From f61a2579772f0e4d97f1b70cd8c0acd1d2aa7604 Mon Sep 17 00:00:00 2001
From: Stonewall Jackson <stonewall@sacredheartsc.com>
Date: Sun, 12 Feb 2023 21:43:57 -0500
Subject: freeipa_system_account: add docs

---
 roles/freeipa_system_account/README.md | 37 ++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 roles/freeipa_system_account/README.md

(limited to 'roles/freeipa_system_account')

diff --git a/roles/freeipa_system_account/README.md b/roles/freeipa_system_account/README.md
new file mode 100644
index 0000000..68e4341
--- /dev/null
+++ b/roles/freeipa_system_account/README.md
@@ -0,0 +1,37 @@
+FreeIPA System Account
+======================
+
+Description
+-----------
+
+The `freeipa_system_account` role creates a FreeIPA [system account](https://www.freeipa.org/page/HowTo/LDAP#System_Accounts)
+with the provided username and password.
+
+System accounts are limited to LDAP queries only; they have no POSIX attributes,
+cannot log into any systems, etc.
+
+
+Variables
+---------
+
+This role **accepts** the following variables:
+
+Variable                  | Default | Description
+--------------------------|---------|------------
+`system_account_username` | &nbsp;  | System account username
+`system_account_password` | &nbsp;  | System account password
+
+
+Usage
+-----
+
+Example tasks:
+
+````yaml
+- name: create system account for ldap binds
+  include_role:
+    name: freeipa_system_account
+  vars:
+    system_account_username: apache
+    system_account_password: s3cret
+````
-- 
cgit