# Turn off automatic python byte compilation because these are Ansible

# roles and the files are transferred to the node and compiled there with

# the python verison used in the node

%define __brp_python_bytecompile %{nil}

Summary: Roles and playbooks to deploy FreeIPA servers, replicas and clients

Name: ansible-freeipa

Version: 0.1.1

Release: 1%{?dist}

URL: https://github.com/freeipa/ansible-freeipa

License: GPLv3+

Source: https://github.com/freeipa/ansible-freeipa/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz

BuildArch: noarch

#Requires: ansible

%description

ansible-freeipa provides Ansible roles and playbooks to install and uninstall

FreeIPA servers, replicas and clients.

Note: The ansible playbooks and roles require a configured ansible environment

where the ansible nodes are reachable and are properly set up to have an IP

address and a working package manager.

Features

- Server, replica and client deployment

- Cluster deployments: Server, replicas and clients in one playbook

- One-time-password (OTP) support for client installation

- Repair mode for clients

Supported FreeIPA Versions

FreeIPA versions 4.6 and up are supported by all roles.

The client role supports versions 4.4 and up, the server role is working with

versions 4.5 and up, the replica role is currently only working with versions

4.6 and up.

Supported Distributions

- RHEL/CentOS 7.4+

- Fedora 26+

- Ubuntu

Requirements

  Controller

  - Ansible version: 2.5+

  - python3-gssapi is required on the controller if a one time password (OTP)

    is used to install the client.

  Node

  - Supported FreeIPA version (see above)

  - Supported distribution (needed for package installation only, see above)

Limitations

External CA support is not supported or working. The currently needed two step

process is an issue for the processing in the role. The configuration of the

server is partly done already and needs to be continued after the CSR has been

handled. This is for example breaking the deployment of a server with replicas

or clients in one playbook.

%prep

%setup -q

# Fix python modules and module utils:

# - Remove shebang

# - Remove execute flag

for i in roles/ipa*/library/*.py roles/ipa*/module_utils/*.py; do

    sed -i '/\/usr\/bin\/python*/d' $i

    chmod a-x $i

done

# Add execute flag to py3test.py scripts

chmod a+x roles/ipa*/files/py3test.py

%build

%install

install -m 755 -d %{buildroot}%{_datadir}/ansible/roles/

cp -rp roles/ipaserver %{buildroot}%{_datadir}/ansible/roles/

cp -rp roles/ipareplica %{buildroot}%{_datadir}/ansible/roles/

cp -rp roles/ipaclient %{buildroot}%{_datadir}/ansible/roles/

%files

%license COPYING

%{_datadir}/ansible/roles/ipaserver

%{_datadir}/ansible/roles/ipareplica

%{_datadir}/ansible/roles/ipaclient

%doc README.md

%doc SERVER.md

%doc REPLICA.md

%doc CLIENT.md

%doc *install-*.yml

%changelog

* Mon May  6 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.1-1

- Initial package