AlberTajuelo.kerberos-server

Panoramica Versioni Approfondimenti

ansible-kerberos-server

=======================

Build Status

ansible-kerberos-server is an Ansible role that makes it easy to install a Kerberos Server.

This role is based on the work from "bennojoy/kerberos_server".

Requirements

To use this Ansible role, you will need:

  • Ansible version 2.2 or higher on your deployment machine.
  • Check meta/main.yml for any dependencies.

Installation

ansible-kerberos-server is available globally through Ansible Galaxy. To install this role, run the following command:

$ ansible-galaxy install AlberTajuelo.kerberos-server

Update

To update the role, use the --force option when installing. Here’s the command:

$ ansible-galaxy install --force AlberTajuelo.kerberos-server

Main Workflow

This role will:

  • Download specific Kerberos packages (these packages depend on the operating system).
  • Set up Kerberos Server configuration files like:
    • kdc.conf
    • kadm5.acl
    • krb5.conf
  • Create an administrator user.

Role Variables

Attribute Default Value Description
realm_name REALM.NAME.COM The Realm Name for the Kerberos Server
kdc_port 88 Port for the Kerberos Key Distribution Center (KDC)
master_db_pass m4st3r_p4ssw0rd Password for the Administrator
kadmin_user defaultuser Username for Kadmin
kadmin_pass d3f4ultp4ss Password for Kadmin

Example Playbook

In the example folder, you will find a sample project showing how to deploy a Kerberos Server on two hosts.

To run it, you’ll need Vagrant and the ansible-kerberos-server role installed. For more details on Vagrant, visit https://www.vagrantup.com.

$ cd example/my-playbook
$ vagrant up
$ ansible-playbook -i hosts deploy.yml

You can find more advanced examples in the test folder, which run on Travis-CI.

License

MIT

Future Improvements

  • Allow creating multiple KDC slaves.
  • Option to enable/disable creating an admin user.
  • Disable the link from "/dev/urandom" to "/dev/random" and use a secure random generator tool (like "haveged"?).
  • Install NTP first.
  • Support for multiple KDC ports.
  • Option to enable/disable encryption types.
  • Add more ACLs.
  • Create a list of keytabs.

Author Information

AlberTajuelo (@AlberTajuelo)

Informazioni sul progetto

Create a Kerberos Server fast and easy.

role kadmin kdc kerberos krb5
Installa
ansible-galaxy install AlberTajuelo.kerberos-server
GitHub repository
12 stelle
4 fork
0 problemi aperti
Licenza
mit
Download
125
Proprietario