def pre_callback(self, ldap, dn, *keys, **options):
pkey = self.obj.get_primary_key_from_dn(dn)
if options.get('force', False):
self.add_message(
messages.ServerRemovalWarning(
message=_("Forcing removal of %(hostname)s") %
dict(hostname=pkey)))
# check the topology errors before and after removal
self.context.topology_connectivity = topology.TopologyConnectivity(
self.api)
if options.get('ignore_topology_disconnect', False):
self.add_message(
messages.ServerRemovalWarning(
message=_("Ignoring topology connectivity errors.")))
else:
self._check_topology_connectivity(
self.context.topology_connectivity, pkey)
# ensure that we are not removing last CA/DNS server, DNSSec master and
# CA renewal master
self._ensure_last_of_role(pkey,
ignore_last_of_role=options.get(
'ignore_last_of_role', False))
if self.api.Command.ca_is_enabled()['result']:
try:
with self.api.Backend.ra_securitydomain as domain_api:
domain_api.delete_domain(pkey, 'KRA')
domain_api.delete_domain(pkey, 'CA')
except Exception as e:
self.add_message(
messages.ServerRemovalWarning(message=_(
"Failed to remove server from security domain: %s" %
e)))
# remove the references to master's ldap/http principals
self._remove_server_principal_references(pkey)
# remove Custodia encryption and signing keys
self._remove_server_custodia_keys(ldap, pkey)
# finally destroy all Kerberos principals
self._remove_server_host_services(ldap, pkey)
# try to clean up the leftover DNS entries
self._cleanup_server_dns_records(pkey)
# try to clean up the DNS config from ldap
self._cleanup_server_dns_config(pkey)
return dn
def pre_callback(self, ldap, dn, *keys, **options):
pkey = self.obj.get_primary_key_from_dn(dn)
if options.get('force', False):
self.add_message(
messages.ServerRemovalWarning(
message=_("Forcing removal of %(hostname)s") %
dict(hostname=pkey)))
# check the topology errors before and after removal
self.context.topology_connectivity = topology.TopologyConnectivity(
self.api)
if options.get('ignore_topology_disconnect', False):
self.add_message(
messages.ServerRemovalWarning(
message=_("Ignoring topology connectivity errors.")))
else:
self._check_topology_connectivity(
self.context.topology_connectivity, pkey)
# ensure that we are not removing last CA/DNS server, DNSSec master and
# CA renewal master
self._ensure_last_of_role(pkey,
ignore_last_of_role=options.get(
'ignore_last_of_role', False))
# remove the references to master's ldap/http principals
self._remove_server_principal_references(pkey)
# remove Custodia encryption and signing keys
self._remove_server_custodia_keys(ldap, pkey)
# finally destroy all Kerberos principals
self._remove_server_host_services(ldap, pkey)
# try to clean up the leftover DNS entries
self._cleanup_server_dns_records(pkey)
return dn