From 7f49b191ac065e08ff99aa8f6dc2ea61ff8dc0a3 Mon Sep 17 00:00:00 2001
From: "Andreas B. Mundt" <andi@debian.org>
Date: Wed, 27 Nov 2019 20:21:09 +0100
Subject: [PATCH] Make 'ldap', 'kerberos' and 'nfs' hostname aliases.

---
 roles/krb5-kdc-ldap/tasks/main.yml | 9 +++++++++
 roles/lan-client/handlers/main.yml | 1 +
 roles/ldap/tasks/main.yml          | 7 +++++++
 roles/nfs-server/tasks/main.yml    | 9 ++++++++-
 4 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/roles/krb5-kdc-ldap/tasks/main.yml b/roles/krb5-kdc-ldap/tasks/main.yml
index 2d6e922..104f694 100644
--- a/roles/krb5-kdc-ldap/tasks/main.yml
+++ b/roles/krb5-kdc-ldap/tasks/main.yml
@@ -173,6 +173,15 @@
     - ldap
   when: not krb5kdc.stat.exists
 
+- name: "make 'kerberos' an alias hostname resolvable from the LAN"
+  replace:
+    path: /etc/hosts
+    regexp: "^({{ ipaddr_lan }}\\s.+)$"
+    replace: '\1	kerberos'
+  when: not krb5kdc.stat.exists
+
+########################
+
 - name: kerberize dummy user foo
   command: kadmin.local -q 'add_principal -pw "{{ foo_pwd }}" -x dn="uid=foo,ou=people,{{ basedn }}" foo'
   register: kerberize_result
diff --git a/roles/lan-client/handlers/main.yml b/roles/lan-client/handlers/main.yml
index ec16fb7..66f15d5 100644
--- a/roles/lan-client/handlers/main.yml
+++ b/roles/lan-client/handlers/main.yml
@@ -10,5 +10,6 @@
 - name: restart rpc-gssd
   systemd:
     name: rpc-gssd
+    daemon_reload: yes
     state: restarted
   notify: "restart rpc-gssd"
diff --git a/roles/ldap/tasks/main.yml b/roles/ldap/tasks/main.yml
index 8a7cda1..b0d4ed4 100644
--- a/roles/ldap/tasks/main.yml
+++ b/roles/ldap/tasks/main.yml
@@ -62,6 +62,13 @@
   command: ldapadd  -Y EXTERNAL -H ldapi:/// -f /etc/ldap/slapd.d/slapd-config.ldif
   when: not slapd.stat.exists
 
+- name: "make 'ldap' an alias hostname resolvable from the LAN"
+  replace:
+    path: /etc/hosts
+    regexp: "^({{ ipaddr_lan }}\\s.+)$"
+    replace: '\1	ldap'
+  when: not slapd.stat.exists
+
 #######################################################################################
 ## Use the admin password saved to file from now on (available also after installation):
 - name: slurp admin password
diff --git a/roles/nfs-server/tasks/main.yml b/roles/nfs-server/tasks/main.yml
index d54fdbe..400a49f 100644
--- a/roles/nfs-server/tasks/main.yml
+++ b/roles/nfs-server/tasks/main.yml
@@ -3,7 +3,7 @@
 - fail: msg="The machine's domain must not be empty."
   when: ansible_domain | length == 0
 
-- name: check if there are installing
+- name: check if we are installing
   stat: path=/etc/exports
   register: exports
 
@@ -29,6 +29,13 @@
       {{ export_root }}/home/   *(sec=krb5p,rw,no_subtree_check)
   notify: "restart nfs-kernel-server"
 
+- name: "make 'nfs' an alias hostname resolvable from the LAN"
+  replace:
+    path: /etc/hosts
+    regexp: "^({{ ipaddr_lan }}\\s.+)$"
+    replace: '\1	nfs'
+  when: not exports.stat.exists
+
 - name: check if there is a local kadmin
   stat: path=/usr/sbin/kadmin.local
   register: kadmin