From ba82363e78333506898cb566cfced6f5567c800e Mon Sep 17 00:00:00 2001
From: Aurélien Bompard <aurelien@bompard.org>
Date: Oct 07 2020 08:05:19 +0000
Subject: Add a role for ipa clients and use it in Ipsilon


Signed-off-by: Aurélien Bompard <aurelien@bompard.org>

---

diff --git a/roles/ipa/client/tasks/main.yml b/roles/ipa/client/tasks/main.yml
new file mode 100644
index 0000000..62564b9
--- /dev/null
+++ b/roles/ipa/client/tasks/main.yml
@@ -0,0 +1,10 @@
+- name: Enroll system as IPA client
+  command:
+    cmd: ipa-client-install
+         --hostname={{ ansible_fqdn }}
+         --domain={{ ipa_realm | lower }}
+         --realm={{ ipa_realm }}
+         --server={{ ipa_server }}
+         -p admin -w {{ ipa_admin_password }}
+         -U -N --force-join
+    creates: /etc/ipa/default.conf
diff --git a/roles/ipsilon/tasks/main.yml b/roles/ipsilon/tasks/main.yml
index 251e922..b8a1913 100644
--- a/roles/ipsilon/tasks/main.yml
+++ b/roles/ipsilon/tasks/main.yml
@@ -121,6 +121,7 @@
   tags:
   - ipsilon
 
+- include_role: ipa/client
 
 - name: Get admin ticket
   shell: echo "{{ipa_admin_password}}" | kinit admin