diff --git a/.gitignore b/.gitignore index 15b62dc..24dabfb 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ /ansible-freeipa-0.1.6.tar.gz /ansible-freeipa-0.1.8.tar.gz /ansible-freeipa-0.1.9.tar.gz +/ansible-freeipa-0.1.10.tar.gz diff --git a/ansible-freeipa.spec b/ansible-freeipa.spec index c908f8e..d451842 100644 --- a/ansible-freeipa.spec +++ b/ansible-freeipa.spec @@ -5,7 +5,7 @@ Summary: Roles and playbooks to deploy FreeIPA servers, replicas and clients Name: ansible-freeipa -Version: 0.1.9 +Version: 0.1.10 Release: 1%{?dist} URL: https://github.com/freeipa/ansible-freeipa License: GPLv3+ @@ -16,7 +16,8 @@ BuildArch: noarch %description ansible-freeipa provides Ansible roles and playbooks to install and uninstall -FreeIPA servers, replicas and clients. +FreeIPA servers, replicas and clients. Also modules for group, host, topology +and user management. Note: The ansible playbooks and roles require a configured ansible environment where the ansible nodes are reachable and are properly set up to have an IP @@ -28,6 +29,22 @@ Features - Cluster deployments: Server, replicas and clients in one playbook - One-time-password (OTP) support for client installation - Repair mode for clients +- Modules for dns forwarder management +- Modules for dns zone management +- Modules for group management +- Modules for hbacrule management +- Modules for hbacsvc management +- Modules for hbacsvcgroup management +- Modules for host management +- Modules for hostgroup management +- Modules for pwpolicy management +- Modules for service management +- Modules for sudocmd management +- Modules for sudocmdgroup management +- Modules for sudorule management +- Modules for topology management +- Modules for user management +- Modules for vault management Supported FreeIPA Versions @@ -42,25 +59,30 @@ Supported Distributions - RHEL/CentOS 7.4+ - Fedora 26+ - Ubuntu +- Debian 10+ (ipaclient only, no server or replica!) Requirements Controller - - Ansible version: 2.5+ + + - Ansible version: 2.8+ (ansible-freeipa is an Ansible Collection) + /usr/bin/kinit is required on the controller if a one time password (OTP) + is used - python3-gssapi is required on the controller if a one time password (OTP) - is used to install the client. + is used with keytab to install the client. Node + - Supported FreeIPA version (see above) - Supported distribution (needed for package installation only, see above) Limitations -External CA support is not supported or working. The currently needed two step -process is an issue for the processing in the role. The configuration of the -server is partly done already and needs to be continued after the CSR has been -handled. This is for example breaking the deployment of a server with replicas -or clients in one playbook. +External signed CA is now supported. But the currently needed two step process +is an issue for the processing in a simple playbook. +Work is planned to have a new method to handle CSR for external signed CAs in +a separate step before starting the server installation. + %prep %setup -q @@ -99,6 +121,10 @@ cp -rp plugins/* %{buildroot}%{_datadir}/ansible/plugins/ %doc playbooks %changelog +* Mon Apr 27 2020 Thomas Woerner - 0.1.10-1 +- Update to version 0.1.10 with fixes and additional modules + https://github.com/freeipa/ansible-freeipa/releases/tag/v0.1.10 + * Mon Mar 16 2020 Thomas Woerner - 0.1.9-1 - Update to version 0.1.8 with lots of fixes and additional modules https://github.com/freeipa/ansible-freeipa/releases/tag/v0.1.9 diff --git a/sources b/sources index 3bbd3e2..7f841ce 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ SHA512 (ansible-freeipa-0.1.9.tar.gz) = 4767bcdb49d207fecddbf20aa683c1c6809a6093dac3a1a5bfb295b4bc0ac3b7870367b4049d8645b971e046566a5f958c075121fc099cde0519a8a37268c051 +SHA512 (ansible-freeipa-0.1.10.tar.gz) = db54333a49ff5ffb61a1a0f874ebf2493df23158d6b5e9ca4ddccc6918cd116ea447f49b8f9f093a9a6b830abad68e481363acc44dec4b16157731582c50c4e2