add sssd

author: Jonas Gunz <himself@jonasgunz.de> 2021-09-09 21:57:57 +0200
committer: Jonas Gunz <himself@jonasgunz.de> 2021-09-09 21:57:57 +0200
commit: 77b42f82b26299a525052c5dcebcbaaef3cf1d50 (patch)
tree: eb557fc3af1fa2d1f74b3ef46595e6e2f0adee19 /roles/sssd/tasks
parent: a4406a4ac734166e0f826fd2880f09e251ae53a2 (diff)
download: ansible_collection-77b42f82b26299a525052c5dcebcbaaef3cf1d50.tar.gz
1 files changed, 38 insertions, 0 deletions
diff --git a/roles/sssd/tasks/main.yml b/roles/sssd/tasks/main.yml
new file mode 100644
index 0000000..b50cac6
--- /dev/null
+++ b/roles/sssd/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+- name: Install packages
+  apt:
+    name:
+      - sssd
+      - libpam-sss
+      - libnss-sss
+    update_cache: yes
+  become: yes
+
+- name: Install SSSD Config file
+  template:
+    src: sssd.conf.j2
+    dest: /etc/sssd/sssd.conf
+    mode: '600'
+  become: yes
+  notify: Restart sssd
+
+- name: Create LDAP Config dir
+  file:
+    path: /etc/ldap
+    state: directory
+  become: yes
+
+- name: Install ldap.conf
+  copy:
+    content: 'TLS_CACERT      /etc/ssl/certs/ca-certificates.crt'
+    dest: /etc/ldap/ldap.conf
+  become: yes
+  notify: Restart sssd
+
+- name: Auto-create Homedir
+  lineinfile:
+    path: /etc/pam.d/common-session
+    regex: '^session required pam_mkhomedir\.so'
+    line: 'session required pam_mkhomedir.so skel=/etc/skel/ umask=0022'
+    insertafter: '^session optional pam_sss\.so'
+  become: yes
author	Jonas Gunz <himself@jonasgunz.de>	2021-09-09 21:57:57 +0200
committer	Jonas Gunz <himself@jonasgunz.de>	2021-09-09 21:57:57 +0200
commit	77b42f82b26299a525052c5dcebcbaaef3cf1d50 (patch)
tree	eb557fc3af1fa2d1f74b3ef46595e6e2f0adee19 /roles/sssd/tasks
parent	a4406a4ac734166e0f826fd2880f09e251ae53a2 (diff)
download	ansible_collection-77b42f82b26299a525052c5dcebcbaaef3cf1d50.tar.gz