and then we tried to make cloud-noc01 use fakefas

files/2fa/pam_url.conf.cloud

@@ -0,0 +1,21 @@
+pam_url:
+{
+	settings:
+	{
+		url = "https://fas-all.phx2.fedoraproject.org:8443/";	# URI to fetch
+		returncode = "OK";				# The remote script/cgi should return a 200 http code and this string as its only results
+		userfield = "user";				# userfield name to send
+		passwdfield = "token";				# passwdfield name to send
+		extradata = "&do=login";			# extradata to send
+		prompt = "Password+Token: ";			# password prompt
+	};
+
+	ssl:
+	{
+		verify_peer = true;				# Should we verify SSL ?
+		verify_host = true;				# Should we verify the CN in the SSL cert?
+		client_cert = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side certificate
+		client_key  = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side key (can be same file as above if a single cert)
+                ca_cert     = "/etc/pki/tls/private/totpcgi-ca.cert";
+	};
+};

files/rdiff-backup/#run-rdiff-backups.cron#

@@ -1,3 +0,0 @@
-# run rdiff backups
-MAILTO=kevin@scrye.com,smooge@gmail.com
-00 22 * * * root /usr/local/bin/lock-wrapper run-rdiff-backups "/usr/local/bin/run-rdiff-backups"

roles/hosts/files/cloud-hosts

@@ -0,0 +1,5 @@
+127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
+::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
+
+209.132.181.6 infrastructure infrastructure.fedoraproject.org
+209.132.181.32 fas-all fas-all.phx2.fedoraproject.org