ansible
/
homelab
1
0
Fork 0
Code Issues 33 Pull Requests Projects 1 Releases Wiki Activity

Compare commits

base: ansible:b7c3a3af8a6a541044e54fb05fcf2678031c369c
Branches Tags
ansible:main
..
compare: ansible:592273fc5be406e0b07d16542b38faec658c59f2
Branches Tags
ansible:main

No commits in common. "b7c3a3af8a6a541044e54fb05fcf2678031c369c" and "592273fc5be406e0b07d16542b38faec658c59f2" have entirely different histories.
b7c3a3af8a ... 592273fc5b

4 changed files with 67 additions and 18 deletions
Show Stats Expand all files Collapse all files

26
roles/openldap/tasks/main.yml
View File

@ -6,22 +6,44 @@
loop:
- "{{ data_folder }}/openldap"
- "{{ data_folder }}/openldap/data"
- "{{ data_folder }}/openldap/slapd.d"
- "{{ data_folder }}/openldap/ldifs"
# - name: copy slapd.conf
# template:
# src: slapd.conf.j2
# dest: "{{ data_folder }}/openldap/slapd.d/slapd.conf"
# mode: '0755'
- name: copy user ldif
template:
src: lukas.ldif.j2
dest: "{{ data_folder }}/openldap/ldifs/lukas.ldif"
mode: '0755'
- name: run container
docker_container:
name: "openldap"
image: osixia/openldap
hostname: openldap
command: "--loglevel debug"
hostname: ldap.dev.local
networks:
# - name: bridge
- name: nginx-internal
ports:
- "389:389"
- "636:636"
volumes:
- "{{ data_folder }}/openldap/data:/var/lib/ldap"
- "{{ data_folder }}/openldap/slapd.d:/etc/ldap/slapd.d"
- "{{ data_folder }}/openldap/ldifs:/container/service/slapd/assets/config/bootstrap/ldif/custom"
env:
LDAP_ORGANISATION: "Homelab"
LDAP_DOMAIN: "kucharczyk.xyz"
LDAP_ADMIN_PASSWORD: "{{ vault_openldap_admin_password }}"
LDAP_REMOVE_CONFIG_AFTER_SETUP: "false"
LDAP_ADMIN_PASSWORD: !vault |
$ANSIBLE_VAULT;1.1;AES256
35623735376134353839323136623133393035343162363366643632376262393539653736326431
6635373265313033653861393463633835333639346239650a303463323063373866316162616131
66356335346631386265363462353034393735366430636634643466376435313638303938363363
3838396139663964300a633931303135376566633363303336373937373138643564636263656233
6239
state: started
restart: yes

14
roles/openldap/templates/lukas.ldif.j2 Normal file
View File

@ -0,0 +1,14 @@
dn: uid=lukas,dc=kucharczyk,dc=xyz
uid: lukas
cn: lukas
givenName: Lukas
sn: Kucharczyk
objectClass: top
objectClass: posixAccount
objectClass: inetOrgPerson
loginShell: /bin/bash
homeDirectory: /home/lukas
uidNumber: 1000
gidNumber: 1000
userPassword: {SSHA}zsJllCeWKbz1we+L/gu/yt0hxeBdvJfT
mail: lukas@kucharczyk.xyz

16
roles/openldap/templates/slapd.conf.j2 Normal file
View File

@ -0,0 +1,16 @@
# default config from /etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
pidfile /run/openldap/slapd.pid
argsfile /run/openldap/slapd.args
# custom config
allow bind_anon_dn
access to attrs=userPassword by * auth
access to * by * read
loglevel 256
database mdb
suffix "dc=kucharczyk, dc=xyz"
rootdn "cn=admin, dc=kucharczyk, dc=xyz"
rootpw {SSHA}sgIeW4kyz3t0OyfZ1IZjzEDDb31JI3xK
directory /var/lib/ldap

29
vault/passwords.yml
View File

@ -1,17 +1,14 @@
$ANSIBLE_VAULT;1.1;AES256
65653231333939666430306463383836633664623438373661666234343165633864353934663563
3335396466623862353633363264373666353036623134360a356438636230613139633264373265
36643231356335653261616238613266306165616363643763356234363537616138353831383064
3436353361333263330a313361306236626164343261363432343762313361636338333165376238
38666336356361613930316536323338653338353666666162666333636261373866653934626536
31643931343338383039616261616130613763383737313037303163366263623066633031646630
35373436646635613665343038363931396630653264633964646434346534393531333163643836
62323634643537363365313662363766373436633262336339643734613732663832326133363434
38643434326266373638366262386162666661383232383965613536663239336361623861613161
32313439653132353434316563633638353164626236633766313864343036353562303163373335
39653437623132623635363266353636613130666363353633366134663638346263643134383762
37316631313437646232326237313436353732333065363666316364373336396135396238363562
39633163316532616564366632303965316362653066613536316461643237373834316136383865
64353238643638623832656463333563633838633931636166323335336662636362643466303566
31333962656530326664636562343738393864613561333734333134386263356533373664666666
66373538393037373761
32656133366339323166343734353434356561306461363033383266373733646161323166353438
3537666138666438373366353530626339303866353162340a386539353333323835383237356566
66636133383662333334396162323637393335336463316235386334353930616238623133613636
6535613536633662340a386333373465613466303137643232356664363233326561653235656263
63316130346236376235623632356364353538306439616362313837303438363736316137346237
36623333643062626532383439663730653139633836613636343232323437643564643531336661
34386135386437656135616536356538663731336261393636396562666337616462323330623732
65363536383238376166393563636532353336306335613131653261333662613965633265333462
30353564316435636330623434623832623463336231393630616266336435646434303963353665
63616631313863303838613362343538663236656235353966306231643132633938373935646466
63333036376136353831653236663631343761303830336461326264316563643037363935623731
38393037396530346232656366626535363539653462393663653739653935376436333934616562
3931