ipa/client: enable for rabbitmq in prod

Signed-off-by: Nils Philippsen <nils@redhat.com>
2021-03-19 17:25:38 +01:00 · 2021-03-19 17:25:38 +01:00 · 6b419af83e
commit 6b419af83e
parent 6275b90b0d
2 changed files with 2 additions and 7 deletions
--- a/inventory/group_vars/rabbitmq
+++ b/inventory/group_vars/rabbitmq
@ -32,9 +32,7 @@ custom_rules: [
    '-A INPUT -p tcp -m tcp -s 10.3.163.80 --dport 25672 -j ACCEPT',
 ]

-fas_client_groups: sysadmin-main,sysadmin-messaging
-sudoers: "{{ private }}/files/sudo/rabbitmq-sudoers"
-
+primary_auth_source: ipa
 ipa_host_group: rabbitmq
 ipa_host_group_desc: RabbitMQ service
 ipa_shell_groups:
--- a/playbooks/groups/rabbitmq.yml
+++ b/playbooks/groups/rabbitmq.yml
@ -18,8 +18,7 @@
  - rkhunter
  - nagios_client
  - hosts
-  - { role: fas_client, when: env != "staging" }
-  - { role: ipa/client, when: env == "staging" }
+  - ipa/client
  - collectd/base
  # RabbitMQ statistics are cluster-wide, only collect them on one member
  - role: collectd/rabbitmq
@ -29,8 +28,6 @@
  - rabbitmq_cluster

  tasks:
-  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
-    when: env != "staging"
  - import_tasks: "{{ tasks_path }}/motd.yml"

  handlers: