ipa_service - Manage FreeIPA service
New in version 2.5.
Synopsis
- Add and delete an IPA service using IPA API
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| force |
Force principal name even if host is not in DNS.
|
|
| hosts |
defines the list of 'ManagedBy' hosts
|
|
| ipa_host | Default:
"ipa.example.com"
|
IP or hostname of IPA server.
If the value is not specified in the task, the value of environment variable
IPA_HOST will be used instead.
If both the environment variable
IPA_HOST and the value are not specified in the task, then default value is set.
Environment variable fallback mechanism is added in version 2.5.
|
| ipa_pass
required
|
Password of administrative user.
If the value is not specified in the task, the value of environment variable
IPA_PASS will be used instead.
If both the environment variable
IPA_PASS and the value are not specified in the task, then default value is set.
Environment variable fallback mechanism is added in version 2.5.
|
|
| ipa_port | Default:
443
|
Port of FreeIPA / IPA server.
If the value is not specified in the task, the value of environment variable
IPA_PORT will be used instead.
If both the environment variable
IPA_PORT and the value are not specified in the task, then default value is set.
Environment variable fallback mechanism is added in version 2.5.
|
| ipa_prot |
|
Protocol used by IPA server.
If the value is not specified in the task, the value of environment variable
IPA_PROT will be used instead.
If both the environment variable
IPA_PROT and the value are not specified in the task, then default value is set.
Environment variable fallback mechanism is added in version 2.5.
|
| ipa_user | Default:
"admin"
|
Administrative account used on IPA server.
If the value is not specified in the task, the value of environment variable
IPA_USER will be used instead.
If both the environment variable
IPA_USER and the value are not specified in the task, then default value is set.
Environment variable fallback mechanism is added in version 2.5.
|
| krbcanonicalname
required
|
principal of the service
Can not be changed as it is the unique identifier.
aliases: name |
|
| state |
|
State to ensure
|
| validate_certs | Default:
"yes"
|
This only applies if
ipa_prot is https.
If set to
no, the SSL certificates will not be validated.
This should only set to no used on personally controlled sites using self-signed certificates.
|
Examples
# Ensure service is present
- ipa_service:
name: http/host01.example.com
state: present
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
# Ensure service is absent
- ipa_service:
name: http/host01.example.com
state: absent
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
# Changing Managing hosts list
- ipa_service:
name: http/host01.example.com
host:
- host01.example.com
- host02.example.com
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| service
dict
|
always |
Service as returned by IPA API.
|
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Maintenance
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Author
- Cédric Parent
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.6/modules/ipa_service_module.html