saslauthd
Ansible role saslauthd
Configure Cyrus saslauthd deamon.
Features
- Idempotent.
- Able to manage all authentification mechanisms and their options.
- Configure
/etc/saslauthd.conf
and/etc/ldap/ldap.conf
files for LDAP authentification mechanism. - Debian friendly (Ubuntu soon, anyone for Redhat likes and other platforms?).
- A developer/maintainer willing to receive feedback and bug reports.
Requirements
This role must be run as root
but will not become
by itself.
Role Variables
Name | Default | Description |
---|---|---|
saslauthd_mechanism |
"pam" |
Authentification mechanism. |
saslauthd_mech_options |
"" |
Mechanism specific options (-O of saslauthd , see saslauthd(8) ). |
saslauthd_threads |
5 |
Use threads processes for responding to authentication queries (-n ). |
saslauthd_options |
"-c -m /var/run/saslauthd" |
All other options for saslauthd (see saslauthd(8) ). |
saslauthd_mech_ldap_servers |
required if saslauthd_mechanism is ldap |
Array of LDAP servers (ldap_servers in saslauthd.conf ). |
saslauthd_mech_ldap_search_base |
required if saslauthd_mechanism is ldap |
Search base for LDAP requests (ldap_search_base in saslauthd.conf ). |
saslauthd_mech_ldap_config |
{ldap_version: 3} |
Options for ldap mechanism to be written into /etc/saslauthd.conf . |
saslauthd_lib_ldap_config |
{TLS_CACERT: "/etc/ssl/certs/ca-certificates.crt"} |
Options for LDAP library to be written into /etc/ldap/ldap.conf (see ldap.conf(5) ). |
Dependencies
None.
Example Playbooks
Minimal playbook:
- name: Minimal playbook for role seb4itik.saslauthd (default mechanism "pam")
hosts: mail
roles:
- "seb4itik.saslauthd"
More complete example:
- name: Example playbook for role seb4itik.saslauthd (mechanism "ldap")
hosts: mail
vars:
saslauthd_mechanism: "ldap"
saslauthd_threads: 10
saslauthd_mech_ldap_servers: ["ldaps://ldap.{{ my_domain }}/"]
saslauthd_mech_ldap_search_base: "{{ my_ldap_base_dn }}"
roles:
- "seb4itik.saslauthd"
TODO
- Write tests.
- Other platforms (Ubuntu, Redhat, ...).
License
MIT
Author Information
About
Install and configure Cyrus SASL authentification daemon (saslauthd).
Install
ansible-galaxy install seb4itik/ansible-saslauthd
License
mit
Downloads
35
Owner