From aeec633f3d3217eb51cb8a24506afbd27271413c Mon Sep 17 00:00:00 2001
From: shahaan <shahaan@gmail.com>
Date: Fri, 19 Jun 2015 09:47:11 +1000
Subject: [PATCH] Deleting unncessary files got copied wrongly
---
roles/easy-rsa-certificate/vars/meta/main.yml | 5 -
.../vars/tasks/buildCert.yml | 113 -------------
.../easy-rsa-certificate/vars/tasks/main.yml | 3 -
roles/easy-rsa-certificate/vars/vars/main.yml | 1 -
.../easy-rsa-certificate/vars/vars/readme.txt | 7 -
roles/ldapserver/vars/meta/main.yml | 3 -
.../ldapserver/vars/tasks/karaageSpecific.yml | 14 --
roles/ldapserver/vars/tasks/main.yml | 157 ------------------
.../vars/templates/accounts_ldif.j2 | 2 -
roles/ldapserver/vars/templates/acls_ldif.j2 | 6 -
.../ldapserver/vars/templates/binddn_ldif.j2 | 5 -
.../vars/templates/default_ppolicy_ldif.j2 | 19 ---
.../ldapserver/vars/templates/groups_ldif.j2 | 2 -
roles/ldapserver/vars/templates/ldap.conf.j2 | 16 --
.../ldapserver/vars/templates/manager_ldif.j2 | 10 --
.../ppolicy_accountsAndGroups.ldif.j2 | 14 --
.../vars/templates/ppolicy_moduleload_ldif.j2 | 5 -
.../vars/templates/ppolicy_overlay_ldif.j2 | 7 -
.../vars/templates/pwpolicies_ldif.j2 | 4 -
roles/ldapserver/vars/templates/root_ldif.j2 | 5 -
roles/ldapserver/vars/templates/ssl_ldif.j2 | 9 -
.../vars/templates/tls_settings.ldif.j2 | 4 -
.../vars/vars/CentOS_6.5_x86_64.yml | 5 -
.../vars/vars/CentOS_6.6_x86_64.yml | 5 -
roles/ldapserver/vars/vars/main.yml | 7 -
25 files changed, 428 deletions(-)
delete mode 100644 roles/easy-rsa-certificate/vars/meta/main.yml
delete mode 100644 roles/easy-rsa-certificate/vars/tasks/buildCert.yml
delete mode 100644 roles/easy-rsa-certificate/vars/tasks/main.yml
delete mode 120000 roles/easy-rsa-certificate/vars/vars/main.yml
delete mode 100644 roles/easy-rsa-certificate/vars/vars/readme.txt
delete mode 100644 roles/ldapserver/vars/meta/main.yml
delete mode 100644 roles/ldapserver/vars/tasks/karaageSpecific.yml
delete mode 100644 roles/ldapserver/vars/tasks/main.yml
delete mode 100644 roles/ldapserver/vars/templates/accounts_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/acls_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/binddn_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/default_ppolicy_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/groups_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/ldap.conf.j2
delete mode 100644 roles/ldapserver/vars/templates/manager_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/ppolicy_accountsAndGroups.ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/ppolicy_moduleload_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/ppolicy_overlay_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/pwpolicies_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/root_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/ssl_ldif.j2
delete mode 100644 roles/ldapserver/vars/templates/tls_settings.ldif.j2
delete mode 100644 roles/ldapserver/vars/vars/CentOS_6.5_x86_64.yml
delete mode 100644 roles/ldapserver/vars/vars/CentOS_6.6_x86_64.yml
delete mode 100644 roles/ldapserver/vars/vars/main.yml
diff --git a/roles/easy-rsa-certificate/vars/meta/main.yml b/roles/easy-rsa-certificate/vars/meta/main.yml
deleted file mode 100644
index fb87b089..00000000
--- a/roles/easy-rsa-certificate/vars/meta/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-allow_duplicates: yes
-dependencies:
- - {role: easy-rsa-common }
-
diff --git a/roles/easy-rsa-certificate/vars/tasks/buildCert.yml b/roles/easy-rsa-certificate/vars/tasks/buildCert.yml
deleted file mode 100644
index d71c98a3..00000000
--- a/roles/easy-rsa-certificate/vars/tasks/buildCert.yml
+++ /dev/null
@@ -1,113 +0,0 @@
----
-- name: "Check client ca certificate"
- register: ca_cert
- stat: "path={{ x509_cacert_file }}"
-
-- name: "Check certificate and key"
- shell: (openssl x509 -noout -modulus -in {{ x509_cert_file }} | openssl md5 ; openssl rsa -noout -modulus -in {{ x509_key_file }} | openssl md5) | uniq | wc -l
- register: certcheck
- sudo: true
-
-- name: "Check certificate"
- register: cert
- stat: "path={{ x509_cert_file }}"
- sudo: true
-
-- name: "Check key"
- register: key
- stat: "path={{ x509_key_file }}"
- sudo: true
-
-- name: "Default: we don't need a new certificate"
- set_fact: needcert=False
-
-- name: "Set need cert if key is missing"
- set_fact: needcert=True
- when: key.stat.exists == false
-
-- name: "set needcert if cert is missing or of zero size"
- set_fact: needcert=True
- when: cert.stat.exists == false or cert.stat.size == 0
-
-- name: "Delete Zero Sized Ceritificates"
- remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
- delegate_to: "{{ x509_ca_server }}"
- shell: rm -rf /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.*
- when: cert is defined and cert.stat.size == 0
- sudo: true
-
-- name: "set needcert if cert doesn't match key"
- set_fact: needcert=True
- when: certcheck.stdout == '2'
-
-
-- name: "Creating Keypair"
- shell: "echo noop when using easy-rsa"
- when: needcert
-
-- name: "Creating CSR"
- shell: " cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\"; \"$EASY_RSA\"/pkitool --csr {{ x509_csr_args }} {{ x509_common_name }}"
- when: needcert
- sudo: true
-
-- name: "Create node tmp directory"
- delegate_to: 127.0.0.1
- shell: "mkdir -p /tmp/{{ inventory_hostname }} ; chmod 755 /tmp/{{ inventory_hostname }}"
- when: x509_ca_server != inventory_hostname
-
-- name: "Copy CSR to ansible host"
- fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr dest=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr fail_on_missing=yes validate_md5=yes flat=yes"
- sudo: true
- when: needcert and x509_ca_server != inventory_hostname
-
-- name: "Copy CSR to CA"
- remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
- delegate_to: "{{ x509_ca_server }}"
- copy: "src=/tmp/{{ inventory_hostname }}/{{ inventory_hostname }}.csr dest=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.csr force=yes"
- when: needcert and x509_ca_server != inventory_hostname
- sudo: true
-
-- name: "Sign Certificate"
- remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
- delegate_to: "{{ x509_ca_server }}"
- shell: "cd /etc/easy-rsa/2.0; . ./vars; export EASY_RSA=\"${EASY_RSA:-.}\" ;\"$EASY_RSA\"/pkitool --sign {{ x509_sign_args }} {{ x509_common_name }}"
- when: needcert
- sudo: true
-
-- name: "Copy the Certificate to ansible host"
- remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
- delegate_to: "{{ x509_ca_server }}"
- fetch: "src=/etc/easy-rsa/2.0/keys/{{ x509_common_name }}.crt dest=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt fail_on_missing=yes validate_md5=yes flat=yes"
- sudo: true
- when: needcert and x509_ca_server != inventory_hostname
-
-- name: "Copy the CA Certificate to the ansible host"
- remote_user: "{{ hostvars[x509_ca_server]['ansible_ssh_user'] }}"
- delegate_to: "{{ x509_ca_server }}"
- fetch: "src=/etc/easy-rsa/2.0/keys/ca.crt dest=/tmp/{{ inventory_hostname }}/ca.crt fail_on_missing=yes validate_md5=yes flat=yes"
- sudo: true
- when: ca_cert.stat.exists == false and x509_ca_server != inventory_hostname
-
-- name: "Make sure the path to the certificate exists"
- shell: "mkdir -p `dirname {{ x509_cert_file }}` ; chmod 755 `dirname {{ x509_cert_file }}`"
- sudo: true
-
-- name: "Copy the certificate to the node"
- copy: "src=/tmp/{{ inventory_hostname }}/{{ x509_common_name }}.crt dest=/tmp/{{ x509_common_name }}.crt force=yes"
- sudo: true
- when: needcert and x509_ca_server != inventory_hostname
-
-- name: "Copy the certificate to the right location"
- shell: "cp -f /tmp/{{ x509_common_name }}.crt {{ x509_cert_file }}"
- sudo: true
- when: needcert and x509_ca_server != inventory_hostname
-
-- name: "Copy the CA certificate to the node"
- copy: "src=/tmp/{{ inventory_hostname }}/ca.crt dest={{ x509_cacert_file }}"
- sudo: true
- when: ca_cert.stat.exists == false and x509_ca_server != inventory_hostname
-
-- name: "Copy the key to the correct location"
- shell: "mkdir -p `dirname {{ x509_key_file }}` ; chmod 700 `dirname {{ x509_key_file }}` ; cp /etc/easy-rsa/2.0/keys/{{ x509_common_name }}.key {{ x509_key_file }}"
- sudo: true
- when: needcert and x509_ca_server != inventory_hostname
diff --git a/roles/easy-rsa-certificate/vars/tasks/main.yml b/roles/easy-rsa-certificate/vars/tasks/main.yml
deleted file mode 100644
index 475415cc..00000000
--- a/roles/easy-rsa-certificate/vars/tasks/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
--
- include: buildCert.yml
diff --git a/roles/easy-rsa-certificate/vars/vars/main.yml b/roles/easy-rsa-certificate/vars/vars/main.yml
deleted file mode 120000
index 0d79d56d..00000000
--- a/roles/easy-rsa-certificate/vars/vars/main.yml
+++ /dev/null
@@ -1 +0,0 @@
-readme.txt
\ No newline at end of file
diff --git a/roles/easy-rsa-certificate/vars/vars/readme.txt b/roles/easy-rsa-certificate/vars/vars/readme.txt
deleted file mode 100644
index b5902041..00000000
--- a/roles/easy-rsa-certificate/vars/vars/readme.txt
+++ /dev/null
@@ -1,7 +0,0 @@
----
-x509_key_file: "/etc/ssl/private/server.key"
-x509_cert_file: "/etc/ssl/certs/server.crt"
-x509_cacert_file: "/etc/ssl/certs/ca.crt"
-x509_csr_args: ""
-x509_sign_args: "{{ x509_csr_args }}"
-x509_common_name: "{{ ansible_fqdn }}"
diff --git a/roles/ldapserver/vars/meta/main.yml b/roles/ldapserver/vars/meta/main.yml
deleted file mode 100644
index 46f5a231..00000000
--- a/roles/ldapserver/vars/meta/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-dependencies:
- - { role: easy-rsa-certificate, x509_csr_args: "--server" }
diff --git a/roles/ldapserver/vars/tasks/karaageSpecific.yml b/roles/ldapserver/vars/tasks/karaageSpecific.yml
deleted file mode 100644
index 63ca884a..00000000
--- a/roles/ldapserver/vars/tasks/karaageSpecific.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
--
- name: Adding default ppolicy schema
- shell: ldapadd -Y EXTERNAL -H ldapi:/// < /etc/ldap/schema/ppolicy.ldif
--
- name: templating tls settings
- template: src=tls_settings.ldif.j2 dest=/tmp/tls_settings.ldif mode=600
--
- name: initialise server ssl
- shell: ldapmodify -Y EXTERNAL -H ldapi:/// < /tmp/tls_settings.ldif
- sudo: true
--
- name: templating ldap.conf
- template: src=ldap.conf.j2 dest=/etc/ldap/ldap.conf mode=600
diff --git a/roles/ldapserver/vars/tasks/main.yml b/roles/ldapserver/vars/tasks/main.yml
deleted file mode 100644
index a5ec4d69..00000000
--- a/roles/ldapserver/vars/tasks/main.yml
+++ /dev/null
@@ -1,157 +0,0 @@
----
-
-- include_vars: "{{ hostvars[ansible_hostname]['ansible_distribution'] }}_{{ hostvars[ansible_hostname]['ansible_distribution_version'] }}_{{ ansible_architecture }}.yml"
-
-- name: install system packages apt
- apt: name={{ item }} state=installed update_cache=true
- sudo: true
- with_items: system_packages
- when: ansible_os_family == 'Debian'
-
-- name: install system packages yum
- yum: name={{ item }} state=installed
- sudo: true
- with_items: system_packages
- when: ansible_os_family == 'RedHat'
-
-- name: hash password
- command: /usr/sbin/slappasswd -h {SSHA} -s {{ ldapManagerPassword }}
- register: ldapManagerHash
-
-- name: hash binddn password
- command: /usr/sbin/slappasswd -h {SSHA} -s {{ ldapBindDNPassword }}
- register: ldapBindDNHash
-
-- name: template ssl.ldif
- template: src=ssl_ldif.j2 dest=/tmp/ssl.ldif mode=600
-
-- name: template manager.ldif
- template: src=manager_ldif.j2 dest=/tmp/manager.ldif mode=600
- sudo: true
-
-- name: template binddn.ldif
- template: src=binddn_ldif.j2 dest=/tmp/binddn.ldif mode=600
- sudo: true
-
-- name: template root.ldif
- template: src=root_ldif.j2 dest=/tmp/root.ldif
-
-- name: template accounts.ldif
- template: src=accounts_ldif.j2 dest=/tmp/accounts.ldif
-
-- name: template groups.ldif
- template: src=groups_ldif.j2 dest=/tmp/groups.ldif
-
-- name: template acls.ldif
- template: src=acls_ldif.j2 dest=/tmp/acls.ldif
-
-- name: template ppolicy_moduleload.ldif
- template: src=ppolicy_moduleload_ldif.j2 dest=/tmp/ppolicy_moduleload.ldif
-
-- name: template ppolicy_overlay.ldif
- template: src=ppolicy_overlay_ldif.j2 dest=/tmp/ppolicy_overlay.ldif
-
-- name: template pwpolices.ldif
- template: src=pwpolicies_ldif.j2 dest=/tmp/pwpolicies.ldif
-
-- name: template default_ppolicy.ldif
- template: src=default_ppolicy_ldif.j2 dest=/tmp/default_ppolicy.ldif
-
-
-- name: copy cert
- command: cp /etc/ssl/certs/server.crt /etc/openldap/certs/ldapcert.pem
- sudo: true
-
-- name: copy cacert
- command: cp /etc/ssl/certs/ca.crt /etc/openldap/certs/cacert.pem
- sudo: true
-
-- name: copy key
- command: cp /etc/ssl/private/server.key /etc/openldap/certs/ldapkey.pem
- sudo: true
-
-- name: chmod key
- file: path=/etc/openldap/certs/ldapkey.pem owner={{ ldapuser }} group={{ ldapgroup }} mode=600
- sudo: true
-
-- name: enable ssl centos
- lineinfile: regexp="SLAPD_LDAPS=no" state=present line="SLAPD_LDAPS=yes" dest=/etc/sysconfig/ldap
- sudo: true
- when: ansible_os_family == 'RedHat'
-
-- name: start ldap
- service: name=slapd state=restarted
- sudo: true
-
-- name: check TLS config
- shell: "slapcat -b cn=config | grep 'olcTLSCertificateKeyFile: /etc/openldap/certs/ldapkey.pem'"
- ignore_errors: true
- sudo: true
- register: tlsConfigured
-
-- name: check Manager config
- shell: "slapcat -b cn=config | grep 'olcRootDN: {{ ldapManager }}'"
- ignore_errors: true
- sudo: true
- register: managerConfigured
-
-# slapcat does a line wrap at character 78. Don't attempt to match on {{ ldapManager }} as it will cross two lines
-- name: check ACL config
- shell: "slapcat -b cn=config | grep 'olcAccess:' | grep 'cn=Manager'"
- ignore_errors: true
- sudo: true
- register: aclConfigured
-
-
-- name: check DIT config
- shell: "ldapsearch -D {{ ldapManager }} -w {{ ldapManagerPassword }} -b {{ ldapBase }} -x -H ldap://localhost objectClass=dcObject"
- ignore_errors: true
- register: ditConfigured
-
-- name: check Accounts config
- shell: "ldapsearch -D {{ ldapManager }} -w {{ ldapManagerPassword }} -b {{ ldapUserBase }} -x -H ldap://localhost objectClass=*"
- ignore_errors: true
- register: accountsConfigured
-
-- name: check Groups config
- shell: "ldapsearch -D {{ ldapManager }} -w {{ ldapManagerPassword }} -b {{ ldapGroupBase }} -x -H ldap://localhost objectClass=*"
- ignore_errors: true
- register: groupsConfigured
-
-- name: check binddn config
- shell: "ldapsearch -D {{ ldapBindDN }} -w {{ ldapBindDNPassword }} -b {{ ldapDomain }} -x -H ldap://localhost objectClass=dcObject"
- ignore_errors: true
- register: binddnConfigured
-
-
-- name: initialise server ssl
- shell: ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/ssl.ldif -D cn=config
- sudo: true
- when: tlsConfigured|failed
-
-- name: initialise server manager
- shell: ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/manager.ldif -D cn=config
- sudo: true
- when: managerConfigured|failed
-
-- name: initialise server acls
- shell: ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/acls.ldif -D cn=config
- sudo: true
- when: aclConfigured|failed
-
-- name: add DIT root
- shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/root.ldif
- when: ditConfigured|failed
-
-- name: add Accounts OU
- shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/accounts.ldif
- when: accountsConfigured|failed
-
-- name: add Groups OU
- shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/groups.ldif
- when: groupsConfigured|failed
-
-- name: add binddn
- shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/binddn.ldif
- sudo: true
- when: binddnConfigured|failed
diff --git a/roles/ldapserver/vars/templates/accounts_ldif.j2 b/roles/ldapserver/vars/templates/accounts_ldif.j2
deleted file mode 100644
index e057dd1b..00000000
--- a/roles/ldapserver/vars/templates/accounts_ldif.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-dn: {{ ldapUserBase }}
-objectClass: organizationalUnit
diff --git a/roles/ldapserver/vars/templates/acls_ldif.j2 b/roles/ldapserver/vars/templates/acls_ldif.j2
deleted file mode 100644
index c9df7197..00000000
--- a/roles/ldapserver/vars/templates/acls_ldif.j2
+++ /dev/null
@@ -1,6 +0,0 @@
-dn: olcDatabase={2}bdb,cn=config
-changetype: modify
-add: olcAccess
-olcAccess: {0}to attrs=userPassword by dn="{{ ldapManager }}" write by self write by * auth
-olcAccess: {1}to attrs=shadowLastChange by dn="{{ ldapManager }}" write by self write by * read
-olcAccess: {2}to * by users read by anonymous auth
diff --git a/roles/ldapserver/vars/templates/binddn_ldif.j2 b/roles/ldapserver/vars/templates/binddn_ldif.j2
deleted file mode 100644
index 3f2e31b6..00000000
--- a/roles/ldapserver/vars/templates/binddn_ldif.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-dn: {{ ldapBindDN }}
-objectClass: inetOrgPerson
-cn: binddn
-sn: binddn
-userPassword: {{ ldapBindDNHash.stdout }}
diff --git a/roles/ldapserver/vars/templates/default_ppolicy_ldif.j2 b/roles/ldapserver/vars/templates/default_ppolicy_ldif.j2
deleted file mode 100644
index cc638a27..00000000
--- a/roles/ldapserver/vars/templates/default_ppolicy_ldif.j2
+++ /dev/null
@@ -1,19 +0,0 @@
-dn: cn=default,ou=pwpolicies,{{ ldapDomain }}
-cn: default
-objectClass: pwdPolicy
-objectClass: top
-objectClass: device
-pwdAllowUserChange: TRUE
-pwdAttribute: 2.5.4.35
-pwdExpireWarning: 604800
-pwdFailureCountInterval: 30
-pwdGraceAuthNLimit: 0
-pwdInHistory: 10
-pwdLockout: TRUE
-pwdLockoutDuration: 3600
-pwdMaxAge: 7776000
-pwdMaxFailure: 5
-pwdMinAge: 3600
-pwdMinLength: 12
-pwdMustChange: FALSE
-pwdSafeModify: FALSE
diff --git a/roles/ldapserver/vars/templates/groups_ldif.j2 b/roles/ldapserver/vars/templates/groups_ldif.j2
deleted file mode 100644
index 70386e0f..00000000
--- a/roles/ldapserver/vars/templates/groups_ldif.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-dn: {{ ldapGroupBase }}
-objectClass: organizationalUnit
diff --git a/roles/ldapserver/vars/templates/ldap.conf.j2 b/roles/ldapserver/vars/templates/ldap.conf.j2
deleted file mode 100644
index a6c19aac..00000000
--- a/roles/ldapserver/vars/templates/ldap.conf.j2
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# LDAP Defaults
-#
-
-# See ldap.conf(5) for details
-# This file should be world readable but not world writable.
-
-#BASE dc=example,dc=com
-URI {{ ldapURI }}
-
-#SIZELIMIT 12
-#TIMELIMIT 15
-#DEREF never
-
-# TLS certificates (needed for GnuTLS)
-TLS_CACERT {{ x509_cacert_file }}
diff --git a/roles/ldapserver/vars/templates/manager_ldif.j2 b/roles/ldapserver/vars/templates/manager_ldif.j2
deleted file mode 100644
index 5cdf0216..00000000
--- a/roles/ldapserver/vars/templates/manager_ldif.j2
+++ /dev/null
@@ -1,10 +0,0 @@
-dn: olcDatabase={2}bdb,cn=config
-changetype: modify
-replace: olcSuffix
-olcSuffix: {{ ldapDomain }}
--
-replace: olcRootDN
-olcRootDN: {{ ldapManager }}
--
-add: olcRootPW
-olcRootPW: {{ ldapManagerHash.stdout }}
diff --git a/roles/ldapserver/vars/templates/ppolicy_accountsAndGroups.ldif.j2 b/roles/ldapserver/vars/templates/ppolicy_accountsAndGroups.ldif.j2
deleted file mode 100644
index 1adb4c4f..00000000
--- a/roles/ldapserver/vars/templates/ppolicy_accountsAndGroups.ldif.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-dn: ou=policies,dc=example,dc=org
-objectClass: organizationalUnit
-
-dn: ou=Accounts,dc=example,dc=org
-objectClass: organizationalUnit
-
-dn: ou=Groups,dc=example,dc=org
-objectClass: organizationalUnit
-
-dn: cn=default,ou=policies,dc=example,dc=org
-objectClass: top
-objectClass: device
-objectClass: pwdPolicy
-pwdAttribute: userPassword
diff --git a/roles/ldapserver/vars/templates/ppolicy_moduleload_ldif.j2 b/roles/ldapserver/vars/templates/ppolicy_moduleload_ldif.j2
deleted file mode 100644
index 084cc603..00000000
--- a/roles/ldapserver/vars/templates/ppolicy_moduleload_ldif.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-dn: cn=module,cn=config
-objectClass: olcModuleList
-cn: module
-olcModulePath: /usr/lib64/openldap/
-olcModuleLoad: ppolicy.la
diff --git a/roles/ldapserver/vars/templates/ppolicy_overlay_ldif.j2 b/roles/ldapserver/vars/templates/ppolicy_overlay_ldif.j2
deleted file mode 100644
index 942c69c7..00000000
--- a/roles/ldapserver/vars/templates/ppolicy_overlay_ldif.j2
+++ /dev/null
@@ -1,7 +0,0 @@
-dn: olcOverlay=ppolicy,olcDatabase={2}bdb,cn=config
-olcOverlay: ppolicy
-objectClass: olcOverlayConfig
-objectClass: olcPPolicyConfig
-olcPPolicyHashCleartext: TRUE
-olcPPolicyUseLockout: FALSE
-olcPPolicyDefault: cn=default,ou=pwpolicies,{{ ldapDomain }}
diff --git a/roles/ldapserver/vars/templates/pwpolicies_ldif.j2 b/roles/ldapserver/vars/templates/pwpolicies_ldif.j2
deleted file mode 100644
index 1f0b93cd..00000000
--- a/roles/ldapserver/vars/templates/pwpolicies_ldif.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-dn: ou=pwpolicies,{{ ldapDomain }}
-objectClass: organizationalUnit
-objectClass: top
-ou: pwpolicies
diff --git a/roles/ldapserver/vars/templates/root_ldif.j2 b/roles/ldapserver/vars/templates/root_ldif.j2
deleted file mode 100644
index c3a43f30..00000000
--- a/roles/ldapserver/vars/templates/root_ldif.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-dn: {{ ldapDomain }}
-objectClass: dcObject
-objectClass: organization
-o: {{ ansible_domain }}
-description: root
diff --git a/roles/ldapserver/vars/templates/ssl_ldif.j2 b/roles/ldapserver/vars/templates/ssl_ldif.j2
deleted file mode 100644
index 9d7d8043..00000000
--- a/roles/ldapserver/vars/templates/ssl_ldif.j2
+++ /dev/null
@@ -1,9 +0,0 @@
-dn: cn=config
-replace: olcTLSCACertificateFile
-olcTLSCACertificateFile: /etc/openldap/certs/cacert.pem
--
-replace: olcTLSCertificateFile
-olcTLSCertificateFile: /etc/openldap/certs/ldapcert.pem
--
-replace: olcTLSCertificateKeyFile
-olcTLSCertificateKeyFile: /etc/openldap/certs/ldapkey.pem
diff --git a/roles/ldapserver/vars/templates/tls_settings.ldif.j2 b/roles/ldapserver/vars/templates/tls_settings.ldif.j2
deleted file mode 100644
index 5a73e779..00000000
--- a/roles/ldapserver/vars/templates/tls_settings.ldif.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-dn: olcDatabase={1}hdb,cn=config
-changetype: modify
-replace: olcSecurity
-olcSecurity: tls=1
diff --git a/roles/ldapserver/vars/vars/CentOS_6.5_x86_64.yml b/roles/ldapserver/vars/vars/CentOS_6.5_x86_64.yml
deleted file mode 100644
index f7898718..00000000
--- a/roles/ldapserver/vars/vars/CentOS_6.5_x86_64.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
- system_packages:
- - openldap-servers
- - openldap-clients
- - openssl
diff --git a/roles/ldapserver/vars/vars/CentOS_6.6_x86_64.yml b/roles/ldapserver/vars/vars/CentOS_6.6_x86_64.yml
deleted file mode 100644
index f7898718..00000000
--- a/roles/ldapserver/vars/vars/CentOS_6.6_x86_64.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
- system_packages:
- - openldap-servers
- - openldap-clients
- - openssl
diff --git a/roles/ldapserver/vars/vars/main.yml b/roles/ldapserver/vars/vars/main.yml
deleted file mode 100644
index b62f382c..00000000
--- a/roles/ldapserver/vars/vars/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
- ldapuser: ldap
- ldapgroup: ldap
- system_packages:
- - openldap-servers
- - openldap-clients
- - openssl
--
GitLab