3 files changed, 17 insertions, 1 deletions

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 057daabf9..8d6c02e7f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -53,6 +53,7 @@
       oauth_grant_method: "{{ openshift_master_oauth_grant_method | default(None) }}"
       sdn_cluster_network_cidr: "{{ osm_cluster_network_cidr | default(None) }}"
       sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}"
+      default_subdomain: "{{ osm_default_subdomain | default(None) }}"
 
 # TODO: These values need to be configurable
 - name: Set dns OpenShift facts
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index bc766ec9b..01c0ea7e4 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -101,12 +101,13 @@ projectConfig:
     mcsLabelsPerProject: 5
     uidAllocatorRange: 1000000000-1999999999/10000
 routingConfig:
-  subdomain: router.default.local
+  subdomain:  "{{ openshift.master.default_subdomain | default("") }}"
 serviceAccountConfig:
   managedNames:
   - default
   - builder
   - deployer
+  masterCA: ca.crt
   privateKeyFile: serviceaccounts.private.key
   publicKeyFiles:
   - serviceaccounts.public.key
diff --git a/roles/openshift_master/templates/v1_partials/oauthConfig.j2 b/roles/openshift_master/templates/v1_partials/oauthConfig.j2
index f6fd88c65..4ca644876 100644
--- a/roles/openshift_master/templates/v1_partials/oauthConfig.j2
+++ b/roles/openshift_master/templates/v1_partials/oauthConfig.j2
@@ -10,6 +10,20 @@
       {{ key }}: {{ identity_provider[key] }}"
 {% endif %}
 {% endfor %}
+{% elif identity_provider.kind == 'LDAPPasswordIdentityProvider' %}
+      attributes:
+{% for attribute_key in identity_provider.attributes %}
+        {{ attribute_key }}:
+{% for attribute_value in identity_provider.attributes[attribute_key] %}
+        - {{ attribute_value }}
+{% endfor %}
+{% endfor %}
+{% for key in ('bindDN', 'bindPassword', 'ca') %}
+      {{ key }}: "{{ identity_provider[key] }}"
+{% endfor %}
+{% for key in ('insecure', 'url') %}
+      {{ key }}: {{ identity_provider[key] }}
+{% endfor %}
 {% elif identity_provider.kind == 'RequestHeaderIdentityProvider' %}
       headers: {{ identity_provider.headers }}
 {% if 'clientCA' in identity_provider %}