News

Automating FreeIPA with Terraform

Raphaël Pinson | © Camptocamp
Raphaël Pinson
22.04.2020

Terraform is great for cloud provisioning and has now become a standard tool to deploy infrastructures as code, in a DevOps fashion.

Many plugins exist to cover specific needs, from major cloud providers (AWS, GCP, Azure, etc.) to specific app APIs (Grafana, GitHub, or even PostgreSQL). The community provides and maintains additional providers which can be installed and used in any Terraform project as plugins.

Camptocamp developed several providers over the last few years . Besides the official Rancher provider which was co-developed by our team and contributed to the community, we maintain providers to integrate Terraform with the PuppetCA, the PuppetDB, as well as the gopass password vault.

More recently, we started having a need to automate FreeIPA resources using Terraform, so we started a new provider.

 

Installing

Installing additional Terraform providers is rather straightforward. You can simply download the binary from the releases page and drop it in your ~/.terraform.d/plugins directory.

 

Usage

Like all other Terraform providers, you first need to configure the provider. You can do that using either hardcoded parameters or environment variables. In this second case, we strongly encourage you to make use of summon as a wrapper to dynamically expose the environment variables at call time.

provider freeipa {
  host = "ipa.example.test" # or set $FREEIPA_HOST
  username = "admin" # or set $FREEIPA_USERNAME
  password = "P@S5sw0rd" # or set $FREEIPA_PASSWORD
  insecure = true
}

Next, you can start writing resources to manage FreeIPA hosts and DNS records:

resource freeipa_host "foo" {
  fqdn = "foo.example.test"
  description = "This is my foo host"
  force = true
  random = true
  userpassword = "abcde"
}

resource freeipa_dns_record "bar" {
  idnsname = "bar"
  dnszoneidnsname = "myzone"
  dnsttl = 20
  records = ["1.2.3.4"]
}

At the moment, this FreeIPA provider only features 2 resource types, to manage FreeIPA hosts and DNS records.

Don’t hesitate to contribute to it by providing more resource types!

Contact us for more information

By submitting this form, I accept that the information entered will be used for the purposes described in the privacy policy.
Privacy Policy & Terms of Service apply

Author

Raphaël Pinson | © Camptocamp
Raphaël Pinson

Career

Interested in working in an inspiring environment and joining our motivated and multicultural teams? 

Bussigny - Switzerland
Paris - France
Chambéry - France
Munich - Germany
Go to all Locations
Odoo, our commitment to quality and service beyond Gold status
While we deeply value our partnership with Odoo, our primary mission remains to provide exceptional service to our customers.
Read more
Swisscom Becomes Majority Shareholder of Camptocamp
Big news from Basecamp! Today at the company Q1 all-hands meeting, Camptocamp co-founders Luc Maurer and Claude Philipona announced that Swisscom has acquired a majority stake in the company.
Read more
GEOSUMMIT 2024: Camptocamp proudly participates as Gold Sponsor
We are happy to announce our participation as a gold sponsor at the GEOSUMMIT 2024, Switzerland's premier gathering of geospatial experts.
Read more