82 lines
3.1 KiB
YAML
82 lines
3.1 KiB
YAML
---
|
|
|
|
- name: Set default api parameters for HTTP
|
|
meta: noop
|
|
vars: &api_defaults
|
|
http_agent: "{{ nc_ldap_meta_http_agent }}"
|
|
headers: "{{ nc_ldap_api_headers }}"
|
|
url_username: "{{ nc_ldap_api_basic_auth_user }}"
|
|
url_password: "{{ nc_ldap_api_basic_auth_password }}"
|
|
force_basic_auth: yes
|
|
force: yes
|
|
when: nc_ldap_api_method == 'http'
|
|
|
|
- name: Check if configuration with given config ID already exists (occ)
|
|
docker_container_exec:
|
|
container: "{{ nc_ldap_container }}"
|
|
command: "{{ nc_ldap_occ_command }} ldap:show-config --output json {{ '--show-password' if nc_ldap_config_agent_password else '' }} {{ nc_ldap_config_id }}"
|
|
user: "{{ nc_ldap_occ_user }}"
|
|
tty: yes
|
|
when: nc_ldap_api_method == 'occ'
|
|
changed_when: false
|
|
check_mode: false
|
|
register: nc_ldap_existing_config_occ
|
|
|
|
- name: Check if configuration with given config ID already exists (http)
|
|
uri:
|
|
<<: *api_defaults
|
|
url: "{{ nc_ldap_api_path }}/{{ nc_ldap_config_id }}{{ query_params }}"
|
|
method: GET
|
|
vars:
|
|
query_params: "?showPassword={{ '1' if nc_ldap_config_agent_password else '0' }}&format={{nc_ldap_api_parameter_format }}"
|
|
when: nc_ldap_api_method == 'http'
|
|
register: nc_ldap_existing_config_api
|
|
|
|
# TODO: Can we force an ID on POST?
|
|
- name: Create ldap configuration with id={{ nc_ldap_config_id }} (http)
|
|
uri:
|
|
<<: *api_defaults
|
|
url: "{{ nc_ldap_api_path }}"
|
|
method: POST
|
|
when: nc_ldap_api_method == 'http' and nc_ldap_existing_config_api.status != 200
|
|
|
|
- name: Create ldap configuration with id={{ nc_ldap_config_id }} (occ)
|
|
docker_container_exec:
|
|
container: "{{ nc_ldap_container }}"
|
|
command: "{{ nc_ldap_occ_command }} ldap:create-empty-config --output json {{ nc_ldap_config_id }}"
|
|
user: "{{ nc_ldap_occ_user }}"
|
|
tty: yes
|
|
when: nc_ldap_api_method == 'occ' and nc_ldap_existing_config_occ.rc != 0 and nc_ldap_config_id not in (nc_ldap_existing_config_occ.stdout | from_json).keys()
|
|
|
|
- name: Parse output of query command to dict
|
|
set_fact:
|
|
nc_ldap_existing_config: "{{ nc_ldap_existing_config_occ.stdout | from_json }}"
|
|
changed_when: false
|
|
|
|
- name: Create changeset
|
|
set_fact:
|
|
nc_ldap_config_changeset: "{{ nc_ldap_config_changeset | combine(changed_entry) }}"
|
|
vars:
|
|
changed_entry: "{{ { item : nc_ldap_config_keys[item] } }}"
|
|
loop: "{{ nc_ldap_config_keys.keys() }}"
|
|
when: nc_ldap_config_keys[item] is defined and nc_ldap_config_keys[item] and nc_ldap_config_keys[item] != nc_ldap_existing_config[nc_ldap_config_id][item]
|
|
|
|
- name: Ensure ldap configuration is in sync (http)
|
|
uri:
|
|
<<: *api_defaults
|
|
url:
|
|
method: PUT
|
|
body:
|
|
body_format: "form-urlencoded"
|
|
loop: "{{ nc_ldap_config_changeset | dict2items }}"
|
|
when: nc_ldap_api_method == 'http'
|
|
|
|
- name: Ensure ldap configuration is in sync (occ)
|
|
docker_container_exec:
|
|
container: "{{ nc_ldap_container }}"
|
|
command: "{{ nc_ldap_occ_command }} ldap:set-config \"{{ nc_ldap_config_id }}\" \"{{ item.key }}\" \"{{ item.value }}\""
|
|
user: "{{ nc_ldap_occ_user }}"
|
|
tty: yes
|
|
loop: "{{ nc_ldap_config_changeset | dict2items }}"
|
|
when: nc_ldap_api_method == 'occ'
|