verdnatura/vn-ansible
verdnatura
/
vn-ansible
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

refs #8142: Split tasks using the new main_ad variable

This commit is contained in:
Xavi Lleó 2025-01-16 16:11:25 +01:00
parent 0283612eb4
commit e460ddba6b
1 changed files with 50 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
roles/services/tasks/adsamba.yml
View File

@ -38,21 +38,12 @@
block: | block: |
{{ ip_serverad | default(ansible_default_ipv4.address) }} {{ ansible_facts['hostname'] }}.{{ domain }}.{{ resolv_domain }} {{ realm }} {{ ip_serverad | default(ansible_default_ipv4.address) }} {{ ansible_facts['hostname'] }}.{{ domain }}.{{ resolv_domain }} {{ realm }}
- name: Check if metadata.tdb exists and is not empty - name: Check if metadata.tdb exists
stat: stat:
path: /var/lib/samba/private/sam.ldb.d/metadata.tdb path: /var/lib/samba/private/sam.ldb.d/metadata.tdb
register: metadata_tdb register: metadata_tdb
- name: Register domain existence - when: metadata_tdb.stat.exists is false
set_fact:
domain_exists: >-
{{
('samba-ad-provision' in ansible_facts.packages or
'samba-ad-dc' in ansible_facts.packages) and
(metadata_tdb.stat.exists and metadata_tdb.stat.size > 0)
}}
- when: "not domain_exists"
block: block:
- name: Force remove smb.conf file - name: Force remove smb.conf file
@ -61,7 +52,9 @@
state: absent state: absent
force: yes force: yes
- name: Join domain - when: main_ad is true
block:
- name: Provision domain
command: command:
cmd: samba-tool domain provision --realm="{{ realm }}" --domain="{{ domain }}" --dns-backend=SAMBA_INTERNAL --server-role=dc --use-rfc2307 cmd: samba-tool domain provision --realm="{{ realm }}" --domain="{{ domain }}" --dns-backend=SAMBA_INTERNAL --server-role=dc --use-rfc2307
register: domain_join register: domain_join
@ -70,23 +63,6 @@
debug: debug:
msg: "{{ domain_join.stderr_lines[-6:] }}" msg: "{{ domain_join.stderr_lines[-6:] }}"
- name: Copy Kerberos configuration
copy:
src: /var/lib/samba/private/krb5.conf
dest: /etc/krb5.conf
remote_src: true
owner: root
group: root
mode: '0644'
when: domain_join.changed
- name: Enable and start Samba AD DC service
systemd:
name: samba-ad-dc
state: started
enabled: yes
when: domain_join.changed
- name: Extracting variables - name: Extracting variables
no_log: true no_log: true
set_fact: set_fact:
@ -118,6 +94,29 @@
value: '{{ name_ad }}.{{ realm }}.' value: '{{ name_ad }}.{{ realm }}.'
state: present state: present
- when: main_ad is false
block:
- name: Join domain
debug:
msg:
- "metadata_tdb: {{ metadata_tdb }}"
- "main_ad: {{ main_ad }}"
- name: Copy Kerberos configuration
copy:
src: /var/lib/samba/private/krb5.conf
dest: /etc/krb5.conf
remote_src: true
owner: root
group: root
mode: '0644'
- name: Enable and start Samba AD DC service
systemd:
name: samba-ad-dc
state: started
enabled: yes
- name: Disable Samba client services and mask them - name: Disable Samba client services and mask them
systemd: systemd:
name: "{{ item }}" name: "{{ item }}"