From 865e2f05621fc10f3d332d3840707997c0b94abf Mon Sep 17 00:00:00 2001 From: Stonewall Jackson Date: Mon, 12 Jun 2023 21:02:22 -0400 Subject: add mastodon role --- .../usr/local/share/dirsrv/schema/mastodon.ldif | 3 ++ roles/freeipa_server/tasks/custom_schema.yml | 51 ++++++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 roles/freeipa_server/files/usr/local/share/dirsrv/schema/mastodon.ldif (limited to 'roles/freeipa_server') diff --git a/roles/freeipa_server/files/usr/local/share/dirsrv/schema/mastodon.ldif b/roles/freeipa_server/files/usr/local/share/dirsrv/schema/mastodon.ldif new file mode 100644 index 0000000..f90bc66 --- /dev/null +++ b/roles/freeipa_server/files/usr/local/share/dirsrv/schema/mastodon.ldif @@ -0,0 +1,3 @@ +dn: cn=config +attributetypes: ( 2.25.10508909625911985622145696820691585120.4 NAME 'mastodonUsername' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Extending FreeIPA' ) +objectclasses: ( 2.25.10508909625911985622145696820691585120.3 NAME 'mastodonUser' AUXILIARY MAY mastodonUsername X-ORIGIN 'Extending FreeIPA' ) diff --git a/roles/freeipa_server/tasks/custom_schema.yml b/roles/freeipa_server/tasks/custom_schema.yml index 73456e3..849b524 100644 --- a/roles/freeipa_server/tasks/custom_schema.yml +++ b/roles/freeipa_server/tasks/custom_schema.yml @@ -11,6 +11,7 @@ loop: - jid - matrix + - mastodon # begin JIDObject schema @@ -109,6 +110,54 @@ when: matrixusername_index.changed # end matrixUser schema +# begin mastodonUser schema +- name: check if mastodonUser exists in schema + shell: ldapsearch -QLLL -s base -b cn=schema objectclasses | grep -q mastodonUser + changed_when: no + failed_when: no + register: ldapsearch_mastodonuser + +- block: + - name: extend freeipa schema for mastodon usernames + command: ipa-ldap-updater --schema-file '{{ freeipa_custom_schema_dir }}/mastodon.ldif' + + - name: restart httpd + systemd: + name: httpd + state: restarted + when: ldapsearch_mastodonuser.rc != 0 + +- name: add index to mastodonUsername attribute + ldap_entry: + dn: 'cn=mastodonUsername,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config' + objectClass: + - top + - nsIndex + attributes: + cn: mastodonUsername + nsSystemIndex: false + nsIndexType: eq + bind_dn: cn=Directory Manager + bind_pw: '{{ freeipa_ds_password }}' + server_uri: ldaps://{{ ipa_host }} + register: mastodonusername_index + +- name: regenerate indexes for mastodonUsername attribute + ldap_entry: + dn: cn=mastodonusernameindex,cn=index,cn=tasks,cn=config + objectClass: + - top + - extensibleObject + attributes: + cn: mastodonusernameindex + nsInstance: userRoot + nsIndexAttribute: 'mastodonUsername:eq' + bind_dn: cn=Directory Manager + bind_pw: '{{ freeipa_ds_password }}' + server_uri: ldaps://{{ ipa_host }} + when: mastodonusername_index.changed +# end mastodonUser schema + - name: add default user object classes ldap_attrs: dn: cn=ipaConfig,cn=etc,{{ freeipa_basedn }} @@ -117,6 +166,7 @@ - mailRecipient - JIDObject - matrixUser + - mastodonUser state: present bind_dn: cn=Directory Manager bind_pw: '{{ freeipa_ds_password }}' @@ -142,6 +192,7 @@ - mailAlternateAddress - jid - matrixUsername + - mastodonUsername action: member state: present -- cgit