Declare certs for lockbox.
This commit is contained in:
Ralph Bean
parent
966cab0192
commit
a8f0d2cd7e
1 changed files with 18 additions and 0 deletions
|
|
@ -7,3 +7,21 @@ num_cpus: 2
|
||||||
tcp_ports: [ 443 ]
|
tcp_ports: [ 443 ]
|
||||||
|
|
||||||
fas_client_groups: sysadmin-noc,sysadmin-qa,fi-apprentice
|
fas_client_groups: sysadmin-noc,sysadmin-qa,fi-apprentice
|
||||||
|
|
||||||
|
# These are consumed by a task in roles/fedmsg/base/main.yml
|
||||||
|
# We don't really use the announce cert.. but it was supposed to be a way for
|
||||||
|
# the FPL and other powers that be to broadcast announcements, like the FCC's
|
||||||
|
# emergency broadcast system. The cert are group are here.. but no tools on the
|
||||||
|
# client side are configured to do anything with this yet.
|
||||||
|
fedmsg_certs:
|
||||||
|
- service: shell
|
||||||
|
owner: root
|
||||||
|
group: sysadmin
|
||||||
|
can_send:
|
||||||
|
- ansible.playbook.complete
|
||||||
|
- ansible.playbook.start
|
||||||
|
- service: announce
|
||||||
|
owner: root
|
||||||
|
group: fedmsg-announce
|
||||||
|
can_send:
|
||||||
|
- announce.announcement
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue