Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

taskotron-stg01 is a special snowflake. ;)

Browse source
This commit is contained in:
Kevin Fenzi 2014-07-07 22:09:10 +00:00
parent 8149370aa5
commit d5fc8e3301
1 changed files with 27 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

27
files/2fa/pam_url.conf.taskotron-stg01.qa.fedoraproject.org Normal file
View file

@ -0,0 +1,27 @@
pam_url:
{
settings:
{
{% if env == 'staging' %}
url = "https://fas-all.stg.phx2.fedoraproject.org:8443/"; # URI to fetch
{% elif datacenter == 'phx2' %}
url = "https://fas-all.phx2.fedoraproject.org:8443/"; # URI to fetch
{% else %}
url = "https://fas-all.vpn.fedoraproject.org:8443/"; # URI to fetch
{% endif %}
returncode = "OK"; # The remote script/cgi should return a 200 http code and this string as its only results
userfield = "user"; # userfield name to send
passwdfield = "token"; # passwdfield name to send
extradata = "&do=login"; # extradata to send
prompt = "Password+Token: "; # password prompt
};
ssl:
{
verify_peer = true; # Should we verify SSL ?
verify_host = true; # Should we verify the CN in the SSL cert?
client_cert = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side certificate
client_key = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side key (can be same file as above if a single cert)
ca_cert = "/etc/pki/tls/private/totpcgi-ca.cert";
};
};