diff options
| -rw-r--r-- | group_vars/dev-cloud | 8 | ||||
| -rw-r--r-- | hosts | 29 | ||||
| -rw-r--r-- | roles/ssh-ldap/tasks/main.yml | 11 | ||||
| -rw-r--r-- | roles/ssh-ldap/templates/ldap.conf | 4 |
4 files changed, 52 insertions, 0 deletions
diff --git a/group_vars/dev-cloud b/group_vars/dev-cloud new file mode 100644 index 00000000..53288fd5 --- /dev/null +++ b/group_vars/dev-cloud @@ -0,0 +1,8 @@ +login_groups: + - dev-cloud-admins + +sudoers: + - andy.doan + - martin.stadtler + - christian.allen + - yazen.ghannam @@ -5,6 +5,35 @@ r1-maas-server.aus-colo.linaro.org r2-x86-1.aus-colo.linaro.org r3-x86-1.aus-colo.linaro.org +[aus-colo:children] +dev-cloud + +[dev-cloud] +r3-m1-c4 +r3-m1-c5 +r3-m1-c6 +r3-m1-c7 +r3-m1-c8 +r3-m1-c9 +r3-m1-c10 +r3-m1-c11 +r3-m1-c12 +r3-m1-c13 +r3-m1-c14 +r3-m1-c15 +r3-m1-c16 +r3-m1-c17 +r3-m1-c18 +r3-m1-c19 +r3-m1-c20 +r3-m1-c21 +r3-m1-c22 +r3-m1-c23 +r3-m1-c24 +r3-m1-c25 +r3-m1-c26 +r3-m1-c27 + [weblogs] weblogs.linaro.org diff --git a/roles/ssh-ldap/tasks/main.yml b/roles/ssh-ldap/tasks/main.yml index cc1ba17f..be5abade 100644 --- a/roles/ssh-ldap/tasks/main.yml +++ b/roles/ssh-ldap/tasks/main.yml @@ -17,6 +17,17 @@ - name: Configure ldap.conf template: src=ldap.conf dest=/etc/ +- name: LDAP symlinks for Debian systems + when: ansible_distribution == 'Debian' + file: src=/etc/ldap.conf dest=/etc/{{item}} state=link force=yes + with_items: + - pam_ldap.conf + - libnss-ldap.conf + +- name: Disable nscd for Debian + when: ansible_distribution == 'Debian' + service: name=nscd enabled=no state=stopped + - name: See if offline LDAP cache exists stat: path=/var/lib/misc/group.db register: cache diff --git a/roles/ssh-ldap/templates/ldap.conf b/roles/ssh-ldap/templates/ldap.conf index 2014b54c..3188114c 100644 --- a/roles/ssh-ldap/templates/ldap.conf +++ b/roles/ssh-ldap/templates/ldap.conf @@ -1,5 +1,9 @@ ## !!MANAGED BY ANSIBLE!! +{% if ansible_distribution == 'Debian' %} +TLS_REQCERT allow +{% endif %} + base {{ldap_base}} uri {{ldap_uri}} binddn {{ldap_binddn}} |