From da2e9766d7454e85eb1dc528f7b151366fdbc0de Mon Sep 17 00:00:00 2001
From: Mikolaj Izdebski <mizdebsk@redhat.com>
Date: Thu, 8 Feb 2018 12:46:50 +0100
Subject: [PATCH] Make Koschei backend auth to Koji using GSSAPI

---
 roles/koschei/backend/tasks/main.yml                  |  1 -
 roles/koschei/backend/templates/config-backend.cfg.j2 | 11 -----------
 roles/koschei/backend/templates/koji.conf.j2          | 10 +++-------
 3 files changed, 3 insertions(+), 19 deletions(-)

diff --git a/roles/koschei/backend/tasks/main.yml b/roles/koschei/backend/tasks/main.yml
index e49693f91d..3ebf99e2f4 100644
--- a/roles/koschei/backend/tasks/main.yml
+++ b/roles/koschei/backend/tasks/main.yml
@@ -56,7 +56,6 @@
     src=systemd-environment.conf.j2
     dest=/etc/systemd/system/{{ item }}.service.d/environment.conf
   with_items: "{{ koschei_backend_services }}"
-  when: env == 'staging'
   notify:
   - reload systemd
   - restart koschei backend services
diff --git a/roles/koschei/backend/templates/config-backend.cfg.j2 b/roles/koschei/backend/templates/config-backend.cfg.j2
index e34c230d66..f24f61b83d 100644
--- a/roles/koschei/backend/templates/config-backend.cfg.j2
+++ b/roles/koschei/backend/templates/config-backend.cfg.j2
@@ -14,18 +14,7 @@ config = {
         "server": "https://{{ koschei_koji_hub }}/kojihub",
         "weburl": "https://{{ koschei_koji_web }}/koji",
         "topurl": "https://{{ koschei_kojipkgs }}",
-        {% if env == 'staging' %}
         "login_method": "gssapi_login",
-        {% else %}
-        "login_method": "krb_login",
-        "login_args": {
-            "keytab": "/etc/krb5.koschei_{{ inventory_hostname }}.keytab",
-            "principal": "koschei/{{ inventory_hostname }}@{{ ipa_realm }}",
-        },
-        "session_opts": {
-            "krb_rdns": False,
-        },
-        {% endif %}
         {% if env == 'staging' %}
         "max_builds": 16,
         "build_arches": ['x86_64'],
diff --git a/roles/koschei/backend/templates/koji.conf.j2 b/roles/koschei/backend/templates/koji.conf.j2
index efaa5f37ad..b12fe932bd 100644
--- a/roles/koschei/backend/templates/koji.conf.j2
+++ b/roles/koschei/backend/templates/koji.conf.j2
@@ -1,11 +1,7 @@
 [koji]
-server = http://{{ koschei_koji_hub }}/kojihub
-topurl = http://{{ koschei_kojipkgs }}
-weburl = http://{{ koschei_koji_web }}/koji
+server = https://{{ koschei_koji_hub }}/kojihub
+topurl = https://{{ koschei_kojipkgs }}
+weburl = https://{{ koschei_koji_web }}/koji
 topdir = /mnt/koji
 authtype = kerberos
 krbservice = host
-principal = koschei/{{ inventory_hostname }}@{{ ipa_realm }}
-keytab = /etc/krb5.koschei_{{ inventory_hostname }}.keytab
-ccache = /tmp/koschei-koji-krb-ccache
-krb_rdns = False