2024-03-18 17:36:03 -04:00
|
|
|
---
|
|
|
|
|
|
|
|
|
|
- name: Ensure kanidm docker/compose exist
|
|
|
|
|
ansible.builtin.file:
|
|
|
|
|
path: /etc/docker/compose/kanidm
|
|
|
|
|
state: directory
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0700
|
|
|
|
|
|
|
|
|
|
- name: Build kanidm docker-compose.yml.j2
|
|
|
|
|
ansible.builtin.template:
|
|
|
|
|
src: docker-compose.yml.j2
|
|
|
|
|
dest: /etc/docker/compose/kanidm/docker-compose.yml
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0700
|
|
|
|
|
|
|
|
|
|
- name: Ensure kanidm docker/compose/data exist
|
|
|
|
|
ansible.builtin.file:
|
|
|
|
|
path: /etc/docker/compose/kanidm/data
|
|
|
|
|
state: directory
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0700
|
|
|
|
|
|
|
|
|
|
- name: Build kanidm config
|
|
|
|
|
ansible.builtin.template:
|
|
|
|
|
src: server.toml.j2
|
|
|
|
|
dest: /etc/docker/compose/kanidm/data/server.toml
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0755
|
|
|
|
|
|
2024-03-25 13:00:55 -04:00
|
|
|
- name: Allow all LDAPS connections from everywhere
|
|
|
|
|
ansible.builtin.ufw:
|
|
|
|
|
rule: allow
|
|
|
|
|
proto: tcp
|
|
|
|
|
port: '3636'
|
|
|
|
|
|
2024-03-18 17:36:03 -04:00
|
|
|
- name: Enable kanidm
|
|
|
|
|
ansible.builtin.systemd_service:
|
|
|
|
|
state: restarted
|
|
|
|
|
enabled: true
|
|
|
|
|
name: docker-compose@kanidm
|
