setup: add FreeIPA server module and generic client script
freeipa-server.sh: interactive installer that collects domain, realm,
IP, admin/DM passwords, DNS, KRA, NTP, and AWX/Ansible settings;
runs conflict pre-flight (checks for existing named/dirsrv/krb5kdc,
ports 389/636/88, and /etc/ipa/default.conf); configures firewalld/ufw;
runs ipa-server-install; and outputs a ready-to-distribute client
package to ~/freeipa-output/ containing:
- freeipa-enroll.sh (server defaults baked in)
- freeipa-client.sh (server defaults baked in)
- freeipa-client-answerfile.json (pre-filled, password intentionally blank)
- auto-enroll-ansible.sh (AWX defaults embedded, still overridable)
- README.txt
freeipa-client.sh: thin wrapper around freeipa-enroll.sh with three modes:
--answerfile FILE read JSON with jq, build args, exec freeipa-enroll.sh
--interactive prompt for every field, then exec freeipa-enroll.sh
[flags] passthrough directly to freeipa-enroll.sh
freeipa-client-answerfile.json: template with current server defaults
(freeipa.abdelbaki.eu); freeipa-server.sh sed-replaces these when
generating customized copies.
Supported server OS: RHEL/Rocky/AlmaLinux/Fedora (primary), Arch (warned).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The_miro
7279a781b0