summaryrefslogtreecommitdiffstats
path: root/ipaserver/install/server/replicainstall.py
Commit message (Collapse)AuthorAgeFilesLines
...
* Implement replica promotion functionalitySimo Sorce2015-10-151-22/+548
| | | | | | | | | | | | | | | | | | This patch implements a new flag --promote for the ipa-replica-install command that allows an administrative user to 'promote' an already joined client to become a full ipa server. The only credentials used are that of an administrator. This code relies on ipa-custodia being available on the peer master as well as a number of other patches to allow a computer account to request certificates for its services. Therefore this feature is marked to work only with domain level 1 and above servers. Ticket: https://fedorahosted.org/freeipa/ticket/2888 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Add ipa-custodia serviceSimo Sorce2015-10-151-1/+8
| | | | | | | | | | Add a customized Custodia daemon and enable it after installation. Generates server keys and loads them in LDAP autonomously on install or update. Provides client code classes too. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* install: fix ipa-server-install fail on missing --forwarderJan Cholasta2015-10-011-0/+7
| | | | | | https://fedorahosted.org/freeipa/ticket/4517 Reviewed-By: Martin Basti <mbasti@redhat.com>
* install: Add common base class for server and replica installJan Cholasta2015-09-221-175/+49
| | | | | | https://fedorahosted.org/freeipa/ticket/4517 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* Server Install: print message that client is being installedMartin Basti2015-09-111-0/+1
| | | | | | | | IPA client is installed on server side during "Restarting web server" step, which lasts too long. This commit explicitly print message that IPA client is being installed. Reviewed-By: Simo Sorce <ssorce@redhat.com>
* Installer: do not modify /etc/hosts before user agreementMartin Basti2015-09-031-1/+11
| | | | | | | | | https://fedorahosted.org/freeipa/ticket/4561 As side effect this also fixes: https://fedorahosted.org/freeipa/ticket/5266 Reviewed-By: David Kupka <dkupka@redhat.com>
* Use the print functionPetr Viktorin2015-09-011-20/+22
| | | | | | | | | In Python 3, `print` is no longer a statement. Call it as a function everywhere, and include the future import to remove the statement in Python 2 code as well. Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* install: Fix replica install with custom certificatesJan Cholasta2015-08-181-8/+9
| | | | | | https://fedorahosted.org/freeipa/ticket/5226 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* Modernize 'except' clausesPetr Viktorin2015-08-121-7/+7
| | | | | | | The 'as' syntax works from Python 2 on, and Python 3 will drop the "comma" syntax. Reviewed-By: Tomas Babej <tbabej@redhat.com>
* install: Fix server and replica install optionsJan Cholasta2015-08-121-29/+7
| | | | | | https://fedorahosted.org/freeipa/ticket/5184 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* Modernize number literalsPetr Viktorin2015-07-311-2/+2
| | | | | | | | | | | | | | Use Python-3 compatible syntax, without breaking compatibility with py 2.7 - Octals literals start with 0o to prevent confusion - The "L" at the end of large int literals is not required as they use long on Python 2 automatically. - Using 'int' instead of 'long' for small numbers is OK in all cases except strict type checking checking, e.g. type(0). https://fedorahosted.org/freeipa/ticket/4985 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Fix DNS records installation for replicasSimo Sorce2015-07-141-3/+3
| | | | | | | Ticket: https:/fedorahosted.org/freeipa/ticket/5116 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
* DNSSEC: allow to disable/replace DNSSEC key masterMartin Basti2015-07-071-1/+29
| | | | | | | | | | | | | | | This commit allows to replace or disable DNSSEC key master Replacing DNSSEC master requires to copy kasp.db file manually by user ipa-dns-install: --disable-dnssec-master DNSSEC master will be disabled --dnssec-master --kasp-db=FILE This configure new DNSSEC master server, kasp.db from old server is required for sucessful replacement --force Skip checks https://fedorahosted.org/freeipa/ticket/4657 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Sanitize CA replica installMartin Basti2015-06-301-12/+10
| | | | | | | | Check if cafile exist first. https://fedorahosted.org/freeipa/ticket/4468 Reviewed-By: Tomas Babej <tbabej@redhat.com>
* fix force-sync, re-initialize of replica and a check for replication ↵Petr Vobornik2015-06-291-7/+1
| | | | | | | | | | | | | agreement existence in other words limit usage of `agreement_dn` method only for manipulation and search of agreements which are not managed by topology plugin. For other cases is safer to search for the agreement. https://fedorahosted.org/freeipa/ticket/5066 Reviewed-By: David Kupka <dkupka@redhat.com>
* Replicas cannot define their own master password.Simo Sorce2015-06-241-8/+0
| | | | | | | | | Seem like this slipped in during the refactoring of the install tools. https://fedorahosted.org/freeipa/ticket/4468 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* install: Fix ipa-replica-install not installing RA certJan Cholasta2015-06-181-2/+13
| | | | | | https://fedorahosted.org/freeipa/ticket/4468 Reviewed-By: David Kupka <dkupka@redhat.com>
* vault: Fix ipa-kra-installJan Cholasta2015-06-101-18/+15
| | | | | | | | | Use state in LDAP rather than local state to check if KRA is installed. Use correct log file names. https://fedorahosted.org/freeipa/ticket/3872 Reviewed-By: David Kupka <dkupka@redhat.com>
* install: Initialize API early in server and replica installJan Cholasta2015-06-101-134/+144
| | | | | | https://fedorahosted.org/freeipa/ticket/4468 Reviewed-By: David Kupka <dkupka@redhat.com>
* install: Migrate ipa-replica-install to the install frameworkJan Cholasta2015-06-101-59/+263
| | | | | | https://fedorahosted.org/freeipa/ticket/4468 Reviewed-By: David Kupka <dkupka@redhat.com>
* install: Migrate ipa-server-install to the install frameworkJan Cholasta2015-06-081-2/+26
| | | | | | https://fedorahosted.org/freeipa/ticket/4468 Reviewed-By: Martin Basti <mbasti@redhat.com>
* install: Fix missing variable initialization in replica installJan Cholasta2015-06-081-0/+1
| | | | https://fedorahosted.org/freeipa/ticket/4468
* Move CA installation code into single module.David Kupka2015-06-081-34/+19
| | | | | | https://fedorahosted.org/freeipa/ticket/4468 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* install: Move ipa-replica-install code into a moduleJan Cholasta2015-05-291-0/+640
https://fedorahosted.org/freeipa/ticket/4468 Reviewed-By: Martin Basti <mbasti@redhat.com>
generated by cgit (git 2.34.1) at 2024-06-07 16:42:03 +0000