From 57e11b70c1039e0335ca7ebb22b56f35c519c55d Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Mon, 12 Dec 2016 00:33:57 +0000
Subject: [PATCH] Deploy keytab file to other location

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/koji_hub/tasks/main.yml            | 9 +++++++++
 roles/koji_hub/templates/kojihub.conf.j2 | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/roles/koji_hub/tasks/main.yml b/roles/koji_hub/tasks/main.yml
index 41c189ddf4..e0624b673a 100644
--- a/roles/koji_hub/tasks/main.yml
+++ b/roles/koji_hub/tasks/main.yml
@@ -91,6 +91,15 @@
   - config
   - koji_hub
 
+- name: install GSSAPI keytab
+  copy: src={{ private }}/files/keytabs/{{ env }}/koji-gssapi dest=/etc/koji-hub/gssapi.keytab
+        owner=apache group=apache mode=0600
+  notify:
+  - reload httpd
+  tags:
+  - config
+  - koji_hub
+
 #
 # install production certs and keys
 #
diff --git a/roles/koji_hub/templates/kojihub.conf.j2 b/roles/koji_hub/templates/kojihub.conf.j2
index 144574c1e9..fcee71d5e4 100644
--- a/roles/koji_hub/templates/kojihub.conf.j2
+++ b/roles/koji_hub/templates/kojihub.conf.j2
@@ -29,7 +29,7 @@ Alias /kojifiles "/mnt/koji/"
 	 GssapiSSLonly On
          GssapiLocalName On
 	 AuthName "GSSAPI Single Sign On Login"
-	 GssapiCredStore keytab:/etc/koji-hub-http.keytab
+	 GssapiCredStore keytab:/etc/koji-hub/gssapi.keytab
 	 Require valid-user
 </Location>