attempt to use tabs

docs/training/ex362.md

@@ -76,7 +76,7 @@ Below is a list of expected lab systems to perform the work on this page.
 As the exam may expect familiarity with ansible, setting up an ansible controller may be ideal.
 
 !!! note
-    **We still recommend basic familiarity with FreeIPA itself is ideal. Learning by hand is important first before attempting to automate.
+    **We still recommend basic familiarity with FreeIPA itself as it is ideal for understanding the entire stack. Learning by hand is important first before attempting to automate.**
 
 ### Controller Setup
 
@@ -199,7 +199,7 @@ Install the required collections.
 % ansible-galaxy collection install ansible.posix
 ```
 
-At this point, you will need to configure all the clients with an ansible user and the public key. See the ansible documentation for my details.
+At this point, you will need to configure all the clients with an ansible user and the public key. See the ansible documentation for more details.
 
 ## Install and configure Red Hat Identity Management (IdM)
 
@@ -219,127 +219,127 @@ At this point, you will need to configure all the clients with an ansible user a
 
     In later versions of FreeIPA, there is support to force network manager to ensure resolv.conf is loopback without the need to set it by hand with nmcli.
 
-#### Script or CLI Method
-
-``` bash
-% hostnamectl set-hostname idm1.example.com
-# Set a static address - It's important for your IdM servers
-# to have static addresses or a DHCP reservation.
-% nmcli con mod eth0 ipv4.address 192.168.15.2/24
-% nmcli con mod eth0 ipv4.gateway 192.168.15.1
-% nmcli con mod eth0 ipv4.method manual
-% nmcli con mod eth0 ipv4.dns-search example.com
-
-# You should set this if your replica serves DNS! If not, set it to
-# one or more of your IdM replicas that do.
-% nmcli con mod eth0 ipv4.dns 127.0.0.1
-% nmcli con up eth0
-```
-
-``` bash
-# Examples of using ipa-server-install
-# RHEL 9
-% dnf install ipa-server ipa-server-dns ipa-client sssd sssd-ipa
-# Installation, interactive, does not setup specific components
-% ipa-server-install
-
-# Installation, mostly automatic (recommended)
-# This will setup DNS and the necessary pieces for an AD trust
-# Optionally, you can set --setup-adtrust use the --netbios-name switch
-# to set your forest netbios name
-% ipa-server-install --domain example.com --realm EXAMPLE.COM \
-    --reverse-zone=15.168.192.in-addr.arpa. \
-    --no-forwarders \
-    --no-ntp \
-    --setup-dns \
-    -p Passw0rd! \
-    -a Passw0rd!
-
-# Same as the above, but sets NTP server to sync to before starting
-# the installation.
-% ipa-server-install --domain example.com --realm EXAMPLE.COM \
-    --reverse-zone=15.168.192.in-addr.arpa. \
-    --no-forwarders \
-    --ntp-server=192.168.15.12 \
-    --setup-dns \
-    -p Passw0rd! \
-    -a Passw0rd!
-```
-
-``` bash
-% firewall-cmd --permanent --add-service={freeipa-4,dns}
-```
-
-``` bash
-% kinit admin
-# We need to make sure that any A records get a corresponding PTR record, otherwise you're making them manually.
-% ipa dnsconfig-mod --allow-sync-ptr=True
-```
-
-#### Ansible Method
-
-Ensure that your ansible controller is setup and install the collections as needed.
-
-!!! warn "Ensure ansible is operable on all machines"
-    It is recommended that on all machines in this lab, you are configuring ansible as a user with full sudo rights.
-
-!!! note "Static Addressing, command vs collection"
-    Earlier, it was suggested to install community.general as it provides an nmcli module. We will be using this. It should be noted that you may not have access to that collection on the exam.
-
-    We also suggested ansible.posix. You may not also have access to this on the exam.
-
-``` yaml
-% vi role_ipa_server.yml
----
-- name: "Standup IPA Server"
-  hosts: ipaserver
-  become: true
-
-  pre_tasks:
-    # ensure hostname is what is expected
-    - name: "Set hostname"
-      ansible.builtin.hostname:
-        name: idm1.example.com
-        use: systemd
-
-    # This sets up network manager using community.general.
-    - name: "Set static address"
-      community.general.nmcli:
-        ifname: enp1s0
-        conn_name: enp1s0
-        type: ethernet
-        method4: manual
-        ip4:
-          - 192.168.15.2/24
-        gw4: 192.168.15.1
-        dns4_search: example.com
-        dns4: 127.0.0.1
-        autoconnect: true
-        state: present
-
-  roles:
-    - role: freeipa.ansible_freeipa.ipaserver
-      state: present
-
-  post_tasks:
-    # We need to ensure firewalld was setup the way we wanted it to
-    - name: "Ensure firewalld rules are accurate"
-      ansible.posix.firewalld:
-        service: "{{ item }}"
-        permanent: true
-        immediate: true
-        state: enabled
-      with_items:
-        - "freeipa-4"
-        - "dns"
-
-    # We need to make sure that any A records get a PTR record.
-    - name: "Ensure PTR is in sync"
-      freeipa.ansible_freeipa.ipadnsconfig:
-        ipaadmin_principal: "{{ ipaadmin_principal }}"
-        ipaadmin_password: "{{ ipaadmin_password }}"
-        allow_sync_ptr: true
-```
+=== "Script or CLI Method"
+
+    ``` bash
+    % hostnamectl set-hostname idm1.example.com
+    # Set a static address - It's important for your IdM servers
+    # to have static addresses or a DHCP reservation.
+    % nmcli con mod eth0 ipv4.address 192.168.15.2/24
+    % nmcli con mod eth0 ipv4.gateway 192.168.15.1
+    % nmcli con mod eth0 ipv4.method manual
+    % nmcli con mod eth0 ipv4.dns-search example.com
+
+    # You should set this if your replica serves DNS! If not, set it to
+    # one or more of your IdM replicas that do.
+    % nmcli con mod eth0 ipv4.dns 127.0.0.1
+    % nmcli con up eth0
+    ```
+
+    ``` bash
+    # Examples of using ipa-server-install
+    # RHEL 9
+    % dnf install ipa-server ipa-server-dns ipa-client sssd sssd-ipa
+    # Installation, interactive, does not setup specific components
+    % ipa-server-install
+
+    # Installation, mostly automatic (recommended)
+    # This will setup DNS and the necessary pieces for an AD trust
+    # Optionally, you can set --setup-adtrust use the --netbios-name switch
+    # to set your forest netbios name
+    % ipa-server-install --domain example.com --realm EXAMPLE.COM \
+        --reverse-zone=15.168.192.in-addr.arpa. \
+        --no-forwarders \
+        --no-ntp \
+        --setup-dns \
+        -p Passw0rd! \
+        -a Passw0rd!
+
+    # Same as the above, but sets NTP server to sync to before starting
+    # the installation.
+    % ipa-server-install --domain example.com --realm EXAMPLE.COM \
+        --reverse-zone=15.168.192.in-addr.arpa. \
+        --no-forwarders \
+        --ntp-server=192.168.15.12 \
+        --setup-dns \
+        -p Passw0rd! \
+        -a Passw0rd!
+    ```
+
+    ``` bash
+    % firewall-cmd --permanent --add-service={freeipa-4,dns}
+    ```
+
+    ``` bash
+    % kinit admin
+    # We need to make sure that any A records get a corresponding PTR record, otherwise you're making them manually.
+    % ipa dnsconfig-mod --allow-sync-ptr=True
+    ```
+
+=== Ansible Method
+
+    Ensure that your ansible controller is setup and install the collections as needed.
+
+    !!! warn "Ensure ansible is operable on all machines"
+        It is recommended that on all machines in this lab, you are configuring ansible as a user with full sudo rights.
+
+    !!! note "Static Addressing, command vs collection"
+        Earlier, it was suggested to install community.general as it provides an nmcli module. We will be using this. It should be noted that you may not have access to that collection on the exam.
+
+        We also suggested ansible.posix. You may not also have access to this on the exam.
+
+    ``` yaml
+    % vi role_ipa_server.yml
+    ---
+    - name: "Standup IPA Server"
+      hosts: ipaserver
+      become: true
+
+      pre_tasks:
+        # ensure hostname is what is expected
+        - name: "Set hostname"
+          ansible.builtin.hostname:
+            name: idm1.example.com
+            use: systemd
+
+        # This sets up network manager using community.general.
+        - name: "Set static address"
+          community.general.nmcli:
+            ifname: enp1s0
+            conn_name: enp1s0
+            type: ethernet
+            method4: manual
+            ip4:
+              - 192.168.15.2/24
+            gw4: 192.168.15.1
+            dns4_search: example.com
+            dns4: 127.0.0.1
+            autoconnect: true
+            state: present
+
+      roles:
+        - role: freeipa.ansible_freeipa.ipaserver
+          state: present
+
+      post_tasks:
+        # We need to ensure firewalld was setup the way we wanted it to
+        - name: "Ensure firewalld rules are accurate"
+          ansible.posix.firewalld:
+            service: "{{ item }}"
+            permanent: true
+            immediate: true
+            state: enabled
+          with_items:
+            - "freeipa-4"
+            - "dns"
+
+        # We need to make sure that any A records get a PTR record.
+        - name: "Ensure PTR is in sync"
+          freeipa.ansible_freeipa.ipadnsconfig:
+            ipaadmin_principal: "{{ ipaadmin_principal }}"
+            ipaadmin_password: "{{ ipaadmin_password }}"
+            allow_sync_ptr: true
+    ```
 
 ### Install and configure a replica IdM Server
 

mkdocs.yml

@@ -33,7 +33,6 @@ theme:
     - search.highlight
     - search.suggest
     - toc.integrate
-    - content.action.edit
   logo: assets/logo.png
   palette:
     scheme: slate