rpms/ansible-freeipa
5
0
Fork 0
Code Issues Pull Requests Releases Activity

import ansible-freeipa-0.1.12-1.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-07-28 07:57:13 -04:00 committed by Stepan Oksanichenko
parent 554ced202f
commit 5b8c0616b9
3 changed files with 96 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.ansible-freeipa.metadata
View File

@ -1 +1 @@
583ac570c030eb68a2026a506054f2f93587beb4 SOURCES/ansible-freeipa-0.1.8.tar.gz 5d09d3b590e8568d04edb288c9c515e308f3168f SOURCES/ansible-freeipa-0.1.12.tar.gz

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/ansible-freeipa-0.1.8.tar.gz SOURCES/ansible-freeipa-0.1.12.tar.gz

105
SPECS/ansible-freeipa.spec
View File

@ -5,7 +5,7 @@
Summary: Roles and playbooks to deploy FreeIPA servers, replicas and clients Summary: Roles and playbooks to deploy FreeIPA servers, replicas and clients
Name: ansible-freeipa Name: ansible-freeipa
Version: 0.1.8 Version: 0.1.12
Release: 1%{?dist} Release: 1%{?dist}
URL: https://github.com/freeipa/ansible-freeipa URL: https://github.com/freeipa/ansible-freeipa
License: GPLv3+ License: GPLv3+
@ -16,7 +16,8 @@ BuildArch: noarch
%description %description
ansible-freeipa provides Ansible roles and playbooks to install and uninstall ansible-freeipa provides Ansible roles and playbooks to install and uninstall
FreeIPA servers, replicas and clients. FreeIPA servers, replicas and clients. Also modules for group, host, topology
and user management.
Note: The ansible playbooks and roles require a configured ansible environment Note: The ansible playbooks and roles require a configured ansible environment
where the ansible nodes are reachable and are properly set up to have an IP where the ansible nodes are reachable and are properly set up to have an IP
@ -28,6 +29,23 @@ Features
- Cluster deployments: Server, replicas and clients in one playbook - Cluster deployments: Server, replicas and clients in one playbook
- One-time-password (OTP) support for client installation - One-time-password (OTP) support for client installation
- Repair mode for clients - Repair mode for clients
- Modules for dns forwarder management
- Modules for dns record management
- Modules for dns zone management
- Modules for group management
- Modules for hbacrule management
- Modules for hbacsvc management
- Modules for hbacsvcgroup management
- Modules for host management
- Modules for hostgroup management
- Modules for pwpolicy management
- Modules for service management
- Modules for sudocmd management
- Modules for sudocmdgroup management
- Modules for sudorule management
- Modules for topology management
- Modules for user management
- Modules for vault management
Supported FreeIPA Versions Supported FreeIPA Versions
@ -42,25 +60,30 @@ Supported Distributions
- RHEL/CentOS 7.4+ - RHEL/CentOS 7.4+
- Fedora 26+ - Fedora 26+
- Ubuntu - Ubuntu
- Debian 10+ (ipaclient only, no server or replica!)
Requirements Requirements
Controller Controller
- Ansible version: 2.5+
- Ansible version: 2.8+ (ansible-freeipa is an Ansible Collection)
/usr/bin/kinit is required on the controller if a one time password (OTP)
is used
- python3-gssapi is required on the controller if a one time password (OTP) - python3-gssapi is required on the controller if a one time password (OTP)
is used to install the client. is used with keytab to install the client.
Node Node
- Supported FreeIPA version (see above) - Supported FreeIPA version (see above)
- Supported distribution (needed for package installation only, see above) - Supported distribution (needed for package installation only, see above)
Limitations Limitations
External CA support is not supported or working. The currently needed two step External signed CA is now supported. But the currently needed two step process
process is an issue for the processing in the role. The configuration of the is an issue for the processing in a simple playbook.
server is partly done already and needs to be continued after the CSR has been Work is planned to have a new method to handle CSR for external signed CAs in
handled. This is for example breaking the deployment of a server with replicas a separate step before starting the server installation.
or clients in one playbook.
%prep %prep
%setup -q %setup -q
@ -95,11 +118,71 @@ cp -rp plugins/* %{buildroot}%{_datadir}/ansible/plugins/
%{_datadir}/ansible/roles/ipaclient %{_datadir}/ansible/roles/ipaclient
%{_datadir}/ansible/plugins/module_utils %{_datadir}/ansible/plugins/module_utils
%{_datadir}/ansible/plugins/modules %{_datadir}/ansible/plugins/modules
%doc README.md %doc README*.md
%doc README-*.md
%doc playbooks %doc playbooks
%changelog %changelog
* Mon Jun 15 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.12-1
- Update to version 0.1.12 bug fix only release
Related: RHBZ#1818768
* Thu Jun 11 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.11-1
- Update to version 0.1.11
Related: RHBZ#1818768
* Mon Apr 27 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.10-1
- Update to version 0.1.10:
- ipaclient: Not delete keytab when ipaclient_on_master is true
- New module to manage dns forwarder zones in ipa
- Enhancements of sudorule module tests
- Gracefully handle RuntimeError raised during parameter validation in
fail_jso
- ipareplica_prepare: Fix module DOCUMENTATION
- ipa[server,replica,client]: setup_logging wrapper for
standard_logging_setup
- Created FreeIPABaseModule class to facilitate creation of new modules
- New IPADNSZone module
- Add admin password to the ipadnsconfig module tests
- Added alias module arguments in dnszone module
- Fixed a bug in AnsibleFreeIPAParams
- utils/build-galaxy-release: Do not add release tag to version for galaxy
- ipaserver docs: Calm down module linter
- galaxy.yml: Add system tag
- ipareplica_setup_kra: Remove unused ccache parameter
- ipareplica_setup_krb: krb is assigned to but never used
- utils/galaxy: Make galaxy scripts more generic
- galaxyfy-playbook.py: Fixed script name
Related: RHBZ#1818768
* Thu Feb 20 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.8-3
- ipahost: Do not fail on missing DNS or zone when no IP address given
Resolves: RHBZ#1804838
* Fri Feb 14 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.8-2
- Updated RPM description for ansible-freeipa 0.1.8
Related: RHBZ#1748986
- ipahost: Fix choices of auth_ind parameter, allow to reset parameter
Resolves: RHBZ#1783992
- ipauser: Allow reset of userauthtype, do not depend on first,last for mod
Resolves: RHBZ#1784474
- ipahost: Enhanced failure msg for member params used without member action
Resolves: RHBZ#1783948
- Add missing attributes to ipasudorule
Resolves: RHBZ#1788168
Resolves: RHBZ#1788035
Resolves: RHBZ#1788024
- ipapwpolicy: Use global_policy if name is not set
Resolves: RHBZ#1797532
- ipahbacrule: Fix handing of members with action hbacrule
Resolves: RHBZ#1787996
- ansible_freeipa_module: Fix comparison of bool parameters in compare_args_isa
Resolves: RHBZ#1784514
- ipahost: Add support for several IP addresses and also to change them
Resolves: RHBZ#1783979
Resolves: RHBZ#1783976
- ipahost: Fail on action member for new hosts, fix dnsrecord_add reverse flag
Resolves: RHBZ#1803026
* Sat Dec 14 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.8-1 * Sat Dec 14 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.8-1
- Update to version 0.1.8 (bug fix release) - Update to version 0.1.8 (bug fix release)
- roles/ipaclient/README.md: Add information about ipaclient_otp - roles/ipaclient/README.md: Add information about ipaclient_otp