Blame ansible-freeipa.spec

cd5c56
# Turn off automatic python byte compilation because these are Ansible
cd5c56
# roles and the files are transferred to the node and compiled there with
cd5c56
# the python verison used in the node
cd5c56
%define __brp_python_bytecompile %{nil}
cd5c56
cd5c56
Summary: Roles and playbooks to deploy FreeIPA servers, replicas and clients
cd5c56
Name: ansible-freeipa
13bf85
Version: 0.1.6
bb9dd4
Release: 2%{?dist}
cd5c56
URL: https://github.com/freeipa/ansible-freeipa
cd5c56
License: GPLv3+
cd5c56
Source: https://github.com/freeipa/ansible-freeipa/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
cd5c56
BuildArch: noarch
cd5c56
cd5c56
#Requires: ansible
cd5c56
cd5c56
%description
cd5c56
ansible-freeipa provides Ansible roles and playbooks to install and uninstall
cd5c56
FreeIPA servers, replicas and clients.
cd5c56
cd5c56
Note: The ansible playbooks and roles require a configured ansible environment
cd5c56
where the ansible nodes are reachable and are properly set up to have an IP
cd5c56
address and a working package manager.
cd5c56
cd5c56
Features
cd5c56
cd5c56
- Server, replica and client deployment
cd5c56
- Cluster deployments: Server, replicas and clients in one playbook
cd5c56
- One-time-password (OTP) support for client installation
cd5c56
- Repair mode for clients
cd5c56
cd5c56
Supported FreeIPA Versions
cd5c56
cd5c56
FreeIPA versions 4.6 and up are supported by all roles.
cd5c56
cd5c56
The client role supports versions 4.4 and up, the server role is working with
cd5c56
versions 4.5 and up, the replica role is currently only working with versions
cd5c56
4.6 and up.
cd5c56
cd5c56
Supported Distributions
cd5c56
cd5c56
- RHEL/CentOS 7.4+
cd5c56
- Fedora 26+
cd5c56
- Ubuntu
cd5c56
cd5c56
Requirements
cd5c56
cd5c56
  Controller
cd5c56
  - Ansible version: 2.5+
cd5c56
  - python3-gssapi is required on the controller if a one time password (OTP)
cd5c56
    is used to install the client.
cd5c56
cd5c56
  Node
cd5c56
  - Supported FreeIPA version (see above)
cd5c56
  - Supported distribution (needed for package installation only, see above)
cd5c56
cd5c56
Limitations
cd5c56
cd5c56
External CA support is not supported or working. The currently needed two step
cd5c56
process is an issue for the processing in the role. The configuration of the
cd5c56
server is partly done already and needs to be continued after the CSR has been
cd5c56
handled. This is for example breaking the deployment of a server with replicas
cd5c56
or clients in one playbook.
cd5c56
cd5c56
%prep
cd5c56
%setup -q
1904aa
# Do not create backup files with patches
cd5c56
# Fix python modules and module utils:
cd5c56
# - Remove shebang
cd5c56
# - Remove execute flag
abce4d
for i in roles/ipa*/library/*.py roles/ipa*/module_utils/*.py plugins/*/*.py; do
cd5c56
    sed -i '/\/usr\/bin\/python*/d' $i
cd5c56
    chmod a-x $i
cd5c56
done
cd5c56
# Add execute flag to py3test.py scripts
cd5c56
chmod a+x roles/ipa*/files/py3test.py
cd5c56
cd5c56
%build
cd5c56
cd5c56
%install
cd5c56
install -m 755 -d %{buildroot}%{_datadir}/ansible/roles/
cd5c56
cp -rp roles/ipaserver %{buildroot}%{_datadir}/ansible/roles/
abce4d
cp -rp roles/ipaserver/README.md README-server.md
cd5c56
cp -rp roles/ipareplica %{buildroot}%{_datadir}/ansible/roles/
abce4d
cp -rp roles/ipareplica/README.md README-replica.md
cd5c56
cp -rp roles/ipaclient %{buildroot}%{_datadir}/ansible/roles/
abce4d
cp -rp roles/ipaclient/README.md README-client.md
abce4d
install -m 755 -d %{buildroot}%{_datadir}/ansible/plugins/
abce4d
cp -rp plugins/* %{buildroot}%{_datadir}/ansible/plugins/
cd5c56
cd5c56
%files
cd5c56
%license COPYING
cd5c56
%{_datadir}/ansible/roles/ipaserver
cd5c56
%{_datadir}/ansible/roles/ipareplica
cd5c56
%{_datadir}/ansible/roles/ipaclient
abce4d
%{_datadir}/ansible/plugins/module_utils
abce4d
%{_datadir}/ansible/plugins/modules
abce4d
%doc README*.md
abce4d
%doc playbooks
cd5c56
cd5c56
%changelog
bb9dd4
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.6-2
bb9dd4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
bb9dd4
13bf85
* Tue Jul 23 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.6-1
13bf85
- Update to version 0.1.6
13bf85
  - Lots of documentation updates in READMEs and modules
13bf85
  - library/ipaclient_get_otp: Enable force mode for host_add call (fixes #74)
13bf85
  - Flake8 and pylint reated fixes
13bf85
  - Fixed wrong path to CheckedIPAddress class in ipareplica_test
13bf85
  - Remove unused ipaserver/library/ipaserver.py
13bf85
  - No not use wildcard imports for modules
13bf85
  - ipareplica: Add support for pki_config_override
13bf85
  - ipareplica: Initialize dns.ip_addresses and dns.reverse_zones for dns setup
13bf85
  - ipareplica_prepare: Properly initialize pin and cert_name variables
13bf85
  - ipareplica: Fail with proper error messages
13bf85
  - ipaserver: Properly set settings related to pkcs12 files
13bf85
  - ipaclient: RawConfigParser is not always provided by six.moves.configparser
13bf85
  - ipaclient_setup_nss: paths.GETENT is not available before
13bf85
    freeipa-4.6.90.pre1
13bf85
  - ipaserver_test: Initialize value from options.zonemgr
13bf85
  - ipareplica_setup_custodia: create_replica only available in newer releases
13bf85
  - ipaclient: Fix typo in dnsok assignment for ipaclient_setup_nss
13bf85
  - ipa[server,replica]: Set _packages_adtrust for Ubuntu
13bf85
  - New build script for galaxy release
13bf85
  - New utils script to update module docs
13bf85
1904aa
* Tue Jul  9 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.5-2
1904aa
- Update README-user.md: Fixed examples, new example
1904aa
- ipauser example playbooks: Fixed actions, new example
1904aa
abce4d
* Tue Jul  9 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.5-1
abce4d
- Update to version 0.1.5
abce4d
  - Support for IPA 4.8.0
abce4d
  - New user management module
abce4d
  - New group management module
abce4d
  - ipaserver: Support external signed CA
abce4d
  - RHEL-8 specific vars files to be able to install needed modules
abce4d
    automatically
abce4d
  - ipareplica: Fixes for certmonger and kra setup
abce4d
  - New tests folder
abce4d
  - OTP related updates to README files
abce4d
- Updates of version 0.1.4
abce4d
  - ipatopologysegment: Use commands, not command
abce4d
- Updates of version 0.1.3
abce4d
  - ipaclient_test: Fix Python2 decode use with Python3
abce4d
  - Fixed: #86 (AttributeError: 'str' object has no attribute 'decode')
abce4d
  - ipaclient_get_otp: Remove ansible_python_interpreter handling
abce4d
  - ipaclient: Use omit (None) for password, keytab, no string length checks
abce4d
  - ipaclient_join: Support to use ipaadmin_keytab without ipaclient_use_otp
abce4d
  - ipaclient: Report error message if ipaclient_get_otp failed
abce4d
  - Fixes #17 Improve how tasks manage package installation
abce4d
  - ipareplica: The dm password is not needed for ipareplica_master_password
abce4d
  - ipareplica: Use ipareplica_server if set
abce4d
  - ipatopologysegment: Allow domain+ca suffix, new state: checked
abce4d
  - Documentation updates
abce4d
  - Cleanups
abce4d
- Update of version 0.1.2
abce4d
  - Now a new Ansible Collection
abce4d
  - Fix gssapi requirement for OTP: It is only needed if keytab is used with
abce4d
    OTP now.
abce4d
  - Fix wrong ansible argument types
abce4d
  - Do not fail on textwrap for replica deployments with CA
abce4d
  - Ansible lint and galaxy fixes
abce4d
  - Disable automatic removal of replication agreements in uninstall
abce4d
  - Enable freeipa-trust service if adtrust is enabled
abce4d
  - Add support for hidden replica
abce4d
  - New topology managament modules
abce4d
  - Add support for pki_config_override
abce4d
  - Fix host name setup in server deployment
abce4d
  - Fix errors when ipaservers variable is not set
abce4d
  - Fix ipaclient install role length typo
abce4d
  - Cleanups
abce4d
cd5c56
* Mon May  6 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.1-1
cd5c56
- Initial package