mauro/ansible-role-openldap-docker
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
ansible-role-openldap-docker/defaults/main.yml
Mauro Torrez 7e85c30cc2 solo configurar container
2019-09-26 00:07:09 -03:00

83 lines
2.0 KiB
YAML
Raw Blame History

---
# # Indica si el host es provider en un esquema de replicación
# openldap_provider: no
# # Nombre del provider para un host consumer
# openldap_provider_host: null
# # Indica si el host es esclavo en un esquema de replicación
# openldap_consumer: no
# Clave del usuario cn=admin,cn=config
openldap_config_password: password
# CN y clave del usuario administrador del dominio
openldap_admin_cn: admin
openldap_admin_password: password
# # DN del administrador de la base cn=accesslog (provider)
# openldap_backup_dir: "/srv/backups/ldap"
# openldap_backup_keep: 200
# # DN del administrador de la base cn=accesslog (provider)
# openldap_accesslog_admin_dn: cn=admin,dc=example,dc=com
# # DN, clave y search base del replicador
# openldap_replicator_dn: cn=replicator,dc=example,dc=com
# openldap_replicator_password: password
# openldap_replicator_base: dc=example,dc=com
# port in docker HOST to bind ldap service
openldap_bind_port: 389
openldap_bind_host: 127.0.0.1
# docker image name
openldap_image_name: eumau/openldap
# docker container name
openldap_container_name: openldap
# docker volume names
openldap_volume_config: "ldap_config"
openldap_volume_data: "ldap_data"
openldap_volume_backup: "ldap_backup"
# permisos de acceso
openldap_domain_access:
- "{0}to attrs=userPassword by self write by anonymous auth by * none"
- "{1}to attrs=shadowLastChange by self write by * read"
- "{2}to * by * read"
# indices del dominio
openldap_domain_index:
- "cn,uid eq"
- "member,memberUid eq"
- "objectClass eq"
- "uidNumber,gidNumber eq"
# limites del dominio
openldap_domain_limits: []
# OUs creadas por defecto dentro de cada dominio
openldap_domain_ous:
- Alias
- Group
- People
# Dominio
openldap_domain: example.com
# esquemas a cargar
openldap_schemas:
- core
- cosine
- nis
- inetorgperson
- misc
# crear entradas en el DIT? (dominios, administradores, OUs)
openldap_create_dit_entries: yes
# habilitar modulo memberof?
openldap_enable_memberof: yes
Reference in New Issue View Git Blame Copy Permalink