Ansible playbook to configure and install LDAP

---

- name: Create the directory for ldap database
  file: path=/var/lib/ldap/{{ openldap_server_domain_name }}/ state=directory owner={{ openldap_server_user }} group={{ openldap_server_user }}

- name: Create the directory for ldap certificates
  file: path={{ openldap_server_app_path }}/certs/ state=directory owner={{ openldap_server_user }} group={{ openldap_server_user }}

- name: Generate the private key for certificate request
  shell: openssl genrsa -des3 -passout pass:password -out my1.key 1024 chdir={{ openldap_server_app_path }}/certs/
         creates={{ openldap_server_app_path }}/certs/my1.key

- name: Strip the passphrase from the key
  shell: openssl rsa -in my1.key -passin pass:password -out my.key chdir={{ openldap_server_app_path }}/certs/
         creates={{ openldap_server_app_path }}/certs/my.key

- name: Create and sign the the new certificate
  shell: openssl req -new -x509 -subj '/C={{ openldap_server_country }}/ST={{ openldap_server_state }}/L={{ openldap_server_location }}/O={{ openldap_server_organization }}/CN={{ ansible_hostname }}/' -days 3650 -key my.key -out cert.crt -extensions v3_ca chdir={{ openldap_server_app_path }}/certs/   creates={{ openldap_server_app_path }}/certs/cert.crt

- name: copy the supporting files
  copy: src=ldap dest=/etc/sysconfig/ldap mode=0755
  when: openldap_server_enable_ssl and ansible_os_family == 'RedHat'
  notify:
   - restart slapd


- name: copy the supporting files
  copy: src=slapd_fedora dest=/etc/sysconfig/slapd mode=0755
  when: openldap_server_enable_ssl and ansible_distribution == "Fedora"
  notify:
   - restart slapd

- name: copy the supporting files
  copy: src=slapd dest=/etc/default/slapd mode=0755
  when: openldap_server_enable_ssl and ansible_os_family == 'Debian'
  notify:
   - restart slapd

- name: start the slapd service
  service: name=slapd state=started enabled=yes
 
- name: Copy the template for creating base dn
  template: src={{ openldap_server_ldif }} dest=/tmp/
  register: result

- name: add the base domain
  shell: ldapadd -x -D "cn=Manager,dc={{ openldap_server_domain_name.split('.')[0] }},dc={{ openldap_server_domain_name.split('.')[1] }}" -w {{ openldap_server_rootpw }} -f {{ result.dest|default(result.path) }} && touch {{ openldap_server_app_path }}/rootdn_created creates={{ openldap_server_app_path }}/rootdn_created

- name: Create the directory for ldap database

  file: path=/var/lib/ldap/{{ openldap_server_domain_name }}/ state=directory owner={{ openldap_server_user }} group={{ openldap_server_user }}

- name: Create the directory for ldap certificates

  file: path={{ openldap_server_app_path }}/certs/ state=directory owner={{ openldap_server_user }} group={{ openldap_server_user }}

- name: Generate the private key for certificate request

  shell: openssl genrsa -des3 -passout pass:password -out my1.key 1024 chdir={{ openldap_server_app_path }}/certs/ 

         creates={{ openldap_server_app_path }}/certs/my1.key

- name: Strip the passphrase from the key 

  shell: openssl rsa -in my1.key -passin pass:password -out my.key chdir={{ openldap_server_app_path }}/certs/ 

         creates={{ openldap_server_app_path }}/certs/my.key

- name: Create and sign the the new certificate 

  shell: openssl req -new -x509 -subj '/C={{ openldap_server_country }}/ST={{ openldap_server_state }}/L={{ openldap_server_location }}/O={{ openldap_server_organization }}/CN={{ ansible_hostname }}/' -days 3650 -key my.key -out cert.crt -extensions v3_ca chdir={{ openldap_server_app_path }}/certs/   creates={{ openldap_server_app_path }}/certs/cert.crt

- name: copy the supporting files

  copy: src=ldap dest=/etc/sysconfig/ldap mode=0755

  when: openldap_server_enable_ssl and ansible_os_family == 'RedHat'

  notify: 

   - restart slapd

- name: copy the supporting files

  copy: src=slapd_fedora dest=/etc/sysconfig/slapd mode=0755

  when: openldap_server_enable_ssl and ansible_distribution == "Fedora"

  notify: 

   - restart slapd

- name: copy the supporting files

  copy: src=slapd dest=/etc/default/slapd mode=0755

  when: openldap_server_enable_ssl and ansible_os_family == 'Debian'

  notify: 

   - restart slapd

- name: start the slapd service

  service: name=slapd state=started enabled=yes 

  

- name: Copy the template for creating base dn

  template: src={{ openldap_server_ldif }} dest=/tmp/

  register: result

- name: add the base domain

  shell: ldapadd -x -D "cn=Manager,dc={{ openldap_server_domain_name.split('.')[0] }},dc={{ openldap_server_domain_name.split('.')[1] }}" -w {{ openldap_server_rootpw }} -f {{ result.dest|default(result.path) }} && touch {{ openldap_server_app_path }}/rootdn_created creates={{ openldap_server_app_path }}/rootdn_created 

Ansible playbook to create shared folder

---

- hosts: unix
  sudo: yes
  connection: local
  tasks:
    - command: groupadd dev2
    - command: groupadd ops2
    - command: mkdir /home/spk2
    - command: chgrp dev /home/spk2

Ansible playbook to configure samba

---
- hosts: unix
  sudo: yes
  connection: local
  tasks:
   - apt:
       name: samba
       state: present
   - template:
       src: '/etc/samba/smb.conf2'
       dest: '/etc/samba/smb.conf2'
       owner: 'root'
       group: 'root'
   

     notify:  Restart Samba service   

  handlers:
   - name: Restart Samba service
     service: name=smb  state=restarted   

Ansible playbook to configure DNS named bind service

---
# tasks file for dns
- name: Install bind
  yum:
    pkg: bind
    state: installed

- name: Set hostname
  hostname:
    name: "{{ host_name }}"

- name: Set hostname fact
  set_fact:
    ansible_fqdn: "{{ host_name }}"

- name: Copy named conf file
  template:
    src: named.conf.j2
    dest: /etc/named.conf
    owner: root
    group: named
    mode: 0660
  notify: restart named

- name: Make named directory
  file:
    path: /etc/named
    state: directory
    owner: root
    group: named
    mode: 0750

- name: Copy named conf local file
  template:
    src: named.conf.local.j2
    dest: /etc/named/named.conf.local
    owner: root
    group: named
    mode: 0640
  notify: restart named


- name: Make zones Directory
  file:
    path: /etc/named/zones
    state: directory
    owner: root
    group: named
    mode: 0750

- name: Copy forward file
  template:
    src: db.forward.j2
    dest: /etc/named/zones/db.{{ domain }}
    owner: root
    group: named
    mode: 0640
  notify: restart named


- name: Copy reverse file
  template:
    src: db.reverse.j2
    dest: /etc/named/zones/db.{{ rev_domain }}
    owner: root
    group: named
    mode: 0640
  notify: restart named

- name: Open firewall port
  firewalld:
    service: dns
    permanent: true
    state: enabled
    immediate: yes

Ansible playbook to Copy named conf local file

- name: Copy named conf local file
  template:
    src: named.conf.local.j2
    dest: /etc/named/named.conf.local
    owner: root
    group: named
    mode: 0640
  notify: restart named

Ansible playbook to Make named directory

 

- name: Make named directory
  file:
    path: /etc/named
    state: directory
    owner: root
    group: named
    mode: 0750

Ansible playbook to Copy named conf file

- name: Copy named conf file
  template:
    src: named.conf.j2
    dest: /etc/named.conf
    owner: root
    group: named
    mode: 0660
  notify: restart named