From ba12d9985d4cae3868bee3dad44697c1458d88ce Mon Sep 17 00:00:00 2001 From: Nemo Date: Sun, 18 Oct 2020 09:43:26 +0200 Subject: [PATCH] Update ldap server cerbot renew command --- inventory_template/group_vars/ldap_server.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/inventory_template/group_vars/ldap_server.yml b/inventory_template/group_vars/ldap_server.yml index 7eec19f..cfdd0d5 100644 --- a/inventory_template/group_vars/ldap_server.yml +++ b/inventory_template/group_vars/ldap_server.yml @@ -6,7 +6,7 @@ certbot_auto_renew: true certbot_auto_renew_user: "root" certbot_auto_renew_hour: "5" certbot_auto_renew_minute: "0" -certbot_auto_renew_options: "--quiet --no-self-upgrade --deploy-hook 'cp -pf /etc/letsencrypt/live/{{ inventory_hostname }}/*.pem /etc/ldap/sasl2/ && chown openldap: /etc/ldap/sasl2/*.pem && systemctl restart slapd'" +certbot_auto_renew_options: "--quiet --no-self-upgrade --pre-hook 'iptables -A INPUT -p tcp --dport 80 -j ACCEPT' --deploy-hook 'cp -pf /etc/letsencrypt/live/{{ inventory_hostname }}/*.pem /etc/ldap/sasl2/ && chown openldap: /etc/ldap/sasl2/*.pem && systemctl restart slapd' --post-hook 'iptables -D INPUT -p tcp --dport 80 -j ACCEPT'" certbot_create_if_missing: true certbot_create_method: standalone certbot_create_standalone_stop_services: [] @@ -22,7 +22,7 @@ openldap_schemas: - rfc2739 openldap_bases: rootdn: cn=admin - suffix: dc=example,dc=org + suffix: dc=wirebrass,dc=fr includes: [ slapd.access ] indexes: - [ "uid,uidNumber,gidNumber,memberUID", "pres,eq" ] @@ -36,10 +36,10 @@ openldap_bases: ldap_host: "localhost" ldap_port: "389" -ldap_root_dn: "dc=example,dc=org" -ldap_domain: "example.org" +ldap_root_dn: "dc=wirebrass,dc=fr" +ldap_domain: "wirebrass.fr" -ldap_admin_user_dn: "cn=admin,dc=example,dc=org" +ldap_admin_user_dn: "cn=admin,dc=wirebrass,dc=fr" ldap_admin_user_password: "{{ vault_ldap_admin_user_password }}" ldap_config_admin_user_dn: "cn=admin,cn=config" @@ -64,7 +64,7 @@ ldap_groups: description: "Service MARKETING" memberUid: - userB - - userA + #- userA - it: cn: it gidNumber: 60003