Update ldap server cerbot renew command

This commit is contained in:
Nemo 2020-10-18 09:43:26 +02:00
parent b9621f6d54
commit ba12d9985d

View file

@ -6,7 +6,7 @@ certbot_auto_renew: true
certbot_auto_renew_user: "root" certbot_auto_renew_user: "root"
certbot_auto_renew_hour: "5" certbot_auto_renew_hour: "5"
certbot_auto_renew_minute: "0" certbot_auto_renew_minute: "0"
certbot_auto_renew_options: "--quiet --no-self-upgrade --deploy-hook 'cp -pf /etc/letsencrypt/live/{{ inventory_hostname }}/*.pem /etc/ldap/sasl2/ && chown openldap: /etc/ldap/sasl2/*.pem && systemctl restart slapd'" certbot_auto_renew_options: "--quiet --no-self-upgrade --pre-hook 'iptables -A INPUT -p tcp --dport 80 -j ACCEPT' --deploy-hook 'cp -pf /etc/letsencrypt/live/{{ inventory_hostname }}/*.pem /etc/ldap/sasl2/ && chown openldap: /etc/ldap/sasl2/*.pem && systemctl restart slapd' --post-hook 'iptables -D INPUT -p tcp --dport 80 -j ACCEPT'"
certbot_create_if_missing: true certbot_create_if_missing: true
certbot_create_method: standalone certbot_create_method: standalone
certbot_create_standalone_stop_services: [] certbot_create_standalone_stop_services: []
@ -22,7 +22,7 @@ openldap_schemas:
- rfc2739 - rfc2739
openldap_bases: openldap_bases:
rootdn: cn=admin rootdn: cn=admin
suffix: dc=example,dc=org suffix: dc=wirebrass,dc=fr
includes: [ slapd.access ] includes: [ slapd.access ]
indexes: indexes:
- [ "uid,uidNumber,gidNumber,memberUID", "pres,eq" ] - [ "uid,uidNumber,gidNumber,memberUID", "pres,eq" ]
@ -36,10 +36,10 @@ openldap_bases:
ldap_host: "localhost" ldap_host: "localhost"
ldap_port: "389" ldap_port: "389"
ldap_root_dn: "dc=example,dc=org" ldap_root_dn: "dc=wirebrass,dc=fr"
ldap_domain: "example.org" ldap_domain: "wirebrass.fr"
ldap_admin_user_dn: "cn=admin,dc=example,dc=org" ldap_admin_user_dn: "cn=admin,dc=wirebrass,dc=fr"
ldap_admin_user_password: "{{ vault_ldap_admin_user_password }}" ldap_admin_user_password: "{{ vault_ldap_admin_user_password }}"
ldap_config_admin_user_dn: "cn=admin,cn=config" ldap_config_admin_user_dn: "cn=admin,cn=config"
@ -64,7 +64,7 @@ ldap_groups:
description: "Service MARKETING" description: "Service MARKETING"
memberUid: memberUid:
- userB - userB
- userA #- userA
- it: - it:
cn: it cn: it
gidNumber: 60003 gidNumber: 60003