preparation for role domaincontroller

roles/domaincontroller/tasks/provision.yml

@@ -0,0 +1,26 @@
+---
+- name: domaincontroller | provision | check if domain is already provisioned
+  stat:
+    path: /var/lib/samba/private/sam.ldb
+  register: samba_db
+
+- name: domaincontroller | provision | provision the domain if not present
+  block:
+    - name: domaincontroller | provision | run samba-tool domain provision
+      command: >
+        samba-tool domain provision
+        --use-rfc2307
+        --realm={{ samba_realm }}
+        --domain={{ samba_workgroup }}
+        --server-role=dc
+        --dns-backend=SAMBA_INTERNAL
+        --adminpass='{{ samba_domain_password }}'
+      args:
+        creates: /var/lib/samba/private/sam.ldb
+
+    - name: domaincontroller | provision | copy kerberos config to system location
+      copy:
+        src: /var/lib/samba/private/krb5.conf
+        dest: /etc/krb5.conf
+        remote_src: true
+  when: not samba_db.stat.exists