Merge branch 'develop' of Linux-Help/cookbook-freeipa into master
This commit is contained in:
commit
d3bd16a369
2 changed files with 17 additions and 10 deletions
|
@ -4,7 +4,7 @@ maintainer_email 'psi-jack@linux-help.org'
|
|||
license 'GPLv3'
|
||||
description 'Installs/Configures freeipa'
|
||||
long_description 'Installs/Configures freeipa'
|
||||
version '0.1.3'
|
||||
version '0.1.4'
|
||||
|
||||
depends 'ohai'
|
||||
depends 'chef-vault'
|
||||
|
|
|
@ -17,6 +17,8 @@
|
|||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe 'chef-vault'
|
||||
|
||||
node.set[:freeipa][:client] = true
|
||||
|
||||
# become aware servers
|
||||
|
@ -38,17 +40,22 @@ unless freeipa_servers.empty? then
|
|||
action [:enable,:start]
|
||||
end
|
||||
|
||||
passwords = chef_vault_item(:freeipa, 'passwords')
|
||||
|
||||
#### Join node to freeipa 'domain'
|
||||
# configures kerberos client to point to kdc on freeipa::server
|
||||
# configures ldap to look up posix information via sssd/nss
|
||||
execute "joining freeipa client to domain" do
|
||||
not_if "ls /var/lib/ipa-client/sysrestore/sysrestore.index"
|
||||
cmd = "ipa-client-install -U"
|
||||
not_if { File.exist?("/var/lib/ipa-client/sysrestore/sysrestore.index") }
|
||||
cmd = "ipa-client-install"
|
||||
cmd += " --server " + freeipa_masters[0][:fqdn]
|
||||
cmd += " --domain " + node[:domain]
|
||||
cmd += " --realm " + node[:domain].upcase
|
||||
cmd += " --mkhomedir --unattended"
|
||||
cmd += " -p admin -w " + passwords['ldap_server_admin_pwd']
|
||||
sensitive true
|
||||
command cmd
|
||||
ignore_failure true
|
||||
#ignore_failure true
|
||||
end
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue