refactor ♻️: Update Samba domain info and provision process

Updated the `samba_domain_info` section to use the new authentication domain and netbios domain. Also updated the `tasks/provision.yml` file to reflect these changes, including the correct realm, domain, server role, and interfaces for the Samba domain.
2025-11-02 18:16:05 +01:00
parent 570500c886
commit e6e7f22592
2 changed files with 19 additions and 15 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -8,7 +8,7 @@ addc_netbios_domain: "SAMDOM"
 # Top level Domain = EXAMPLE.COM
 addc_tld: "EXAMPLE.COM"
 # Authentication Domain = SAMDOM.EXAMPLE.COM
-addc_auth_domain: "{{ adc_netbios_domain | upper }}.{{ addc_tld | upper }}"
+addc_auth_domain: "{{ addc_netbios_domain | upper }}.{{ addc_tld | upper }}"


 addc_admin_password: "Passw0rd"
@@ -22,15 +22,17 @@ addc_ip_last_octet: "{{ addc_ansible_host.split('.')[-1] }}"
 addc_reverse_zone_name: "{{ addc_ip_network_prefix.split('.') | reverse | join('.') }}.in-addr.arpa"

 samba_domain_info:
-  realm: "{{ samba_realm | upper }}"
-  domain: "{{ samba_domain | upper }}"
-  server_role: "dc"
-  dns_backend: "SAMBA_INTERNAL"
-  adminpass: "{{ samba_admin_password }}"
-  interfaces: "{{ samba_iface | default('eth0') }}"
+  realm: "{{ addc_auth_domain | upper }}"
+  domain: "{{ addc_netbios_domain | upper }}"
+  server_role: "{{ addc_server_role | default('dc') }}"
+  dns_backend: "{{ addc_dns_backend | default('SAMBA_INTERNAL') }}"
+  adminpass: "{{ addc_admin_password }}"
+  interfaces: "{{ samba_iface_list | join(' ') }}"
  bind_interfaces_only: "yes"

-samba_iface: eth0
+samba_iface_list:
+  - lo
+  - eth0

 samba_packages:
  - acl
--- a/tasks/provision.yml
+++ b/tasks/provision.yml
@@ -8,14 +8,16 @@
  ansible.builtin.command: >
    samba-tool domain provision
    --use-rfc2307
-    --realm={{ addc_auth_domain }}
-    --domain={{ addc_netbios_domain }}
-    --server-role={{ addc_server_role }}
-    --dns-backend={{ addc_dns_backend }}
-    --adminpass={{ addc_admin_password }}
-    --option="interfaces=lo eth0"
-    --option="bind interfaces only=yes"
+    --realm={{ samba_domain_info.realm }}
+    --domain={{ samba_domain_info.domain }}
+    --server-role={{ samba_domain_info.server_role }}
+    --dns-backend={{ samba_domain_info.dns_backend }}
+    --adminpass={{ samba_domain_info.adminpass }}
+    --option="interfaces={{ samba_domain_info.interfaces }}"
+    --option="bind interfaces only={{ samba_domain_info.bind_interfaces_only }}"
  when: not samba_provisioned.stat.exists
  register: samba_provision_output
  changed_when: samba_provision_output.rc == 0
  no_log: true  # You may toggle this if password should be hidden
+
+