Updates for AniNIX/Password

2025-09-29 16:33:35 -05:00
parent 78af592485
commit 25c9872a0a
8 changed files with 77 additions and 146 deletions
--- a/roles/Password/tasks/audit.yml
+++ b/roles/Password/tasks/audit.yml
@@ -0,0 +1,8 @@
+---
+
+ - name: Enable timer for auditing Password
+   become: yes
+   service:
+     name: ldap-userreport.timer
+     state: started
+     enabled: yes
--- a/roles/Password/tasks/daemon.yml
+++ b/roles/Password/tasks/daemon.yml
@@ -1,14 +1,6 @@
 ---
- - name: Create the base config
-   become: yes
-   template:
-     src: slapd.ldif
-     dest: /etc/openldap/slapd.ldif
-     owner: ldap
-     group: ldap
-     mode: 0640
-
 - name: Create the directories
+   become: yes
   file:
     path: "{{ item }}"
     owner: ldap
@@ -21,15 +13,25 @@
     - /etc/openldap/groups.d
     - /etc/openldap/slapd.d

- - name: Initialize the instance
-   become: yes
-   command:
-     cmd: slapadd -n 0 -F /etc/openldap/slapd.d/ -l /etc/openldap/config.ldif && chown -R ldap: /etc/openldap
-     creates: /etc/openldap/slapd.d/cn=config
+ # - name: Create the base config
+ #   become: yes
+ #   template:
+ #     src: slapd.ldif
+ #     dest: /etc/openldap/slapd.ldif
+ #     owner: ldap
+ #     group: ldap
+ #     mode: 0640
+
+ # - name: Initialize the instance
+ #   become: yes
+ #   command:
+ #     cmd: "slapadd -n 0 -F /etc/openldap/slapd.d/ -l /etc/openldap/config.ldif && chown -R ldap: /etc/openldap"
+ #     creates: /etc/openldap/slapd.d/cn=config

 - name: Ensure the service
   become: yes
+   ignore_errors: true
   service:
     name: slapd
-     state: restarted
+     state: started
     enabled: yes
--- a/roles/Password/tasks/main.yml
+++ b/roles/Password/tasks/main.yml
@@ -4,6 +4,7 @@
   package:
     name:
       - openldap
+       - freeradius
       - Password-Scripts

 - include_tasks: daemon.yml
@@ -11,3 +12,7 @@
 - include_tasks: login.yml

 - include_tasks: web.yml
+
+ - include_tasks: audit.yml
+
+ - include_tasks: freeradius.yml
--- a/roles/Password/tasks/web.yml
+++ b/roles/Password/tasks/web.yml
@@ -5,6 +5,7 @@
   git:
     repo: https://github.com/ltb-project/self-service-password
     dest: /usr/share/webapps/self-service-password
+     update: no

 - name: Ensure web portal ownership
   file:
@@ -17,7 +18,7 @@
 - name: Web portal config
   become: yes
   template:
-     src: config.inc.php.j2
+     src: ltb-ssp.config.inc.php.j2
     dest: /usr/share/webapps/self-service-password/conf/config.inc.php
     owner: http
     group: http