freeipa / freeipa.ansible_freeipa / 1.11.1 / module / ipaserver_prepare Prepare IPA server deployment Authors: Thomas Woerner (@t-woerner) preview | supported by communityfreeipa.ansible_freeipa.ipaserver_prepare (1.11.1) — module
Install with ansible-galaxy collection install freeipa.ansible_freeipa:==1.11.1
collections: - name: freeipa.ansible_freeipa version: 1.11.1
Prepare IPA server deployment
force: default: false description: Installer force parameter required: false type: bool realm: description: Kerberos realm name of the IPA deployment required: true type: str domain: description: Primary DNS domain of the IPA deployment required: true type: str hostname: description: Fully qualified name of this host required: false type: str password: description: Admin user kerberos password required: true type: str rid_base: description: Start value for mapping UIDs and GIDs to RIDs required: false type: int setup_ca: default: false description: Configure a dogtag CA required: false type: bool setup_dns: default: false description: Configure bind with our zone required: false type: bool setup_kra: default: false description: Configure a dogtag KRA required: false type: bool ca_subject: description: The installer ca_subject setting required: false type: str forwarders: description: Add DNS forwarders elements: str required: false type: list no_reverse: default: false description: Do not create new reverse DNS zone required: false type: bool dm_password: description: Directory Manager password required: true type: str external_ca: description: External ca setting required: false type: bool no_host_dns: default: false description: Do not use DNS for hostname lookup during installation required: false type: bool auto_reverse: default: false description: Create necessary reverse zones required: false type: bool ip_addresses: description: List of Master Server IP Addresses elements: str required: false type: list netbios_name: description: NetBIOS name of the IPA domain required: false type: str subject_base: description: The certificate subject base (default O=<realm-name>). RDNs are in LDAP order (most specific RDN first). required: false type: str ca_cert_files: description: List of files containing CA certificates for the service certificate files elements: str required: false type: list enable_compat: default: false description: Enable support for trusted domains for old clients required: false type: bool no_forwarders: default: false description: Do not add any DNS forwarders, use root servers instead required: false type: bool reverse_zones: description: The reverse DNS zones to use elements: str required: false type: list setup_adtrust: default: false description: Configure AD trust capability required: false type: bool forward_policy: choices: - first - only description: DNS forwarding policy for global forwarders required: false type: str auto_forwarders: default: false description: Use DNS forwarders configured in /etc/resolv.conf required: false type: bool external_ca_type: description: Type of the external CA required: false type: str allow_zone_overlap: default: false description: Create DNS zone even if it already exists required: false type: bool secondary_rid_base: description: Start value of the secondary range for mapping UIDs and GIDs to RIDs required: false type: int external_ca_profile: description: Specify the certificate profile/template to use at the external CA required: false type: str external_cert_files: description: File containing the IPA CA certificate and the external CA certificate chain elements: str required: false type: list _hostname_overridden: default: false description: The installer _hostname_overridden setting required: false type: bool no_dnssec_validation: default: false description: Disable DNSSEC validation required: false type: bool random_serial_numbers: default: false description: Enable random serial numbers required: false type: bool sid_generation_always: default: false description: Enable SID generation always required: false type: bool