forked from stove/dataset
157 lines
3.5 KiB
YAML
157 lines
3.5 KiB
YAML
---
|
|
version: 1.1
|
|
|
|
remotes:
|
|
description: Create account and connexion to a LDAP server
|
|
type: domainname
|
|
multi: true
|
|
mandatory: false
|
|
hidden: true
|
|
provider: LDAP
|
|
|
|
"remote_{{ suffix }}":
|
|
dynamic:
|
|
variable: accounts.remotes
|
|
hidden: true
|
|
|
|
family:
|
|
description: 'LDAP family name for {{ suffix }}'
|
|
mandatory: false
|
|
provider: LDAP:family
|
|
|
|
dn:
|
|
description: 'LDAP account DN for {{ suffix }}'
|
|
mandatory: false
|
|
provider: LDAP:dn
|
|
|
|
password:
|
|
description: 'LDAP passowrd for {{ suffix }}'
|
|
type: secret
|
|
mandatory: false
|
|
provider: LDAP:password
|
|
|
|
base_dn:
|
|
description: 'LDAP base DN for {{ suffix }}'
|
|
mandatory: false
|
|
provider: LDAP:base_dn
|
|
|
|
users:
|
|
description: Users management
|
|
help: >-
|
|
Management of manually created local users. Those users are not classified
|
|
type: leadership
|
|
|
|
ldap_user_mail:
|
|
description: Email address
|
|
examples:
|
|
- johndoe@example.net
|
|
help: An user is identify by his email address.
|
|
type: mail
|
|
mandatory: false
|
|
|
|
ldap_user_aliases:
|
|
description: Emails aliases
|
|
multi: true
|
|
examples:
|
|
- jdoe@example.net
|
|
type: mail
|
|
mandatory: false
|
|
|
|
ldap_user_uid:
|
|
description: Account name
|
|
examples:
|
|
- jdoe
|
|
type: unix_user
|
|
|
|
ldap_user_gn:
|
|
description: Given name
|
|
examples:
|
|
- John
|
|
type: string
|
|
|
|
ldap_user_sn:
|
|
description: Surname
|
|
examples:
|
|
- Doe
|
|
type: string
|
|
|
|
ldap_user_password:
|
|
type: secret
|
|
default:
|
|
jinja: >-
|
|
{{ accounts.users.ldap_user_mail |
|
|
get_password(server_name=general.network.interface_0.domain_name,
|
|
description="ldap user",
|
|
type="cleartext",
|
|
hide=general.hide_secret,
|
|
temporary=true)
|
|
}}
|
|
hidden: true
|
|
|
|
families:
|
|
description: Families to create
|
|
type: unix_user
|
|
multi: true
|
|
help: >-
|
|
Users can be classified into families. This variable contains all the names
|
|
of the families to be created.
|
|
mandatory: false
|
|
|
|
"family_{{ suffix }}":
|
|
description: 'Management of family {{ suffix }}'
|
|
dynamic:
|
|
variable: accounts.families
|
|
|
|
users:
|
|
description: 'Users management for the family {{ suffix }}'
|
|
help: >-
|
|
Management of manually created users. Those users are classified in a
|
|
family.
|
|
type: leadership
|
|
|
|
ldap_user_mail:
|
|
description: 'Email address for the family {{ suffix }}'
|
|
examples:
|
|
- johndoe@family.net
|
|
help: An user is identify by his email address.
|
|
type: mail
|
|
mandatory: false
|
|
|
|
ldap_user_aliases:
|
|
description: 'Emails aliases for the family {{ suffix }}'
|
|
examples:
|
|
- jdoe@family.net
|
|
type: mail
|
|
multi: true
|
|
mandatory: false
|
|
|
|
ldap_user_uid:
|
|
description: 'Account name for the family {{ suffix }}'
|
|
examples:
|
|
- jdoe
|
|
type: unix_user
|
|
|
|
ldap_user_gn:
|
|
description: 'Given name for the family {{ suffix }}'
|
|
examples:
|
|
- John
|
|
type: string
|
|
|
|
ldap_user_sn:
|
|
description: 'Surname for the family {{ suffix }}'
|
|
examples:
|
|
- Doe
|
|
type: string
|
|
|
|
ldap_user_password:
|
|
type: secret
|
|
default:
|
|
jinja: >-
|
|
{{ _.ldap_user_mail |
|
|
get_password(server_name=general.network.interface_0.domain_name,
|
|
description="ldap family user",
|
|
type="cleartext",
|
|
hide=general.hide_secret,
|
|
temporary=true)
|
|
}}
|
|
hidden: true
|