From 3d0212e7a2e69db9f45e82627037e0703294c976 Mon Sep 17 00:00:00 2001 From: Webster Mudge Date: Thu, 7 Aug 2025 15:24:56 -0400 Subject: [PATCH] Fix FreeIPA server packages override Signed-off-by: Webster Mudge --- roles/freeipa_server/README.md | 2 +- roles/freeipa_server/defaults/main.yml | 3 ++- roles/freeipa_server/handlers/main.yml | 1 + roles/freeipa_server/meta/argument_specs.yml | 3 ++- roles/freeipa_server/molecule/default/converge.yml | 1 + roles/freeipa_server/molecule/default/create.yml | 7 ++++--- roles/freeipa_server/molecule/default/destroy.yml | 5 +++-- roles/freeipa_server/molecule/default/molecule.yml | 1 + roles/freeipa_server/molecule/default/prepare.yml | 1 + roles/freeipa_server/molecule/default/requirements.yml | 1 + roles/freeipa_server/molecule/default/verify.yml | 1 + roles/freeipa_server/tasks/main.yml | 7 ++++--- 12 files changed, 22 insertions(+), 11 deletions(-) diff --git a/roles/freeipa_server/README.md b/roles/freeipa_server/README.md index a1a41867..42ba4735 100644 --- a/roles/freeipa_server/README.md +++ b/roles/freeipa_server/README.md @@ -24,7 +24,7 @@ None. ```yaml - name: Install FreeIPA server for DNS, Kerberos, TLS, and LDAP. ansible.builtin.import_role: - name: freeipa_server + name: cloudera.exe.freeipa_server vars: ipaserver_forwarders: [ "1.1.1.1" ] ipaserver_cidr: [ "10.0.0.1/20" ] diff --git a/roles/freeipa_server/defaults/main.yml b/roles/freeipa_server/defaults/main.yml index 487b9a38..1a7e9310 100644 --- a/roles/freeipa_server/defaults/main.yml +++ b/roles/freeipa_server/defaults/main.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -12,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -# ipaserver_packages: [] +# freeipa_server_packages: [] ipaserver_domain: "{{ undef(hint='Please define the DNS domain') }}" ipaserver_realm: "{{ undef(hint='Please define the Kerberos realm') }}" diff --git a/roles/freeipa_server/handlers/main.yml b/roles/freeipa_server/handlers/main.yml index e61120b8..e5562a5c 100644 --- a/roles/freeipa_server/handlers/main.yml +++ b/roles/freeipa_server/handlers/main.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_server/meta/argument_specs.yml b/roles/freeipa_server/meta/argument_specs.yml index efacd677..a70577d0 100644 --- a/roles/freeipa_server/meta/argument_specs.yml +++ b/roles/freeipa_server/meta/argument_specs.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -20,7 +21,7 @@ argument_specs: Optionally, install the FreeIPA server packages. author: Cloudera Labs options: - ipaserver_packages: + freeipa_server_packages: description: - List of FreeIPA packages to install. - If not defined, the role will default to the packages defined in the C(freeipa.ansible_freeipa.ipaserver) role. diff --git a/roles/freeipa_server/molecule/default/converge.yml b/roles/freeipa_server/molecule/default/converge.yml index b97e7c6c..7dd10fc1 100644 --- a/roles/freeipa_server/molecule/default/converge.yml +++ b/roles/freeipa_server/molecule/default/converge.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_server/molecule/default/create.yml b/roles/freeipa_server/molecule/default/create.yml index 132438bf..41583e5e 100644 --- a/roles/freeipa_server/molecule/default/create.yml +++ b/roles/freeipa_server/molecule/default/create.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -25,7 +26,7 @@ run_config_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/run-config.yml" run_config_from_file: "{{ (lookup('file', run_config_path, errors='ignore') or '{}') | from_yaml }}" - run_config: '{{ default_run_config | combine(run_config_from_file) }}' + run_config: "{{ default_run_config | combine(run_config_from_file) }}" # Platform settings handling default_assign_public_ip: true @@ -38,7 +39,7 @@ default_public_key_path: "{{ default_private_key_path }}.pub" default_ssh_user: ansible default_ssh_port: 22 - default_user_data: '' + default_user_data: "" default_security_group_name: "molecule-{{ run_config.run_id }}" default_security_group_description: Ephemeral security group for Molecule instances @@ -123,7 +124,7 @@ - platform.vpc_id is string - platform.vpc_subnet_id is string and platform.vpc_subnet_id | length > 0 quiet: true - loop: '{{ platforms }}' + loop: "{{ platforms }}" loop_control: loop_var: platform label: "{{ platform.name }}" diff --git a/roles/freeipa_server/molecule/default/destroy.yml b/roles/freeipa_server/molecule/default/destroy.yml index fb95a201..a090fe0b 100644 --- a/roles/freeipa_server/molecule/default/destroy.yml +++ b/roles/freeipa_server/molecule/default/destroy.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -25,7 +26,7 @@ run_config_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/run-config.yml" run_config_from_file: "{{ (lookup('file', run_config_path, errors='ignore') or '{}') | from_yaml }}" - run_config: '{{ default_run_config | combine(run_config_from_file) }}' + run_config: "{{ default_run_config | combine(run_config_from_file) }}" # Platform settings handling default_aws_profile: "{{ lookup('env', 'AWS_PROFILE') }}" @@ -69,7 +70,7 @@ - platform.vpc_id is string - platform.vpc_subnet_id is string and platform.vpc_subnet_id | length > 0 quiet: true - loop: '{{ platforms }}' + loop: "{{ platforms }}" loop_control: loop_var: platform label: "{{ platform.name }}" diff --git a/roles/freeipa_server/molecule/default/molecule.yml b/roles/freeipa_server/molecule/default/molecule.yml index d01a7908..5183e280 100644 --- a/roles/freeipa_server/molecule/default/molecule.yml +++ b/roles/freeipa_server/molecule/default/molecule.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_server/molecule/default/prepare.yml b/roles/freeipa_server/molecule/default/prepare.yml index 9f074ab2..33487f40 100644 --- a/roles/freeipa_server/molecule/default/prepare.yml +++ b/roles/freeipa_server/molecule/default/prepare.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_server/molecule/default/requirements.yml b/roles/freeipa_server/molecule/default/requirements.yml index 6464be94..1779da38 100644 --- a/roles/freeipa_server/molecule/default/requirements.yml +++ b/roles/freeipa_server/molecule/default/requirements.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_server/molecule/default/verify.yml b/roles/freeipa_server/molecule/default/verify.yml index caf63257..7d54baf5 100644 --- a/roles/freeipa_server/molecule/default/verify.yml +++ b/roles/freeipa_server/molecule/default/verify.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/roles/freeipa_server/tasks/main.yml b/roles/freeipa_server/tasks/main.yml index 3ae94930..38f65efb 100644 --- a/roles/freeipa_server/tasks/main.yml +++ b/roles/freeipa_server/tasks/main.yml @@ -1,3 +1,4 @@ +--- # Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -36,11 +37,11 @@ net.ipv6.conf.lo.disable_ipv6: 0 - name: Install defined FreeIPA server packages - when: ipaserver_packages is defined + when: freeipa_server_packages is defined ansible.builtin.package: name: "{{ __ipa_package }}" state: present - loop: "{{ ipaserver_packages }}" + loop: "{{ freeipa_server_packages }}" loop_control: loop_var: __ipa_package @@ -51,7 +52,7 @@ state: present ipaserver_hostname: "{{ inventory_hostname }}" # ipaserver_no_host_dns: yes # redundant with ipaserver_setup_dns - ipaserver_install_packages: "{{ (ipaserver_packages is undefined) | ternary('true', 'false') }}" + ipaserver_install_packages: "{{ freeipa_server_packages is undefined }}" ipaserver_setup_firewalld: false ipaserver_setup_dns: true ipaserver_auto_reverse: true