document: modulemd
version: 2
data:
  stream: DL1
  summary: The Red Hat Enterprise Linux Identity Management system module
  description: >-
    RHEL IdM is an integrated solution to provide centrally managed Identity (users, hosts,
    services), Authentication (SSO, 2FA), and Authorization (host access control,
    SELinux user roles, services). The solution provides features for further integration
    with Linux based clients (SUDO, automount) and integration with Active Directory
    based infrastructures (Trusts).
  license:
    module: [MIT]
  dependencies:
  - buildrequires:
      platform: [el8]
      pki-core: [10.6]
      httpd: [2.4]
      389-ds: [1.4]
    requires:
      platform: [el8]
      pki-core: [10.6]
      httpd: [2.4]
      389-ds: [1.4]
  references:
    community: https://www.freeipa.org/
    documentation: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/index
    tracker: https://pagure.io/freeipa/issues
  profiles:
    common:
      description: A default profile for RHEL IdM client
      rpms:
      - ipa-client
    client:
      description: RHEL IdM Client
      rpms:
      - ipa-client
    server:
      description: Base RHEL IdM Server with integrated CA and no integrated DNS
      rpms:
      - ipa-server
      - ipa-healthcheck
    dns:
      description: RHEL IdM with integrated DNS server and integrated CA
      rpms:
      - ipa-server
      - ipa-server-dns
      - ipa-healthcheck
    adtrust:
      description: RHEL IdM Server Integration with Active Directory
      rpms:
      - ipa-server-trust-ad
      - ipa-idoverride-memberof-plugin
      - ipa-healthcheck
  components:
    rpms:
      ipa:
        rationale: Module API
        ref: stream-idm-DL1-rhel-8.1.0
      bind-dyndb-ldap:
        rationale: Driver for BIND to store DNS information in LDAP
        ref: stream-idm-DL1-rhel-8.1.0
      slapi-nis:
        rationale: Compatibility plugin to serve legacy clients
        ref: stream-idm-DL1-rhel-8.1.0
        # 389-ds-base is not available on i686
        arches: [ aarch64, x86_64, s390x, ppc64le ]
      ipa-healthcheck:
        rationale: A tool to detect issues in IdM clusters
        ref: stream-DL1-rhel-8.1.0
        buildorder: 3
      ipa-idoverride-memberof:
        rationale: Manage IdM with Active Directory users
        ref: stream-idm-DL1-rhel-8.1.0
        buildorder: 3
      custodia:
        rationale: Remote access to secrets and credentials in IdM topology
        ref: stream-idm-DL1-rhel-8.1.0
        buildorder: 2
      python-jwcrypto:
        rationale: JSON Web Cryptographic Tokens used by Custodia
        ref: stream-idm-DL1-rhel-8.1.0
        buildorder: 1
      python-qrcode:
        rationale: QR code generator for IdM two-factor authentication
        ref: stream-idm-DL1-rhel-8.1.0
      python-yubico:
        rationale: Support for Yubikey-based tokens for IdM two-factor authentication
        ref: stream-idm-DL1-rhel-8.1.0
        buildorder: 2
      pyusb:
        rationale: Python USB support to access USB tokens for IdM two-factor authentication
        ref: stream-idm-DL1-rhel-8.1.0
        buildorder: 1
      softhsm:
        rationale: Software version of a PKCS#11 Hardware Security Module
        ref: stream-idm-DL1-rhel-8.1.0
      opendnssec:
        rationale: An implementation of DNSSEC support for IdM integrated DNS server
        ref: stream-idm-DL1-rhel-8.1.0
      python-kdcproxy:
        rationale: MS-KKDCP (kerberos proxy) WSGI module
        ref: stream-idm-DL1-rhel-8.1.0