From a7e0c3cf6b71e0b755e985bfbb4fd1fd0e800c42 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Sat, 17 Dec 2016 23:39:34 +0000 Subject: [PATCH] Koji is now on https Signed-off-by: Patrick Uiterwijk --- roles/sigul/bridge/files/koji-arm.conf | 17 ++++++----------- roles/sigul/bridge/files/koji-ppc.conf | 16 ++++++---------- roles/sigul/bridge/files/koji-primary.stg.conf | 14 ++++++-------- roles/sigul/bridge/files/koji-s390.conf | 16 ++++++---------- .../sigul/bridge/templates/koji-primary.conf.j2 | 4 ++-- 5 files changed, 26 insertions(+), 41 deletions(-) diff --git a/roles/sigul/bridge/files/koji-arm.conf b/roles/sigul/bridge/files/koji-arm.conf index 532d828fa1..8511fcdc21 100644 --- a/roles/sigul/bridge/files/koji-arm.conf +++ b/roles/sigul/bridge/files/koji-arm.conf @@ -3,22 +3,17 @@ ;configuration for koji cli tool ;url of XMLRPC server -server = http://arm.koji.fedoraproject.org/kojihub +server = https://arm.koji.fedoraproject.org/kojihub ;url of web interface -weburl = http://arm.koji.fedoraproject.org/koji +weburl = https://arm.koji.fedoraproject.org/koji ;url of package download site -topurl = http://armpkgs.fedoraproject.org/ +topurl = https://armpkgs.fedoraproject.org/ ;path to the koji top directory ;topdir = /mnt/koji -;configuration for SSL athentication - -;client certificate -cert = /etc/sigul/fedora.cert - -;certificate of the CA that issued the HTTP server certificate -serverca = /etc/sigul/fedora-server-ca.cert - +authtype = kerberos +principal = sigul/sign-bridge01.phx2.fedoraproject.org@FEDORAPROJECT.ORG +keytab = /etc/krb5.sigul_sign-bridge01.phx2.fedoraproject.org.keytab diff --git a/roles/sigul/bridge/files/koji-ppc.conf b/roles/sigul/bridge/files/koji-ppc.conf index d84f93dab7..c86c3acbfb 100644 --- a/roles/sigul/bridge/files/koji-ppc.conf +++ b/roles/sigul/bridge/files/koji-ppc.conf @@ -3,22 +3,18 @@ ;configuration for koji cli tool ;url of XMLRPC server -server = http://ppc.koji.fedoraproject.org/kojihub +server = https://ppc.koji.fedoraproject.org/kojihub ;url of web interface -weburl = http://ppc.koji.fedoraproject.org/koji +weburl = https://ppc.koji.fedoraproject.org/koji ;url of package download site -topurl = http://ppc.koji.fedoraproject.org/ +topurl = https://ppc.koji.fedoraproject.org/ ;path to the koji top directory ;topdir = /mnt/koji -;configuration for SSL athentication - -;client certificate -cert = /etc/sigul/fedora.cert - -;certificate of the CA that issued the HTTP server certificate -serverca = /etc/sigul/fedora-server-ca.cert +authtype = kerberos +principal = sigul/sign-bridge01.phx2.fedoraproject.org@FEDORAPROJECT.ORG +keytab = /etc/krb5.sigul_sign-bridge01.phx2.fedoraproject.org.keytab diff --git a/roles/sigul/bridge/files/koji-primary.stg.conf b/roles/sigul/bridge/files/koji-primary.stg.conf index 07874ef662..1d802fdc34 100644 --- a/roles/sigul/bridge/files/koji-primary.stg.conf +++ b/roles/sigul/bridge/files/koji-primary.stg.conf @@ -3,17 +3,15 @@ ;configuration for koji cli tool ;url of XMLRPC server -server = http://koji.stg.fedoraproject.org/kojihub +server = https://koji.stg.fedoraproject.org/kojihub ;url of web interface -weburl = http://koji.stg.fedoraproject.org/koji +weburl = https://koji.stg.fedoraproject.org/koji ;url of package download site -topurl = http://kojipkgs.stg.fedoraproject.org/ +topurl = https://kojipkgs.stg.fedoraproject.org/ -;client certificate -cert = /etc/sigul/fedora.cert - -;certificate of the CA that issued the HTTP server certificate -serverca = /etc/sigul/fedora-server-ca.cert +authtype = kerberos +principal = sigul/sign-bridge01.phx2.fedoraproject.org@FEDORAPROJECT.ORG +keytab = /etc/krb5.sigul_sign-bridge01.phx2.fedoraproject.org.keytab diff --git a/roles/sigul/bridge/files/koji-s390.conf b/roles/sigul/bridge/files/koji-s390.conf index 829805ba5f..b1cf3931f8 100644 --- a/roles/sigul/bridge/files/koji-s390.conf +++ b/roles/sigul/bridge/files/koji-s390.conf @@ -3,22 +3,18 @@ ;configuration for koji cli tool ;url of XMLRPC server -server = http://s390.koji.fedoraproject.org/kojihub +server = https://s390.koji.fedoraproject.org/kojihub ;url of web interface -weburl = http://s390.koji.fedoraproject.org/koji +weburl = https://s390.koji.fedoraproject.org/koji ;url of package download site -topurl = http://s390pkgs.fedoraproject.org/ +topurl = https://s390pkgs.fedoraproject.org/ ;path to the koji top directory ;topdir = /mnt/koji -;configuration for SSL athentication - -;client certificate -cert = /etc/sigul/fedora.cert - -;certificate of the CA that issued the HTTP server certificate -serverca = /etc/sigul/fedora-server-ca.cert +authtype = kerberos +principal = sigul/sign-bridge01.phx2.fedoraproject.org@FEDORAPROJECT.ORG +keytab = /etc/krb5.sigul_sign-bridge01.phx2.fedoraproject.org.keytab diff --git a/roles/sigul/bridge/templates/koji-primary.conf.j2 b/roles/sigul/bridge/templates/koji-primary.conf.j2 index a7e0b9c1ac..caa38aba2b 100644 --- a/roles/sigul/bridge/templates/koji-primary.conf.j2 +++ b/roles/sigul/bridge/templates/koji-primary.conf.j2 @@ -3,10 +3,10 @@ ;configuration for koji cli tool ;url of XMLRPC server -server = http://koji.fedoraproject.org/kojihub +server = https://koji.fedoraproject.org/kojihub ;url of web interface -weburl = http://koji.fedoraproject.org/koji +weburl = https://koji.fedoraproject.org/koji ;url of package download site topurl = https://kojipkgs.fedoraproject.org/