Default variable details¶
Some of the debops.nslcd
default variables have more extensive
configuration than simple strings or lists, here you can find documentation and
examples for them.
nslcd__configuration¶
The nslcd__*_configuration
variables define the contents of the
/etc/nslcd.conf
configuration file. The variables are merged in order
defined by the nslcd__combined_configuration
variable, which allows
modification of the default configuration through the Ansible inventory. See
nslcd.conf(5) for possible configuration parameters and their values.
Examples¶
See nslcd__default_configuration
variable for an example of
existing configuration.
Limit UNIX accounts and groups that appear on the server based on the host
attribute. The value can be:
host.example.org
orhost
(specific host)*.example.org
(specific subdomain)*
(all hosts)
nslcd__configuration:
- name: 'filter_passwd_group'
comment: 'Limit which UNIX accounts and groups are present on a host'
raw: |
filter passwd (&(objectClass=posixAccount)(|(host={{ ansible_fqdn }})(host=\2a.{{ ansible_domain }})(host={{ ansible_hostname }})(host=\2a)))
filter group (&(objectClass=posixGroupId)(|(host={{ ansible_fqdn }})(host=\2a.{{ ansible_domain }})(host={{ ansible_hostname }})(host=\2a)))
filter shadow (&(objectClass=shadowAccount)(|(host={{ ansible_fqdn }})(host=\2a.{{ ansible_domain }})(host={{ ansible_hostname }})(host=\2a)))
Send debug logs to syslog
to allow easier debugging:
nslcd__configuration:
- name: 'log'
value: 'syslog debug'
Syntax¶
The variables contain a list of YAML dictionaries, each dictionary can have specific parameters:
name
Required. Name of the nslcd.conf(5) configuration option. The configuration options with the same
name
parameter will be merged in order of appearance.If you want to specify multiple configuration options with the same name, make sure that the
name
parameter is unique and use theoption
parameter to specify the "real" option name to use.value
- Required. The value of a given configuration option. It can be either a string, or a YAML list (elements will be joined with spaces).
option
- Optional. When configuration options are specified multiple times, this
parameter can be used to specify the option name instead of the
name
parameter. map
- Optional. Name of the "map" to configure, inserted between the option name, and its value. You can find more about map usage in the nslcd.conf(5) documentation.
raw
- Optional. String or YAML text block which will be included in the
configuration file "as is". If this parameter is specified,
name
,option
andmap
parameters are ignored - you need to specify the entire line(s) with configuration option names as well. state
- Optional. If not defined or
present
, a given configuration option will be included in the generated configuration file. Ifabsent
, a given configuration option will be removed from the generated file. Ifcomment
, the option will be included, but commented out and inactive. Ifignore
, the role will not evaluate the configuration entry during template generation, this can be used for conditional activation of nslcd.conf(5) configuration options. comment
- Optional. String or YAML text block that contains comments about a given configuration option.
separator
- Optional, boolean. If
True
, and additional empty line will be added before a given configuration option to separate it from the other options for readability.