Cleanup LDAP remnants

Dockerfile.bullseye

@@ -13,20 +13,3 @@ RUN apt-get -qq update && \
 
 COPY cccv-archive-key.gpg /etc/apt/trusted.gpg.d/
 COPY cccv-archive-bullseye.list /etc/apt/sources.list.d/
-
-FROM uffd-base AS openldap-base
-
-RUN apt-get -qq update && \
-    pip3 install ansible --upgrade && \
-    ansible --version && \
-    mkdir -p /var/run/ && \
-    git clone --depth 1 "https://git.cccv.de/infra/ansible/roles/openldap.git" && \
-    git clone --depth 1 "https://git.cccv.de/infra/ansible/roles/certificates.git" && \
-    apt-get -qq clean
-
-COPY ansible-inventory.yml inventory.yml
-COPY ansible-playbook.yml playbook.yml
-COPY ansible.cfg ansible.cfg
-
-RUN ansible-playbook playbook.yml && \
-    rm -fr openldap certificates inventory.yml playbook.yml ansible.cfg

Dockerfile.buster

@@ -13,20 +13,3 @@ RUN apt-get -qq update && \
 
 COPY cccv-archive-key.gpg /etc/apt/trusted.gpg.d/
 COPY cccv-archive-buster.list /etc/apt/sources.list.d/
-
-FROM uffd-base AS openldap-base
-
-RUN apt-get -qq update && \
-    pip3 install ansible --upgrade && \
-    ansible --version && \
-    mkdir -p /var/run/ && \
-    git clone --depth 1 "https://git.cccv.de/infra/ansible/roles/openldap.git" && \
-    git clone --depth 1 "https://git.cccv.de/infra/ansible/roles/certificates.git" && \
-    apt-get -qq clean
-
-COPY ansible-inventory.yml inventory.yml
-COPY ansible-playbook.yml playbook.yml
-COPY ansible.cfg ansible.cfg
-
-RUN ansible-playbook playbook.yml && \
-    rm -fr openldap certificates inventory.yml playbook.yml ansible.cfg

ansible-inventory.yml

-all:
-  hosts:
-    localhost:
-  vars:
-    openldap:
-      backup:
-        enable: False
-      root:
-        password: "root-ldap-password"
-        dn: "cn=admin,dc=example,dc=com"
-      tls:
-        ca: /etc/ssl/ldap-server.ca
-        cert: /etc/ssl/ldap-server.crt
-        key: /etc/ssl/private/ldap-server.key
-      domain: example.com
-      organisation: Example
-      base_dn: "dc=example,dc=com"
-      users: []
-      service_accounts:
-      - name: uffd
-        password: "uffd-ldap-password"
-      groups:
-      - name: admins
-        gid: 20000
-        description: "Admingruppe"
-      - name: users
-        gid: 20001
-        description: "Usergruppe"
-      - name: uffd_access
-        gid: 20002
-        description: "Zugriff auf den uffd Selfservice"
-      - name: uffd_admin
-        gid: 20003
-        description: "Adminrechte im uffd Selfservice"
-      acls:
-      - >-
-        {0}to attrs=userPassword
-        by dn="cn=uffd,ou=system,dc=example,dc=com" =xw
-        by group/groupOfUniqueNames/uniqueMember.exact="cn=uffd_admin,ou=groups,dc=example,dc=com" =xw
-        by self =xw
-        by anonymous auth
-      - >-
-        {1}to attrs=shadowLastChange
-        by dn="cn=uffd,ou=system,dc=example,dc=com" write
-        by group/groupOfUniqueNames/uniqueMember.exact="cn=uffd_admin,ou=groups,dc=example,dc=com" write
-        by self write
-      - >-
-        {2}to dn.subtree="ou=users,dc=example,dc=com"
-        by dn="cn=uffd,ou=system,dc=example,dc=com" write
-        by group/groupOfUniqueNames/uniqueMember.exact="cn=uffd_admin,ou=groups,dc=example,dc=com" write
-        by self write
-        by * read
-      - >-
-        {3}to dn.subtree="ou=groups,dc=example,dc=com"
-        by dn="cn=uffd,ou=system,dc=example,dc=com" write
-        by group/groupOfUniqueNames/uniqueMember.exact="cn=uffd_admin,ou=groups,dc=example,dc=com" write
-        by * read
-      - >-
-        {4}to dn.subtree="ou=postfix,dc=example,dc=com"
-        by dn="cn=uffd,ou=system,dc=example,dc=com" write
-        by group/groupOfUniqueNames/uniqueMember.exact="cn=uffd_admin,ou=groups,dc=example,dc=com" write
-        by * read
-#      - >-
-#        {5}to *
-#        by dn="cn=uffd,ou=system,dc=example,dc=com" write
-#        by dn="uid=testadmin,ou=users,dc=example,dc=com" write
-#        by * read
-    certificates:
-      disable_letsencrypt_account_registration: True
-      certs:
-        "ldap-server":
-          backend: ownca
-          cn: "{{ inventory_hostname }}"
-          backend_override:
-            name: ldap-auth

ansible-playbook.yml

-- hosts: localhost
-  become: true
-  roles:
-    - certificates
-    - openldap

ansible.cfg

-[defaults]
-inventory      = inventory.yml
-remote_user = root
-hash_behaviour = merge
-nocows = 1
-retry_files_enabled = False
-max_diff_size = 1048576
-transport = local
-
-[inventory]
-
-[privilege_escalation]
-become=True
-become_method=sudo
-become_user=root
-
-[paramiko_connection]
-
-[ssh_connection]
-
-pipelining = True
-
-[persistent_connection]
-
-[accelerate]
-
-[selinux]
-
-[colors]
-#highlight = white
-#verbose = blue
-#warn = bright purple
-#error = red
-#debug = dark gray
-#deprecate = purple
-#skip = cyan
-#unreachable = red
-#ok = green
-#changed = yellow
-#diff_add = green
-#diff_remove = red
-#diff_lines = cyan
-
-
-[diff]
-always = yes
-context = 5