classes/cluster/aaa-ha-freeipa/aaa/freeipa_server.yml - salt-models/mcp-virtual-lab - Gitiles

 classes:
 # RHEL/Centos based
 #- system.linux.system.repo.saltstack.rhel7
 #- system.haproxy.proxy.listen.
 #- system.salt.minion.cert.
 - system.mysql.client
 #- system.freeipa.server.cluster
 - cluster.aaa-ha-freeipa.aaa
 parameters:
   _param:
     linux_system_codename: centos
     keepalived_vip_interface: ${_param:primary_interface}
     keepalived_vip_virtual_router_id: 99

     freeipa_admin_password: password
     freeipa_ldap_password: password
     mysql_admin_user: admin
     mysql_admin_password: password
     freeipa_principal_user: principal
     freeipa_dns_zone: aaa-freeipa.local
     freeipa_realm: ${_param:cluster_domain}

   freeipa:
     server:
       realm: ${_param:cluster_domain}
       domain: ${_param:cluster_domain}
       servers:
         - idm01.${_param:cluster_domain}
         - idm02.${_param:cluster_domain}
         - idm03.${_param:cluster_domain}
       admin:
         password: ${_param:freeipa_admin_password}
       ldap:
         password: ${_param:freeipa_ldap_password}
       dns:
         key:
           axfrkey:
             # bind9utils
             # dnssec-keygen -a HMAC-MD5 -b 128 -n HOST rndc-key
             secret: "xoDeAf49FmBTiJWRJ1zNng=="
             algorithm: hmac-md5
             # algorithm: hmac-sha512
         zone:
           # Main zones
           aaa-freeipa.local: ${_param:freeipa_dns_zone}

           # Additional/Internal zones
           # opencontrail.cz: ${_param:freeipa_dns_zone}

           # Reverse zones
           # 105.0.10.in-addr.arpa: ${_param:freeipa_dns_zone_reverse}
	classes:
	# RHEL/Centos based
	#- system.linux.system.repo.saltstack.rhel7
	#- system.haproxy.proxy.listen.
	#- system.salt.minion.cert.
	- system.mysql.client
	#- system.freeipa.server.cluster
	- cluster.aaa-ha-freeipa.aaa
	parameters:
	_param:
	linux_system_codename: centos
	keepalived_vip_interface: ${_param:primary_interface}
	keepalived_vip_virtual_router_id: 99

	freeipa_admin_password: password
	freeipa_ldap_password: password
	mysql_admin_user: admin
	mysql_admin_password: password
	freeipa_principal_user: principal
	freeipa_dns_zone: aaa-freeipa.local
	freeipa_realm: ${_param:cluster_domain}

	freeipa:
	server:
	realm: ${_param:cluster_domain}
	domain: ${_param:cluster_domain}
	servers:
	- idm01.${_param:cluster_domain}
	- idm02.${_param:cluster_domain}
	- idm03.${_param:cluster_domain}
	admin:
	password: ${_param:freeipa_admin_password}
	ldap:
	password: ${_param:freeipa_ldap_password}
	dns:
	key:
	axfrkey:
	# bind9utils
	# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST rndc-key
	secret: "xoDeAf49FmBTiJWRJ1zNng=="
	algorithm: hmac-md5
	# algorithm: hmac-sha512
	zone:
	# Main zones
	aaa-freeipa.local: ${_param:freeipa_dns_zone}

	# Additional/Internal zones
	# opencontrail.cz: ${_param:freeipa_dns_zone}

	# Reverse zones
	# 105.0.10.in-addr.arpa: ${_param:freeipa_dns_zone_reverse}