Browse Source

Update ldap server cerbot renew command

master
Nemo 2 years ago
parent
commit
ba12d9985d
  1. 12
      inventory_template/group_vars/ldap_server.yml

12
inventory_template/group_vars/ldap_server.yml

@ -6,7 +6,7 @@ certbot_auto_renew: true
certbot_auto_renew_user: "root"
certbot_auto_renew_hour: "5"
certbot_auto_renew_minute: "0"
certbot_auto_renew_options: "--quiet --no-self-upgrade --deploy-hook 'cp -pf /etc/letsencrypt/live/{{ inventory_hostname }}/*.pem /etc/ldap/sasl2/ && chown openldap: /etc/ldap/sasl2/*.pem && systemctl restart slapd'"
certbot_auto_renew_options: "--quiet --no-self-upgrade --pre-hook 'iptables -A INPUT -p tcp --dport 80 -j ACCEPT' --deploy-hook 'cp -pf /etc/letsencrypt/live/{{ inventory_hostname }}/*.pem /etc/ldap/sasl2/ && chown openldap: /etc/ldap/sasl2/*.pem && systemctl restart slapd' --post-hook 'iptables -D INPUT -p tcp --dport 80 -j ACCEPT'"
certbot_create_if_missing: true
certbot_create_method: standalone
certbot_create_standalone_stop_services: []
@ -22,7 +22,7 @@ openldap_schemas:
- rfc2739
openldap_bases:
rootdn: cn=admin
suffix: dc=example,dc=org
suffix: dc=wirebrass,dc=fr
includes: [ slapd.access ]
indexes:
- [ "uid,uidNumber,gidNumber,memberUID", "pres,eq" ]
@ -36,10 +36,10 @@ openldap_bases:
ldap_host: "localhost"
ldap_port: "389"
ldap_root_dn: "dc=example,dc=org"
ldap_domain: "example.org"
ldap_root_dn: "dc=wirebrass,dc=fr"
ldap_domain: "wirebrass.fr"
ldap_admin_user_dn: "cn=admin,dc=example,dc=org"
ldap_admin_user_dn: "cn=admin,dc=wirebrass,dc=fr"
ldap_admin_user_password: "{{ vault_ldap_admin_user_password }}"
ldap_config_admin_user_dn: "cn=admin,cn=config"
@ -64,7 +64,7 @@ ldap_groups:
description: "Service MARKETING"
memberUid:
- userB
- userA
#- userA
- it:
cn: it
gidNumber: 60003

Loading…
Cancel
Save