This cookbook provides custom resources and recipes to install and configure FreeIPA
- Ubuntu 14.04 - Client Only
- Ubuntu 16.04 - Client or Replica
- 12.5+
This recipe is an alias for ipa::client
Installs the IPA client packages, then joins an existing realm.
Installs the IPA server packages, then joins and creates a replica of an existing realm.
Installs the IPA server packages, then creates a new realm.
This recipe deals with the brokenness of IPA on Debian/Ubuntu
- request
- nickname
- pem_cert
- pem_cert_owner
- pem_cert_group
- pem_cert_mode
- pem_key
- pem_key_owner
- pem_key_group
- pem_key_mode
- key_size
- auto_renew
- req_subject
- req_principal
- req_dns
- cmd_presave
- cmd_postsave
ipa_certificate 'short-hostname-cert' do
pem_cert '/tmp/short-hostname-cert.crt'
pem_key '/tmp/short-hostname-cert.key''
endipa_certificate 'fqdn-cert' do
pem_cert '/tmp/fqdn-cert.crt'
pem_key '/tmp/fqdn-cert.key'
req_subject node['fqdn']
req_principal "host/#{node['fqdn']}"
endipa_certificate 'fqdn-cert-rabbitmq' do
pem_cert '/etc/rabbitmq/fqdn-cert-rabbitmq.crt'
pem_cert_owner 'rabbitmq'
pem_cert_group 'rabbitmq'
pem_cert_mode '0655'
pem_key '/etc/rabbitmq/fqdn-cert-rabbitmq.key'
pem_key_owner 'rabbitmq'
pem_key_group 'rabbitmq'
pem_key_mode '0660'
req_subject node['fqdn']
req_principal "host/#{node['fqdn']}"
end