tasks/kerberos.yml

---
- name: Extract absolute krb5.conf path from provision output
  ansible.builtin.set_fact:
    krb5_conf_path: >-
      {{
        (
          samba_provision_output.stdout
          | regex_findall('(/[^\\s,"'']*/private/krb5\\.conf)')
          | list
          | default([])
        )
        | first
        | default('/var/lib/samba/private/krb5.conf')
        | trim
      }}
  when: samba_provision_output.stdout is defined
# the regex doesnt actually work

- name: Show extracted krb5.conf path
  ansible.builtin.debug:
    msg: "Extracted krb5.conf path: {{ krb5_conf_path | default('N/A') }}"

- name: Check if krb5.conf exists on disk
  ansible.builtin.stat:
    path: "{{ krb5_conf_path }}"
  register: krb5_conf_stat
  when: krb5_conf_path != ''

- name: Validate krb5.conf presence
  ansible.builtin.fail:
    msg: "Kerberos configuration file was not found at {{ krb5_conf_path }}. Provision may have failed."
  when:
    - krb5_conf_path != ''
    - not krb5_conf_stat.stat.exists | default(false)

- name: Confirm Kerberos configuration found
  ansible.builtin.debug:
    msg: "Kerberos configuration verified: {{ krb5_conf_path }}"
  when: krb5_conf_stat.stat.exists | default(false)

- name: Copy krb5.conf to /etc/krb5.conf
  ansible.builtin.copy:
    src: '{{ krb5_conf_path }}'
    dest: /etc/krb5.conf
    owner: root
    group: root
    mode: '0644'
  # Only run this if the provision was successful (changed)
  when: samba_provision_output.changed
First draft generated by LLM 2025-09-30 17:40:18 +02:00			`---`
style 💎: Update regex search for krb5_conf_path Updated the regex search pattern in the `krb5_conf_path` fact to ensure a list is returned even if no match is found, and added default values for clarity. 2025-11-05 21:37:57 +01:00			`- name: Extract absolute krb5.conf path from provision output`
patch undefined: Updated the DNS configuration in the `resolv.conf.j2` template to include both the local host and the Ansible-managed DNS server. Added a new line to the `resolv.conf.j2` template to specify the Ansible-managed DNS server (`{{ addc_ansible_host }}`). This ensures that the system uses both the local host and the managed DNS server for DNS resolution. 2025-10-19 22:25:19 +02:00			`ansible.builtin.set_fact:`
refactor ♻️: Improve krb5 configuration path extraction Refactored the code to use a more robust regex pattern and added a default value for the extracted path. 2025-11-05 21:01:14 +01:00			`krb5_conf_path: >-`
refactor ♻️: Improve regex pattern for extracting krb5 conf path Updated the regular expression to correctly extract the absolute path of the krb5.conf file from the samba provision output, removing unnecessary quotes and commas. 2025-11-06 06:18:18 +01:00			`{{`
			`(`
style 💎: Improve regex pattern for extracting krb5 conf path Updated the regular expression to correctly extract the absolute path of the krb5.conf file from the samba provision output. This change ensures that the extracted path is properly formatted and can be used in subsequent tasks. 2025-11-06 06:13:41 +01:00			`samba_provision_output.stdout`
refactor ♻️: Improve regex pattern matching for kerberos configuration Updated regular expressions in the `kerberos.yml` file to correctly extract and format Kerberos configuration paths, ensuring consistency and accuracy in the Ansible playbook. 2025-11-06 06:37:23 +01:00			`\| regex_findall('(/[^\\s,"'']*/private/krb5\\.conf)')`
refactor ♻️: Improve regex pattern for extracting krb5 conf path Updated the regular expression to correctly extract the absolute path of the krb5.conf file from the samba provision output, removing unnecessary quotes and commas. 2025-11-06 06:18:18 +01:00			`\| list`
style 💎: Improve regex pattern for krb5_conf_path variable Updated the regex pattern to correctly extract the krb5.conf path from the Samba provision output. This change ensures that the variable returns a list of paths even if only one is present. 2025-11-05 22:37:19 +01:00			`\| default([])`
refactor ♻️: Improve regex pattern for extracting krb5 conf path Updated the regular expression to correctly extract the absolute path of the krb5.conf file from the samba provision output, removing unnecessary quotes and commas. 2025-11-06 06:18:18 +01:00			`)`
			`\| first`
style 💎: Update Samba provision output path Updated the default path for the Samba provision output to /var/lib/samba/private/krb5.conf, ensuring consistency with the expected location. 2025-11-06 17:13:16 +01:00			`\| default('/var/lib/samba/private/krb5.conf')`
refactor ♻️: Improve regex pattern for extracting krb5 conf path Updated the regular expression to correctly extract the absolute path of the krb5.conf file from the samba provision output, removing unnecessary quotes and commas. 2025-11-06 06:18:18 +01:00			`\| trim`
			`}}`
patch undefined: Updated the DNS configuration in the `resolv.conf.j2` template to include both the local host and the Ansible-managed DNS server. Added a new line to the `resolv.conf.j2` template to specify the Ansible-managed DNS server (`{{ addc_ansible_host }}`). This ensures that the system uses both the local host and the managed DNS server for DNS resolution. 2025-10-19 22:25:19 +02:00			`when: samba_provision_output.stdout is defined`
style 💎: Fix regex pattern in kerberos.yml Updated regular expression to correctly extract krb5.conf path, ensuring accurate output from samba_provision command. 2025-11-06 17:13:54 +01:00			`# the regex doesnt actually work`
refactor ♻️: Improve Kerberos configuration validation and extraction Updated the Ansible playbook to validate the presence of the krb5.conf file, extract its path, and display it in a debug message. Additionally, added checks for the file's existence on disk and its contents to ensure proper Kerberos configuration. 2025-11-06 06:30:35 +01:00
			`- name: Show extracted krb5.conf path`
feat ✨: Add debug output for krb5.conf path Added a debug output to display the path of krb5.conf, making it easier to diagnose issues with Samba provisioning. 2025-11-05 21:46:42 +01:00			`ansible.builtin.debug:`
refactor ♻️: Improve Kerberos configuration validation and extraction Updated the Ansible playbook to validate the presence of the krb5.conf file, extract its path, and display it in a debug message. Additionally, added checks for the file's existence on disk and its contents to ensure proper Kerberos configuration. 2025-11-06 06:30:35 +01:00			`msg: "Extracted krb5.conf path: {{ krb5_conf_path \| default('N/A') }}"`

			`- name: Check if krb5.conf exists on disk`
			`ansible.builtin.stat:`
			`path: "{{ krb5_conf_path }}"`
			`register: krb5_conf_stat`
			`when: krb5_conf_path != ''`
feat ✨: Add debug output for krb5.conf path Added a debug output to display the path of krb5.conf, making it easier to diagnose issues with Samba provisioning. 2025-11-05 21:46:42 +01:00
refactor ♻️: Improve Kerberos configuration validation and extraction Updated the Ansible playbook to validate the presence of the krb5.conf file, extract its path, and display it in a debug message. Additionally, added checks for the file's existence on disk and its contents to ensure proper Kerberos configuration. 2025-11-06 06:30:35 +01:00			`- name: Validate krb5.conf presence`
			`ansible.builtin.fail:`
			`msg: "Kerberos configuration file was not found at {{ krb5_conf_path }}. Provision may have failed."`
			`when:`
			`- krb5_conf_path != ''`
			`- not krb5_conf_stat.stat.exists \| default(false)`

			`- name: Confirm Kerberos configuration found`
			`ansible.builtin.debug:`
			`msg: "Kerberos configuration verified: {{ krb5_conf_path }}"`
			`when: krb5_conf_stat.stat.exists \| default(false)`
refactor ♻️: Improve regex pattern matching for kerberos configuration Updated regular expressions in the `kerberos.yml` file to correctly extract and format Kerberos configuration paths, ensuring consistency and accuracy in the Ansible playbook. 2025-11-06 06:37:23 +01:00
patch undefined: Updated the DNS configuration in the `resolv.conf.j2` template to include both the local host and the Ansible-managed DNS server. Added a new line to the `resolv.conf.j2` template to specify the Ansible-managed DNS server (`{{ addc_ansible_host }}`). This ensures that the system uses both the local host and the managed DNS server for DNS resolution. 2025-10-19 22:25:19 +02:00			`- name: Copy krb5.conf to /etc/krb5.conf`
			`ansible.builtin.copy:`
Replaced " with ' 2025-11-04 19:22:07 +01:00			`src: '{{ krb5_conf_path }}'`
First draft generated by LLM 2025-09-30 17:40:18 +02:00			`dest: /etc/krb5.conf`
			`owner: root`
			`group: root`
			`mode: '0644'`
patch undefined: Updated the DNS configuration in the `resolv.conf.j2` template to include both the local host and the Ansible-managed DNS server. Added a new line to the `resolv.conf.j2` template to specify the Ansible-managed DNS server (`{{ addc_ansible_host }}`). This ensures that the system uses both the local host and the managed DNS server for DNS resolution. 2025-10-19 22:25:19 +02:00			`# Only run this if the provision was successful (changed)`
			`when: samba_provision_output.changed`