diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..26fca68 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/ansible-freeipa-0.1.1.tar.gz diff --git a/ansible-freeipa.spec b/ansible-freeipa.spec new file mode 100644 index 0000000..fd8ba6d --- /dev/null +++ b/ansible-freeipa.spec @@ -0,0 +1,98 @@ +# Turn off automatic python byte compilation because these are Ansible +# roles and the files are transferred to the node and compiled there with +# the python verison used in the node +%define __brp_python_bytecompile %{nil} + +Summary: Roles and playbooks to deploy FreeIPA servers, replicas and clients +Name: ansible-freeipa +Version: 0.1.1 +Release: 1%{?dist} +URL: https://github.com/freeipa/ansible-freeipa +License: GPLv3+ +Source: https://github.com/freeipa/ansible-freeipa/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +BuildArch: noarch + +#Requires: ansible + +%description +ansible-freeipa provides Ansible roles and playbooks to install and uninstall +FreeIPA servers, replicas and clients. + +Note: The ansible playbooks and roles require a configured ansible environment +where the ansible nodes are reachable and are properly set up to have an IP +address and a working package manager. + +Features + +- Server, replica and client deployment +- Cluster deployments: Server, replicas and clients in one playbook +- One-time-password (OTP) support for client installation +- Repair mode for clients + +Supported FreeIPA Versions + +FreeIPA versions 4.6 and up are supported by all roles. + +The client role supports versions 4.4 and up, the server role is working with +versions 4.5 and up, the replica role is currently only working with versions +4.6 and up. + +Supported Distributions + +- RHEL/CentOS 7.4+ +- Fedora 26+ +- Ubuntu + +Requirements + + Controller + - Ansible version: 2.5+ + - python3-gssapi is required on the controller if a one time password (OTP) + is used to install the client. + + Node + - Supported FreeIPA version (see above) + - Supported distribution (needed for package installation only, see above) + +Limitations + +External CA support is not supported or working. The currently needed two step +process is an issue for the processing in the role. The configuration of the +server is partly done already and needs to be continued after the CSR has been +handled. This is for example breaking the deployment of a server with replicas +or clients in one playbook. + +%prep +%setup -q +# Fix python modules and module utils: +# - Remove shebang +# - Remove execute flag +for i in roles/ipa*/library/*.py roles/ipa*/module_utils/*.py; do + sed -i '/\/usr\/bin\/python*/d' $i + chmod a-x $i +done +# Add execute flag to py3test.py scripts +chmod a+x roles/ipa*/files/py3test.py + +%build + +%install +install -m 755 -d %{buildroot}%{_datadir}/ansible/roles/ +cp -rp roles/ipaserver %{buildroot}%{_datadir}/ansible/roles/ +cp -rp roles/ipareplica %{buildroot}%{_datadir}/ansible/roles/ +cp -rp roles/ipaclient %{buildroot}%{_datadir}/ansible/roles/ + +%files +%license COPYING +%{_datadir}/ansible/roles/ipaserver +%{_datadir}/ansible/roles/ipareplica +%{_datadir}/ansible/roles/ipaclient +%doc README.md +%doc SERVER.md +%doc REPLICA.md +%doc CLIENT.md +%doc *install-*.yml + +%changelog +* Mon May 6 2019 Thomas Woerner - 0.1.1-1 +- Initial package diff --git a/sources b/sources new file mode 100644 index 0000000..2345297 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (ansible-freeipa-0.1.1.tar.gz) = 8a0e7bfd3f84f80ab2843557ab11cae9d98d3f3e5b705505ff26f784424e9f986f2091058359c1df5dce1441b418ee62f0261ba1d93252eeb288f950946330b0