mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-03-20 03:57:02 +08:00
462176464b
Replaces many references to command: with ansible.builtin.command Signed-off-by: Ryan Lerch <rlerch@redhat.com>
42 lines
1.5 KiB
YAML
42 lines
1.5 KiB
YAML
---
|
|
## This will only run once per play (as per `main.yml`), so needs to consider all affected hosts.
|
|
|
|
## Cluster-wide rules
|
|
|
|
# This is supposed to fail if a configured group doesn't exist. In this case, either add the group
|
|
# manually or remove the reference from configuration.
|
|
|
|
- name: Check that sysadmin-main and referenced groups exist on IPA server(s)
|
|
delegate_to: "{{ item[0] }}"
|
|
ansible.builtin.command: "getent group {{ item[1] }}"
|
|
changed_when: false
|
|
loop: >-
|
|
{{
|
|
(ipa_server_user_groups | default([]))
|
|
+ (ipa_server_all_groups_hosts_dict | default({}) | list | product(['sysadmin-main']) | list)
|
|
}}
|
|
when: ipa_server_user_groups is defined or ipa_server_all_groups_hosts_dict is defined
|
|
|
|
## Rules specific to hosts, host groups
|
|
|
|
- name: Ensure IPA host groups exist on IPA server(s)
|
|
delegate_to: "{{ item[0] }}"
|
|
ipahostgroup:
|
|
name: "{{ item[1] }}"
|
|
description: "{{ ipa_server_host_groups_dict[item[1]].desc | default(omit) }}"
|
|
ipaadmin_password: "{{ ipa_server_admin_passwords[item[0]] }}"
|
|
state: present
|
|
loop: "{{ ipa_server_host_groups }}"
|
|
when: ipa_server_host_groups is defined
|
|
|
|
- name: Ensure hosts are in IPA host groups
|
|
delegate_to: "{{ item[0] }}"
|
|
ipahostgroup:
|
|
name: "{{ item[1] }}"
|
|
ipaadmin_password: "{{ ipa_server_admin_passwords[item[0]] }}"
|
|
action: member
|
|
state: present
|
|
host: "{{ item[2] | list | sort }}"
|
|
loop: "{{ ipa_server_host_groups_hosts }}"
|
|
when: ipa_server_host_groups_hosts is defined
|