From 0a1463fdf9677e21af1115e73386a47d92eb0011 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Thu, 21 Jan 2021 20:17:43 +0100 Subject: [PATCH] Cleanup. --- tasks/nslcd-deb.yml | 69 ++++++++++++++++++++------------------------- 1 file changed, 31 insertions(+), 38 deletions(-) diff --git a/tasks/nslcd-deb.yml b/tasks/nslcd-deb.yml index b9e0e5e..b45009a 100644 --- a/tasks/nslcd-deb.yml +++ b/tasks/nslcd-deb.yml @@ -1,47 +1,40 @@ --- -- block: - - name: Install the packages required to enable the LDAP PAM authentication - apt: pkg={{ nslcd_deb_pkgs }} state=present update_cache=yes cache_valid_time=1800 +- name: Manage the nslcd installation and configuration + block: + - name: Install the packages required to enable the LDAP PAM authentication + apt: pkg={{ nslcd_deb_pkgs }} state=present cache_valid_time=1800 - - name: Install the pam ldap configuration. We cannot use the debian tools, they are broken on ubuntu in non interactive mode - copy: src={{ item }} dest=/etc/pam.d/{{ item }} - with_items: '{{ nslcd_ldap_map_common }}' - notify: - - Restart the NSLCD service - - Restart the NSCD service + - name: Install the pam ldap configuration. We cannot use the debian tools, they are broken on ubuntu in non interactive mode + copy: src={{ item }} dest=/etc/pam.d/{{ item }} + with_items: '{{ nslcd_ldap_map_common }}' + notify: + - Restart the NSLCD service + - Restart the NSCD service - - name: Create the ldap-auth-config directory - file: dest=/etc/auth-client-config/profile.d state=directory - notify: - - Restart the NSLCD service - - Restart the NSCD service + - name: Create the ldap-auth-config directory + file: dest=/etc/auth-client-config/profile.d state=directory + notify: + - Restart the NSLCD service + - Restart the NSCD service - - name: Install the ldap-auth-config file - copy: src=ldap-auth-config dest=/etc/auth-client-config/profile.d/ldap-auth-config - notify: - - Restart the NSLCD service - - Restart the NSCD service + - name: Install the ldap-auth-config file + copy: src=ldap-auth-config dest=/etc/auth-client-config/profile.d/ldap-auth-config + notify: + - Restart the NSLCD service + - Restart the NSCD service - - name: Install the nsswitch.conf file - copy: src=nsswitch.conf dest=/etc/nsswitch.conf - notify: - - Restart the NSLCD service - - Restart the NSCD service + - name: Install the nsswitch.conf file + copy: src=nsswitch.conf dest=/etc/nsswitch.conf + notify: + - Restart the NSLCD service + - Restart the NSCD service - - name: Install the nslcd configuration - template: src=nslcd.conf.j2 dest=/etc/nslcd.conf mode=0640 owner=root group=nslcd - notify: - - Restart the NSLCD service - - Restart the NSCD service - tags: [ 'ldap_client', 'nslcd', 'nslcd_conf' ] - - - name: Install a script that checks if the ldap authentication is working, and if not it restarts the ns(l)cd daemons - copy: src=check_ldap_users dest=/usr/local/bin/check_ldap_users owner=root group=root mode=0555 - tags: [ 'smartgears', 'r_connector', 'tomcat', 'r_connector_check_ldap' ] - - - name: Add a cron job that runs the ldap users check script - cron: name="check ldap users" job="/usr/local/bin/check_ldap_users" state=present user=root - tags: [ 'smartgears', 'r_connector', 'tomcat', 'r_connector_check_ldap' ] + - name: Install the nslcd configuration + template: src=nslcd.conf.j2 dest=/etc/nslcd.conf mode=0640 owner=root group=nslcd + notify: + - Restart the NSLCD service + - Restart the NSCD service + tags: [ 'ldap_client', 'nslcd', 'nslcd_conf' ] when: nslcd_install tags: [ 'ldap_client', 'nslcd' ]