---
- name: 'Get the current configuration of the memberOf-Plugin.'
- ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin memberof show | grep -P -i '^(memberof|nsslapd-pluginEnabled)' | sed -e 's/^memberof//i' -e 's/nsslapd-plugin//i' | tr '[:upper:]' '[:lower:]' | sort || true"
+ ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin memberof show | \
+ grep -P -i '^(memberof|nsslapd-pluginEnabled)' | \
+ sed -e 's/^memberof//i' -e 's/nsslapd-plugin//i' | tr '[:upper:]' '[:lower:]' | \
+ sort || true"
register: plugin_memberof
changed_when: false
check_mode: false
ansible.builtin.shell: "{{ plugin_memberof_cmd }}"
- name: "Enabling memberof plugin."
- ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin memberof enable"
when: "plugin_memberof_config['enabled'] == false and ds389_plugin_memberof_enabled == true"
+ block:
+
+ - name: "Enabling memberof plugin."
+ ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin memberof enable"
+
+ - name: "Setting restart_389ds."
+ set_fact:
+ restart_389ds: true
- name: "Disabling memberof plugin."
- ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin memberof disable"
when: "plugin_memberof_config['enabled'] == true and ds389_plugin_memberof_enabled == false"
+ block:
+
+ - name: "Disabling memberof plugin."
+ ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin memberof disable"
+
+ - name: "Setting restart_389ds."
+ set_fact:
+ restart_389ds: true
# vim: filetype=yaml
--- /dev/null
+---
+
+- name: 'Get the current configuration of the referential-integrity-Plugin.'
+ ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin referential-integrity show | \
+ grep -P -i '^(referint|nsslapd-pluginEnabled)' | \
+ sed -e 's/^referint-//i' -e 's/nsslapd-plugin//i' | tr '[:upper:]' '[:lower:]' | \
+ sort || true"
+ register: plugin_referint
+ changed_when: false
+ check_mode: false
+
+- name: 'Show raw referential-integrity attribute config.'
+ debug:
+ var: plugin_referint
+ verbosity: 3
+
+- name: "Set variable plugin_referint_config"
+ set_fact:
+ plugin_referint_config: "{{ plugin_referint.stdout_lines | cfg_389ds_to_dict }}"
+
+- name: "Show config hash:"
+ debug:
+ var: plugin_referint_config
+ verbosity: 0
+
+- name: 'Predefine variable exec_set to false'
+ set_fact:
+ exec_set: false
+
+- name: 'Check for membership-attr not set.'
+ set_fact:
+ exec_set: true
+ when: '"membership-attr" not in plugin_referint_config'
+
+- name: 'Check for membership-attr.'
+ set_fact:
+ exec_set: true
+ when: '"groupattr" in plugin_referint_config and (plugin_referint_config["membership-attr"] | compare_lc_list(ds389_plugin_referint_membership_attributes) != true)'
+
+- name: 'Check for update-delay.'
+ set_fact:
+ exec_set: true
+ when: '"update-delay" not in plugin_referint_config or plugin_referint_config["update-delay"] != ds389_plugin_referint_update_delay'
+
+- name: 'Set expected logfile.'
+ set_fact:
+ referint_expected_logfile: "{{ base_logdir }}/slapd-{{ slapd_instance }}/{{ ds389_plugin_referint_logfile }}"
+
+- name: "Show referential-integrity-Plugin logfile stuff"
+ debug:
+ msg: "Current logfile: '{{ plugin_referint_config['logfile'] }}', expected: '{{ referint_expected_logfile }}'."
+ verbosity: 0
+
+- name: 'Check for logfilelogfile.'
+ set_fact:
+ exec_set: true
+ when: plugin_referint_config['logfile'] != referint_expected_logfile
+
+- name: "Has the referential-integrity-Plugin to be configured:"
+ debug:
+ var: exec_set
+
+- name: "Configure the referential-integrity plugin, if necessary."
+ when: exec_set == true
+ block:
+
+ - name: "Init + set var plugin_referint_cmd + restart_389ds."
+ set_fact:
+ plugin_referint_cmd: "dsconf {{ slapd_instance | quote }} plugin referential-integrity set"
+ restart_389ds: true
+
+ - name: "Add membership-attr to plugin_referint_cmd"
+ set_fact:
+ plugin_referint_cmd: "{{ plugin_referint_cmd }} --membership-attr {{ ds389_plugin_referint_membership_attributes | map('quote') | join(' ') }}"
+
+ - name: "Add logfile to plugin_referint_cmd"
+ set_fact:
+ plugin_referint_cmd: "{{ plugin_referint_cmd }} --log-file {{ referint_expected_logfile | quote }}"
+
+ - name: "Add update-delay to plugin_referint_cmd"
+ set_fact:
+ plugin_referint_cmd: "{{ plugin_referint_cmd }} --update-delay {{ ds389_plugin_referint_update_delay }}"
+
+ - name: "Show the command to execute:"
+ debug:
+ var: plugin_referint_cmd
+ verbosity: 0
+
+ - name: "Finally configure the referential-integrity plugin."
+ ansible.builtin.shell: "{{ plugin_referint_cmd }}"
+
+- name: "Enabling referential-integrity plugin."
+ when: "plugin_referint_config['enabled'] == false and ds389_plugin_referint_enabled == true"
+ block:
+
+ - name: "Enabling referential-integrity plugin."
+ ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin referential-integrity enable"
+
+ - name: "Setting restart_389ds."
+ set_fact:
+ restart_389ds: true
+
+- name: "Disabling referential-integrity plugin."
+ when: "plugin_referint_config['enabled'] == true and ds389_plugin_referint_enabled == false"
+ block:
+
+ - name: "Disabling referential-integrity plugin."
+ ansible.builtin.shell: "dsconf {{ slapd_instance | quote }} plugin referential-integrity disable"
+
+ - name: "Setting restart_389ds."
+ set_fact:
+ restart_389ds: true
+
+# vim: filetype=yaml
---
+###############################
+# Plugin memberOf
+
ds389_plugin_memberof_config: true
ds389_plugin_memberof_enabled: true
ds389_plugin_memberof_attr: 'memberOf'
ds389_plugin_memberof_escapes: []
ds389_plugin_memberof_auto_add_oc: ~
+###############################
+# Plugin referential-integrity
+
+ds389_plugin_referint_config: true
+ds389_plugin_referint_enabled: true
+ds389_plugin_referint_membership_attributes:
+ - 'member'
+ - 'uniqueMember'
+ - 'owner'
+ - 'seeAlso'
+ds389_plugin_referint_logfile: 'referint.log'
+ds389_plugin_referint_update_delay: 0
+
+base_logdir: '/var/log/dirsrv'
# vim: filetype=yaml
projects / pixelpark / pp-admin-tools.git / commitdiff