debops.nsswitch default variables

General configuration

nsswitch__enabled

Enable or disable management of the /etc/nsswitch.conf configuration file by Ansible.

nsswitch__enabled: True

Name Service Switch services

These variables define what NSS services are active on a given host. See nsswitch__services for more details.

nsswitch__default_services

List of default NSS services that should be active on the host and present in the /etc/nsswitch.conf configuration file.

nsswitch__default_services: [ 'compat', 'files', 'dns', 'db', 'nis' ]
nsswitch__services

List of NSS services that should be active on all hosts in the Ansible inventory.

nsswitch__services: []
nsswitch__group_services

List of NSS services that should be active on groups in a specific Ansible inventory group.

nsswitch__group_services: []
nsswitch__host_services

List of NSS services that should be active on specific hosts in the Ansible inventory.

nsswitch__host_services: []
nsswitch__dependent_services

List of NSS services that should be active on a given host, requested by other Ansible roles using dependent role variables.

nsswitch__dependent_services: []
nsswitch__remove_services

List of NSS services which should be explicitly removed from the /etc/nsswitch.conf configuration file.

nsswitch__remove_services: []
nsswitch__combined_services

The combined list of NSS services to manage by the role. This variable is used in the template file to configure what services should be present.

nsswitch__combined_services: '{{ lookup("flattened", (nsswitch__default_services
                                 + nsswitch__services + nsswitch__group_services
                                 + nsswitch__host_services + nsswitch__dependent_services)
                                 | difference(nsswitch__remove_services)).split(",") }}'

Name Service Switch databases

nsswitch__default_database_map

This YAML dictionary defines a mapping between NSS databases and NSS services. The presence of a given NSS service here doesn't mean that it will be activated. See nsswitch__database_map for more details.

nsswitch__default_database_map:
  'passwd':     [ 'compat', 'mymachines', 'systemd', 'sss', 'ldap', 'winbind' ]
  'group':      [ 'compat', 'mymachines', 'systemd', 'sss', 'ldap', 'winbind' ]
  'shadow':     [ 'compat', 'sss' ]
  'gshadow':    [ 'files' ]
  'initgroups': []

  'hosts':

    - 'files'

    - 'mymachines'

    - [ 'mdns_minimal', '[NOTFOUND=return]' ]

    - replace: 'mdns4_minimal'
      service: '{{ "mdns_minimal" if (ansible_local | d() and ansible_local.avahi | d() and
                                      ansible_local.avahi.ipv6 | bool) else "mdns4_minimal" }}'
      action:  '[NOTFOUND=return]'

    - [ 'resolve', '[!UNAVAIL=return]' ]

    - 'dns'

    - 'libvirt'

    - 'libvirt_guest'

    - 'wins'

    - 'myhostname'

  'networks':   [ 'files' ]
  'protocols':  [ 'db',  'files' ]
  'services':   [ 'db',  'files', 'sss', 'ldap' ]
  'ethers':     [ 'db',  'files' ]
  'rpc':        [ 'db',  'files' ]
  'netgroup':   [ 'nis', 'sss', 'ldap' ]
  'publickey':  []
  'aliases':    []
  'sudoers':

    - { service: 'files', require: False }
    - { service: 'sss',   require: False }
    - { service: 'ldap',  require: False }

  'automount':

    - { service: 'files', require: False }
    - { service: 'sss',   require: False }
    - { service: 'ldap',  require: False }
nsswitch__database_map

YAML dictionary which defines the mapping between NSS databases and NSS services for all hosts in Ansible inventory.

nsswitch__database_map: {}
nsswitch__group_database_map

YAML dictionary which defines the mapping between NSS databases and NSS services for hosts in specific Ansible inventory group.

nsswitch__group_database_map: {}
nsswitch__host_database_map

YAML dictionary which defines the mapping between NSS databases and NSS services for specific hosts in Ansible inventory.

nsswitch__host_database_map: {}
nsswitch__combined_database_map

The combined default and custom database map variable used in the template.

nsswitch__combined_database_map: '{{ nsswitch__default_database_map
                                     | combine(nsswitch__database_map)
                                     | combine(nsswitch__group_database_map)
                                     | combine(nsswitch__host_database_map) }}'
nsswitch__database_groups

This list variable defines the "layout" of the generated /etc/nsswitch.conf configuration file. Each list contains a list of NSS databases grouped together for convenience and aestethic purposes.

nsswitch__database_groups:
  - [ 'passwd', 'group', 'shadow', 'gshadow', 'initgroups' ]
  - [ 'hosts', 'networks' ]
  - [ 'protocols', 'services', 'ethers', 'rpc' ]
  - [ 'netgroup' ]
  - [ 'aliases', 'sudoers', 'automount' ]