follow inetOrgPerson standards

suhancz · Mar 2, 2024 · 3df9731 · 3df9731
1 parent 8d7c791
commit 3df9731
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 22 deletions.
diff --git a/README.md b/README.md
@@ -10,7 +10,9 @@ Role Variables
     mailserver_domain # primary domain name
     mailserver_admin_user # user to administer the mail server
     users:
-      - name
+      - name # system username
+        firstname
+        surname # in family mode defaults to `default_surname`
         password
         aliases:
           - [email protected]
@@ -58,6 +60,7 @@ Role Variables
       keepalive: # VPN keepalive in seconds
     httpd_pam_deny_users: # list of users who shouldn't authenticate against HTTPD using PAM
     family_mode: yes # boolean if users would be identified only by given name (assuming the surname is identical)
+    default_surname: Doe # used in family mode so adding users via the role don't need surname to be added
 
 Example Playbook
 ----------------

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -184,3 +184,4 @@ wireguard:
     - fd00::10:42:0/120
   keepalive: 42
 family_mode: yes
+default_surname: Doe
diff --git a/tasks/kolab.yml b/tasks/kolab.yml
@@ -77,9 +77,9 @@
     - key: 'postfix_virtual_file'
       value: '/etc/postfix/virtual_alias_maps_manual.cf'
     - key: 'policy_uid'
-      value: "'%(givenname)s'{{ '[0:1]%(surname)s' if not family_mode | bool }}.lower()"
+      value: "{% if not family_mode | bool %}}'{% endif %}%(givenname)s{% if not family_mode | bool %}}'{% endif %}{{ '[0:1]%(surname)s' if not family_mode | bool }}.lower()"
     - key: 'primary_mail'
-      value: "'%(givenname)s'{{ '[0:1].%(surname)s' if not family_mode | bool }}@%(domain)s"
+      value: "{% if not family_mode | bool %}}'{% endif %}%(givenname)s{% if not family_mode | bool %}}'{% endif %}{{ '[0:1]%(surname)s' if not family_mode | bool }}@%(domain)s"
   notify: 
     - Restart kolab
   tags:
@@ -514,25 +514,6 @@
     - kolab-saslauthd
   loop_control:
     loop_var: kolab_service
-- name: Disable mandatory surname setting
-  when: family_mode | bool
-  block:
-    - name: Query all user types
-      community.mysql.mysql_query:
-        login_db: kolab
-        login_user: root
-        login_password: "{{ mysql_root_password }}"
-        query: select user_types.key,user_types.attributes from user_types;
-      register: user_type_attributes
-    - name: Disable mandatory surname field
-      when: (user_type_item.attributes | from_json).form_fields.sn is defined
-      ansible.builtin.include_tasks: kolab_disable_mandatory_surname.yml
-      loop: "{{ user_type_attributes.query_result[0] }}"
-      loop_control:
-        loop_var: user_type_item
-  tags:
-    - users
-
 - name: Add Kolab users
   no_log: true
   block: