From 77520d66ed57d4ba576bc0f58c00ba4924ab2224 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Wed, 4 Dec 2024 11:30:54 +0100 Subject: [PATCH] Adding and using role 389ds-check-initial --- playbooks/configure-ldap-servers.yaml | 27 ++------ playbooks/disable-ldap-server.yaml | 10 +++ playbooks/enable-ldap-server-replication.yaml | 6 +- roles/389ds-check-initial/tasks/main.yaml | 65 +++++++++++++++++++ 4 files changed, 85 insertions(+), 23 deletions(-) create mode 100644 roles/389ds-check-initial/tasks/main.yaml diff --git a/playbooks/configure-ldap-servers.yaml b/playbooks/configure-ldap-servers.yaml index 4db4f40..cb7a56c 100644 --- a/playbooks/configure-ldap-servers.yaml +++ b/playbooks/configure-ldap-servers.yaml @@ -6,30 +6,13 @@ tasks: - - name: "Exec command for retrieving version of 389ds LDAP server." - ansible.builtin.shell: ns-slapd -v | grep -i '^389-Directory' | sed -e 's|.*/||' -e 's/\s.*//' - register: get_389ds_version - check_mode: false - changed_when: false - - - name: "Get the version of the 389ds LDAP server." - ansible.builtin.set_fact: - version_389ds: "{{ get_389ds_version.stdout }}" - cacheable: true - - - name: "Show version of 389ds LDAP server." - debug: - var: version_389ds - verbosity: 0 - - - name: "Fail for non existing 389ds LDAP server." - ansible.builtin.fail: - msg: "No 389ds LDAP server found on host '{{ inventory_hostname }}'." - when: version_389ds == '' + - name: "Made basic checks for 389ds LDAP server." + include_role: + name: 389ds-check-initial - - name: "Configure logging for host '{{ inventory_hostname }}'." + - name: "Configure logging for 389ds LDAP server." include_role: - name: '389ds-config-logging' + name: 389ds-config-logging - name: "Configure all necessay plugins of the 389ds LDAP server." include_role: diff --git a/playbooks/disable-ldap-server.yaml b/playbooks/disable-ldap-server.yaml index fd6140f..65b8d85 100644 --- a/playbooks/disable-ldap-server.yaml +++ b/playbooks/disable-ldap-server.yaml @@ -35,6 +35,16 @@ msg: "The given host {{ ldapserver_to_disable | quote }} is not a valid LDAP server." when: found_ldapserver == false +- name: "Initial checks for the 389ds LDAP server." + hosts: ldap_servers + gather_facts: false + + tasks: + + - name: "Made basic checks for 389ds LDAP server." + include_role: + name: 389ds-check-initial + - name: "Disable the given host as a HAProxy backend server." hosts: haproxy_servers gather_facts: false diff --git a/playbooks/enable-ldap-server-replication.yaml b/playbooks/enable-ldap-server-replication.yaml index 50ee0b7..7ab29a5 100644 --- a/playbooks/enable-ldap-server-replication.yaml +++ b/playbooks/enable-ldap-server-replication.yaml @@ -33,10 +33,14 @@ - name: "Enabling Replication on a particular LDAP server." hosts: ldap_servers - # gather_facts: false + gather_facts: false tasks: + - name: "Made basic checks for 389ds LDAP server." + include_role: + name: 389ds-check-initial + - name: "Get the LDAP server to enable replication:" ansible.builtin.set_fact: ldapserver_to_enable: "{{ hostvars.localhost.ldapserver_to_enable }}" diff --git a/roles/389ds-check-initial/tasks/main.yaml b/roles/389ds-check-initial/tasks/main.yaml new file mode 100644 index 0000000..ea6ed15 --- /dev/null +++ b/roles/389ds-check-initial/tasks/main.yaml @@ -0,0 +1,65 @@ +--- + +# Role for Initial checks of the 389ds LDAP server + +- name: "Exec command for retrieving version of 389ds LDAP server." + ansible.builtin.shell: ns-slapd -v | grep -i '^389-Directory' | sed -e 's|.*/||' -e 's/\s.*//' + register: get_389ds_version + check_mode: false + changed_when: false + +- name: "Get the version of the 389ds LDAP server." + ansible.builtin.set_fact: + version_389ds: "{{ get_389ds_version.stdout }}" + cacheable: true + +- name: "Show version of 389ds LDAP server." + debug: + var: version_389ds + verbosity: 0 + +- name: "Fail for non existing 389ds LDAP server." + ansible.builtin.fail: + msg: "No 389ds LDAP server found on host '{{ inventory_hostname }}'." + when: version_389ds == '' + +- name: "Get the list of available Directory Server instances." + ansible.builtin.shell: "dsctl --list | sed -e 's/^slapd-//'" + register: get_389ds_instances + check_mode: false + changed_when: false + +- name: "Set the list of available Directory Server instances in instances_389ds." + ansible.builtin.set_fact: + instances_389ds: "{{ get_389ds_instances.stdout_lines }}" + +- name: "Show all found Directory Server instances." + debug: + var: instances_389ds + verbosity: 1 + +- name: "Fail, if there are no running Directory Server instances." + ansible.builtin.fail: + msg: "No Directory Server instances found on host '{{ inventory_hostname }}'." + when: instances_389ds | length < 1 + +- name: "Retrieve the slapd instance name, if not given." + when: slapd_instance is not defined + block: + + - name: "Set slapd_instance to the first found instance, because it was not given." + ansible.builtin.set_fact: + slapd_instance: "{{ instances_389ds[0] }}" + + - name: "Selected slapd_instance:" + debug: + var: slapd_instance + verbosity: 0 + +- name: "Check for given Directory Server instance." + ansible.builtin.fail: + msg: "The Directory Server instances '{{ slapd_instance }}' was not found on '{{ inventory_hostname }}'." + when: slapd_instance not in instances_389ds + + +# vim: filetype=yaml -- 2.39.5