From c9b757d86635054c4be959bb17e4e038142d80aa Mon Sep 17 00:00:00 2001 From: Nils Philippsen Date: Fri, 19 Mar 2021 17:25:38 +0100 Subject: [PATCH] ipa/client: enable for batcave in prod Signed-off-by: Nils Philippsen --- inventory/group_vars/batcave | 3 +-- playbooks/groups/batcave.yml | 4 +--- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/inventory/group_vars/batcave b/inventory/group_vars/batcave index 86559e9541..6435818437 100644 --- a/inventory/group_vars/batcave +++ b/inventory/group_vars/batcave @@ -8,8 +8,7 @@ tcp_ports: [ 80, 443, 8442, 8443 ] # Neeed for rsync from log01 for logs. custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ] -fas_client_groups: sysadmin-ask,sysadmin-atomic,sysadmin-cvs,sysadmin-main,sysadmin-web,sysadmin-noc,sysadmin-hosted,sysadmin-releng,sysadmin-qa,sysadmin-tools,sysadmin-cloud,sysadmin-bot,sysadmin-centos,sysadmin-koschei,sysadmin-datanommer,sysadmin-fedimg,fi-apprentice,sysadmin-badges,sysadmin-mbs,sysadmin-veteran,sysadmin-coreos,sysadmin-upstreamfirst,sysadmin-releasemonitoring,sysadmin-fpdc,sysadmin-messaging,sysadmin-libravatar,sysadmin-gnome,sysadmin-copr,sysadmin-osbs,sysadmin-odcs,sysadmin-debuginfod - +primary_auth_source: ipa ipa_host_group: batcave ipa_host_group_desc: The Bat Cave ipa_client_shell_groups: diff --git a/playbooks/groups/batcave.yml b/playbooks/groups/batcave.yml index 3bb12b129e..773c54c9bc 100644 --- a/playbooks/groups/batcave.yml +++ b/playbooks/groups/batcave.yml @@ -15,8 +15,7 @@ - rkhunter - nagios_client - hosts - - { role: ipa/client, when: env == "staging" } - - { role: fas_client, when: env != "staging" } + - ipa/client - ansible-server - sudo - collectd/base @@ -66,7 +65,6 @@ - import_tasks: "{{ tasks_path }}/yumrepos.yml" tasks: - - import_tasks: "{{ tasks_path }}/2fa_client.yml" - import_tasks: "{{ tasks_path }}/motd.yml" handlers: