added ldap-replica support for ldap-clients of pacaterie and fleming

This commit is contained in:
fpoutre 2020-02-20 18:42:34 +01:00
parent 73a22ba77f
commit 3a399bd04c
5 changed files with 229 additions and 53 deletions

View file

@ -12,6 +12,6 @@
# Clone LDAP on local geographic location
# DON'T DO THIS AS IT RECREATES THE REPLICA
# - hosts: ldap-replica
# roles:
# - ldap-replica
#- hosts: ldap-replica
# roles:
# - ldap-replica

4
copy_keys_to_aurore.sh Executable file
View file

@ -0,0 +1,4 @@
#!/bin/bash
for ip in `cat hosts|grep .adm.auro.re`; do
sshpass -v -p "6+Fwa9h2L>L6]C*y" ssh-copy-id -o StrictHostKeyChecking=no fpoutre@$ip
done

98
hosts
View file

@ -6,44 +6,44 @@
# > Then we regroup everything in global geographic and type groups.
[aurore_pve]
merlin.adm.auro.re
#merlin.adm.auro.re
[aurore_vm]
radius-aurore.adm.auro.re
#radius-aurore.adm.auro.re
[ovh_pve]
horus.adm.auro.re
#horus.adm.auro.re
[ovh_container]
synapse.adm.auro.re
services-bdd.adm.auro.re
phabricator.adm.auro.re
wiki.adm.auro.re
www.adm.auro.re
proxy.adm.auro.re
matrix-services.adm.auro.re
#synapse.adm.auro.re
#services-bdd.adm.auro.re
#phabricator.adm.auro.re
#wiki.adm.auro.re
#www.adm.auro.re
#proxy.adm.auro.re
#matrix-services.adm.auro.re
[ovh_vm]
re2o-server.adm.auro.re
re2o-ldap.adm.auro.re
re2o-db.adm.auro.re
serge.adm.auro.re
passbolt.adm.auro.re
vpn-ovh.adm.auro.re
docker-ovh.adm.auro.re
switchs-manager.adm.auro.re
radius-aurore.adm.auro.re
#re2o-server.adm.auro.re
#re2o-ldap.adm.auro.re
#re2o-db.adm.auro.re
#serge.adm.auro.re
#passbolt.adm.auro.re
#vpn-ovh.adm.auro.re
#docker-ovh.adm.auro.re
#switchs-manager.adm.auro.re
#radius-aurore.adm.auro.re
[ovh_testing_vm]
re2o-test.adm.auro.re
#re2o-test.adm.auro.re
[fleming_pve]
freya.adm.auro.re
marki.adm.auro.re
[fleming_vm]
ldap-replica-fleming1.adm.auro.re
ldap-replica-fleming2.adm.auro.re
ldap-replica-fleming.adm.auro.re
ldap-replica-fleming-backup.adm.auro.re
dhcp-fleming.adm.auro.re
dhcp-fleming-backup.adm.auro.re
dns-fleming.adm.auro.re
@ -74,25 +74,25 @@ routeur-pacaterie.adm.auro.re
routeur-pacaterie-backup.adm.auro.re
[edc_pve]
chapalux.adm.auro.re
#chapalux.adm.auro.re
[edc_vm]
routeur-edc.adm.auro.re
dns-edc.adm.auro.re
dhcp-edc.adm.auro.re
unifi-edc.adm.auro.re
radius-edc.adm.auro.re
routeur-aurore.adm.auro.re
#routeur-edc.adm.auro.re
#dns-edc.adm.auro.re
#dhcp-edc.adm.auro.re
#unifi-edc.adm.auro.re
#radius-edc.adm.auro.re
#routeur-aurore.adm.auro.re
[gs_pve]
perceval.adm.auro.re
#perceval.adm.auro.re
[gs_vm]
routeur-gs.adm.auro.re
unifi-gs.adm.auro.re
radius-gs.adm.auro.re
dns-gs.adm.auro.re
dhcp-gs.adm.auro.re
#routeur-gs.adm.auro.re
#unifi-gs.adm.auro.re
#radius-gs.adm.auro.re
#dns-gs.adm.auro.re
#dhcp-gs.adm.auro.re
# everything at ovh
[ovh:children]
@ -144,23 +144,25 @@ edc_pve
gs_pve
[dhcp]
dhcp-fleming.adm.auro.re
dhcp-fleming-backup.adm.auro.re
dhcp-pacaterie.adm.auro.re
dhcp-pacaterie-backup.adm.auro.re
dhcp-edc.adm.auro.re
dhcp-gs.adm.auro.re
#dhcp-fleming.adm.auro.re
#dhcp-fleming-backup.adm.auro.re
#dhcp-pacaterie.adm.auro.re
#dhcp-pacaterie-backup.adm.auro.re
#dhcp-edc.adm.auro.re
#dhcp-gs.adm.auro.re
[dns]
dns-fleming.adm.auro.re
dns-fleming-backup.adm.auro.re
dns-pacaterie.adm.auro.re
dns-pacaterie-backup.adm.auro.re
dns-edc.adm.auro.re
dns-gs.adm.auro.re
#dns-fleming.adm.auro.re
#dns-fleming-backup.adm.auro.re
#dns-pacaterie.adm.auro.re
#dns-pacaterie-backup.adm.auro.re
#dns-edc.adm.auro.re
#dns-gs.adm.auro.re
[ldap-replica]
[ldap_replica_fleming]
ldap-replica-fleming.adm.auro.re
ldap-replica-fleming-backup.adm.auro.re
[ldap_replica_pacaterie]
ldap-replica-pacaterie.adm.auro.re
ldap-replica-pacaterie-backup.adm.auro.re

165
hosts.save.1 Normal file
View file

@ -0,0 +1,165 @@
# Aurore servers inventory
# How to name your server ?
# > We name servers according to location, then type.
# > So all containers at OVH are in ovh-container.
# > Then we regroup everything in global geographic and type groups.
[aurore_pve]
merlin.adm.auro.re
[aurore_vm]
radius-aurore.adm.auro.re
[ovh_pve]
horus.adm.auro.re
[ovh_container]
synapse.adm.auro.re
services-bdd.adm.auro.re
phabricator.adm.auro.re
wiki.adm.auro.re
www.adm.auro.re
proxy.adm.auro.re
matrix-services.adm.auro.re
[ovh_vm]
re2o-server.adm.auro.re
re2o-ldap.adm.auro.re
re2o-db.adm.auro.re
serge.adm.auro.re
passbolt.adm.auro.re
vpn-ovh.adm.auro.re
docker-ovh.adm.auro.re
switchs-manager.adm.auro.re
radius-aurore.adm.auro.re
[ovh_testing_vm]
re2o-test.adm.auro.re
[fleming_pve]
freya.adm.auro.re
marki.adm.auro.re
[fleming_vm]
ldap-replica-fleming.adm.auro.re
ldap-replica-fleming-backup.adm.auro.re
dhcp-fleming.adm.auro.re
dhcp-fleming-backup.adm.auro.re
dns-fleming.adm.auro.re
dns-fleming-backup.adm.auro.re
prometheus-fleming.adm.auro.re
radius-fleming.adm.auro.re
radius-fleming-backup.adm.auro.re
unifi-fleming.adm.auro.re
routeur-fleming.adm.auro.re
routeur-fleming-backup.adm.auro.re
[pacaterie_pve]
mordred.adm.auro.re
titan.adm.auro.re
[pacaterie_vm]
ldap-replica-pacaterie.adm.auro.re
ldap-replica-pacaterie-backup.adm.auro.re
dhcp-pacaterie.adm.auro.re
dhcp-pacaterie-backup.adm.auro.re
dns-pacaterie.adm.auro.re
dns-pacaterie-backup.adm.auro.re
prometheus-pacaterie.adm.auro.re
radius-pacaterie.adm.auro.re
radius-pacaterie-backup.adm.auro.re
unifi-pacaterie.adm.auro.re
routeur-pacaterie.adm.auro.re
routeur-pacaterie-backup.adm.auro.re
[edc_pve]
chapalux.adm.auro.re
[edc_vm]
routeur-edc.adm.auro.re
dns-edc.adm.auro.re
dhcp-edc.adm.auro.re
unifi-edc.adm.auro.re
radius-edc.adm.auro.re
routeur-aurore.adm.auro.re
[gs_pve]
perceval.adm.auro.re
[gs_vm]
routeur-gs.adm.auro.re
unifi-gs.adm.auro.re
radius-gs.adm.auro.re
dns-gs.adm.auro.re
dhcp-gs.adm.auro.re
# everything at ovh
[ovh:children]
ovh_pve
ovh_container
ovh_vm
# everything at ovh_testing
[ovh_testing:children]
ovh_testing_vm
# everything at fleming
[fleming:children]
fleming_pve
fleming_vm
# everything at pacaterie
[pacaterie:children]
pacaterie_pve
pacaterie_vm
# everything at edc
[edc:children]
edc_pve
edc_vm
# everything at georgesand
[gs:children]
gs_pve
gs_vm
# every LXC container
[container:children]
ovh_container
# every virtual machine
[vm:children]
ovh_vm
fleming_vm
pacaterie_vm
gs_vm
# every PVE
[pve:children]
ovh_pve
fleming_pve
pacaterie_pve
edc_pve
gs_pve
[dhcp]
dhcp-fleming.adm.auro.re
dhcp-fleming-backup.adm.auro.re
dhcp-pacaterie.adm.auro.re
dhcp-pacaterie-backup.adm.auro.re
dhcp-edc.adm.auro.re
dhcp-gs.adm.auro.re
[dns]
dns-fleming.adm.auro.re
dns-fleming-backup.adm.auro.re
dns-pacaterie.adm.auro.re
dns-pacaterie-backup.adm.auro.re
dns-edc.adm.auro.re
dns-gs.adm.auro.re
[ldap-replica]
ldap-replica-fleming.adm.auro.re
ldap-replica-fleming-backup.adm.auro.re
ldap-replica-pacaterie-backup.adm.auro.re

View file

@ -5,11 +5,16 @@ uid nslcd
gid nslcd
# The location at which the LDAP server(s) should be reachable.
{% if ldap_local_replica_uri is defined %}
{% for uri in ldap_local_replica_uri %}
{% if 'fleming_vm' in group_names or 'fleming_pve' in group_names %}
{% for uri in groups['ldap_replica_fleming'] %}
uri {{ uri }}
{% endfor %}
{% endif %}
{% if 'pacaterie_vm' in group_names or 'pacaterie_pve' in group_names %}
{% for uri in groups['ldap_replica_pacaterie'] %}
uri ldap://{{ uri }}
{% endfor %}
{% endif %}
uri {{ ldap_master_uri }}
# The search base that will be used for all queries.