ipaserver: Delay enabling services until end of installer

Service entries in cn=FQDN,cn=masters,cn=ipa,cn=etc are no longer created as enabled. Instead they are flagged as configuredService. At the very end of the installer, the service entries are switched from configured to enabled service. This is related to freeipa upstream commit: Delay enabling services until end of installer: freeipa/freeipa@7284097
freeipa · Nov 22, 2018 · a128726 · a128726
1 parent 73b0505
commit a128726
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/roles/ipaserver/library/ipaserver_enable_ipa.py b/roles/ipaserver/library/ipaserver_enable_ipa.py
@@ -53,6 +53,7 @@ def main():
     ansible_module = AnsibleModule(
         argument_spec = dict(
             hostname=dict(required=False),
+            setup_dns=dict(required=True, type='bool'),
             setup_ca=dict(required=True, type='bool'),
         ),
     )
@@ -63,6 +64,7 @@ def main():
     # set values #############################################################
 
     options.host_name = ansible_module.params.get('hostname')
+    options.setup_dns = ansible_module.params.get('setup_dns')
     options.setup_ca = ansible_module.params.get('setup_ca')
 
     # Configuration for ipalib, we will bootstrap and finalize later, after
@@ -91,6 +93,17 @@ def main():
         # Make sure the files we crated in /var/run are recreated at startup
         tasks.configure_tmpfiles()
 
+    if hasattr(service, "enable_services"):
+        # Enable configured services and update DNS SRV records
+        service.enable_services(options.host_name)
+        api.Command.dns_update_system_records()
+
+        if not options.setup_dns:
+            # After DNS and AD trust are configured and services are
+            # enabled, create a dummy instance to dump DNS configuration.
+            bind = bindinstance.BindInstance(fstore)
+            bind.create_file_with_system_records()
+
     with redirect_stdout(ansible_log):
         services.knownservices.ipa.enable()
 

diff --git a/roles/ipaserver/tasks/install.yml b/roles/ipaserver/tasks/install.yml
@@ -358,6 +358,7 @@
   - name: Install - Enable IPA
     ipaserver_enable_ipa:
       hostname: "{{ result_ipaserver_test.hostname }}"
+      setup_dns: "{{ ipaserver_setup_dns }}"
       setup_ca: "{{ result_ipaserver_test.setup_ca }}"
     register: result_ipaserver_enable_ipa