From 5afc6bfc4e197f57524a8e17110ad5b501dbc8f3 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Thu, 13 Oct 2016 17:47:25 +0000
Subject: [PATCH] Add kerb to koji prod

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/koji_hub/tasks/main.yml        | 1 -
 roles/koji_hub/templates/hub.conf.j2 | 6 ++++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/koji_hub/tasks/main.yml b/roles/koji_hub/tasks/main.yml
index d6d6a21c81..72ffc6307d 100644
--- a/roles/koji_hub/tasks/main.yml
+++ b/roles/koji_hub/tasks/main.yml
@@ -82,7 +82,6 @@
 #
 
 - name: install koji-hub keytab
-  when: env == "staging"
   copy: src={{ private }}/files/keytabs/{{ env }}/koji-hub dest=/etc/koji-hub/koji-hub.keytab
         owner=apache group=apache mode=0600
   notify:
diff --git a/roles/koji_hub/templates/hub.conf.j2 b/roles/koji_hub/templates/hub.conf.j2
index d703c5d04c..c6217f73b0 100644
--- a/roles/koji_hub/templates/hub.conf.j2
+++ b/roles/koji_hub/templates/hub.conf.j2
@@ -20,13 +20,15 @@ KojiDir = /mnt/koji
 MemoryWarnThreshold = 10000
 MaxRequestLength = 83886080
 
-{% if env == "staging" %}
 # Kerb auth
 
+{% if env == "staging" %}
 AuthPrincipal = host/koji.stg.fedoraproject.org
+{% else %}
+AuthPrincipal = host/koji.fedoraproject.org
+{% endif %}
 AuthKeytab = /etc/koji-hub/koji-hub.keytab
 
-{% endif %}
 ##  SSL client certificate auth configuration  ##
 #note: ssl auth may also require editing the httpd config (conf.d/kojihub.conf)