdir -p /export/home
|
||
|
|
file:
|
||
|
|
path: /export/home
|
||
|
|
state: directory
|
||
|
|
|
||
|
|
- name: mv /home/* /export/home/
|
||
|
|
copy:
|
||
|
|
remote_src: true
|
||
|
|
src: /home/
|
||
|
|
dest: /export/home
|
||
|
|
owner: lab
|
||
|
|
group: lab
|
||
|
|
|
||
|
|
- name: Create folder /etc/systemd/system/systemd-logind.service.d/
|
||
|
|
file:
|
||
|
|
path: /etc/systemd/system/systemd-logind.service.d/
|
||
|
|
state: directory
|
||
|
|
|
||
|
|
- name: Create file /etc/systemd/system/systemd-logind.service.d/override.conf
|
||
|
|
copy:
|
||
|
|
dest: /etc/systemd/system/systemd-logind.service.d/override.conf
|
||
|
|
content: |
|
||
|
|
[Service]
|
||
|
|
RestrictAddressFamilies=AF_INET
|
||
|
|
IPAddressAllow=156.17.9.28
|
||
|
|
|
||
|
|
#FSTAB overlay /export/home/student overlay lowerdir=/export/home/student.base,upperdir=/export/home/student.upper,workdir=/export/home/student.work 0 0
|
||
|
|
|
||
|
|
|
||
|
|
#resolv.conf
|