From 1c130bf84094f652c27e5d6cff944176ff7b7232 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Mon, 28 May 2018 15:20:50 -0500
Subject: [PATCH] samba-dc: Configure TLS

---
 group_vars/samba-dc.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/group_vars/samba-dc.yml b/group_vars/samba-dc.yml
index 608ffcf..3fe7fff 100644
--- a/group_vars/samba-dc.yml
+++ b/group_vars/samba-dc.yml
@@ -10,3 +10,8 @@ samba_shares:
 - name: netlogon
   path: /var/lib/samba/sysvol/{{ krb5_realm|lower }}/scripts
   read_only: no
+
+samba_tls_enabled: true
+samba_tls_keyfile: /etc/pki/tls/private/samba.key
+samba_tls_certfile: /etc/pki/tls/certs/samba.cer
+samba_tls_cafile: /etc/pki/tls/certs/samba-ca.crt