From feccab9e96ab838cca1dcbc1e999aa9d5168b7e3 Mon Sep 17 00:00:00 2001
From: Igor Chudov <nir@altlinux.org>
Date: Fri, 5 Jul 2019 16:50:37 +0400
Subject: [PATCH] Make Kerberos 5 role idempotent

---
 roles/kerberos5/tasks/master.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/kerberos5/tasks/master.yml b/roles/kerberos5/tasks/master.yml
index 4c85433..8c8620a 100644
--- a/roles/kerberos5/tasks/master.yml
+++ b/roles/kerberos5/tasks/master.yml
@@ -22,10 +22,16 @@
     group: root
     mode: 0644
 
+- name: Check local Kerberos 5 database existence
+  stat:
+    path: '{{ kdc_var_path }}/principal'
+  register: stat_kdc_db
+
 # We need to initialize principal database on the new system in order
 # 'krb5kdc` to work.
 - name: Initialize Kerberos 5 local database
   shell: "kdb5_util create -P '{{ krb5_admin_pass }}' -r {{ krb5_realm | upper }} -s"
+  when: stat_kdc_db.stat.exists == False
 
 # We must configure Kerberos 5 realm properly for krb5kdc
 - name: Configure krb5kdc