adelgado/ansible-role-prosody-master
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible-role-prosody-master/tasks/configure_ldap.yml

82 lines
No EOL
2 KiB
YAML
Raw Blame History

---
# https://www.fyzix.net/index.php?title=Installing_and_configuring_Prosody_%2B_LDAP_support_%2B_Shared_groups_roster_generator
- name: Ensure SASL authd is configured to use LDAP
lineinfile:
path: /etc/default/saslauthd
regexp: '^MECHANISMS='
line: 'MECHANISMS="ldap"'
create: yes
owner: root
group: root
mode: '0644'
backup: yes
- name: Ensure SASL authd is enabled to use LDAP
lineinfile:
path: /etc/default/saslauthd
regexp: '^START='
line: 'START=yes'
create: yes
owner: root
group: root
mode: '0644'
backup: yes
- name: Ensure SASL authd has LDAP servers configured
lineinfile:
path: /etc/saslauthd.conf
regexp: '^ldap_servers: '
line: "ldap_servers: ldap://{{ ldap_config['server'] }}:{{ ldap_config['port'] }}/"
create: yes
owner: root
group: root
mode: '0644'
backup: yes
notify:
- Restart SASLAuthd
- name: Ensure SASL authd has LDAP search base configured
lineinfile:
path: /etc/saslauthd.conf
regexp: '^ldap_search_base: '
line: "ldap_search_base: {{ ldap_config['search'] }},{{ ldap_config['base_dn'] }}"
create: yes
owner: root
group: root
mode: '0644'
backup: yes
notify:
- Restart SASLAuthd
- name: Ensure SASL folder exists
file:
path: /etc/sasl
state: directory
- name: Ensure SASL XMPP password check is configured
lineinfile:
path: /etc/sasl/xmpp.conf
regexp: '^pwcheck_method: '
line: "pwcheck_method: saslauthd"
create: yes
owner: root
group: root
mode: '0644'
backup: yes
notify:
- Restart SASLAuthd
- name: Ensure SASL XMPP mechanism is configured
lineinfile:
path: /etc/sasl/xmpp.conf
regexp: '^mech_list: '
line: "mech_list: PLAIN"
create: yes
owner: root
group: root
mode: '0644'
backup: yes
notify:
- Restart SASLAuthd
- name: Ensure Prosody user is part of SASL
user:
name: prosody
append: yes
groups:
- sasl
notify:
- Restart Prosody.
Reference in a new issue View git blame Copy permalink