aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--personal_infra/playbooks/join_ipa.yaml21
-rw-r--r--personal_infra/puppet/site/01-ipa.pp7
2 files changed, 28 insertions, 0 deletions
diff --git a/personal_infra/playbooks/join_ipa.yaml b/personal_infra/playbooks/join_ipa.yaml
new file mode 100644
index 00000000..4bfe8585
--- /dev/null
+++ b/personal_infra/playbooks/join_ipa.yaml
@@ -0,0 +1,21 @@
+---
+- name: join ipa
+ hosts: all
+ collections:
+ - ansible.builtin
+ - community.general
+
+ tasks:
+ - name: join
+ # TODO:
+ # -N: no NTP (LXC doesn't need NTP)
+ command: ipa-client-install -U -N --domain={{ freeipa.domain }} -w {{ freeipa.join_password }} --mkhomedir -p {{ freeipa.join_user }}
+ - name: set idmappings
+ blockinfile:
+ path: /etc/pve/lxc/{{ proxmox.id }}.conf
+ block: |
+ lxc.idmap = u 0 100000 65536
+ lxc.idmap = g 0 100000 65536
+ lxc.idmap = u {{ freeipa.idrange_start }} {{ freeipa.idrange_start }} {{ freeipa.idrange_size }}
+ lxc.idmap = g {{ freeipa.idrange_start }} {{ freeipa.idrange_start }} {{ freeipa.idrange_size }}
+ delegate_to: "{{ proxmox.host }}"
diff --git a/personal_infra/puppet/site/01-ipa.pp b/personal_infra/puppet/site/01-ipa.pp
new file mode 100644
index 00000000..44f7816c
--- /dev/null
+++ b/personal_infra/puppet/site/01-ipa.pp
@@ -0,0 +1,7 @@
+$ipa_client_package = case $facts['os']['family'] {
+ 'Debian': { 'freeipa-client' }
+ 'RedHat': { 'ipa-client' }
+ default: { fail($facts['os']['family']) }
+}
+
+package {$ipa_client_package:}
generated by cgit v1.2.3 (git 2.46.0) at 2026-02-02 06:53:58 +0000