Add koji kerb stuff

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>

roles/koji_hub/tasks/main.yml

@@ -77,6 +77,20 @@
   - config
   - koji_hub
 
+#
+# install keytabs
+#
+
+- name: install koji-hub keytab
+  when: env == "staging"
+  copy: src={{ private }}/files/keytabs/{{ env }}/koji-hub dest=/etc/koji-hub/koji-hub.keytab
+        owner=apache group=apache mode=0600
+  notify:
+  - reload httpd
+  tags:
+  - config
+  -koji_hub
+
 #
 # install production certs and keys
 #

roles/koji_hub/templates/hub.conf.j2

@@ -20,6 +20,13 @@ KojiDir = /mnt/koji
 MemoryWarnThreshold = 10000
 MaxRequestLength = 83886080
 
+{% if env == "staging" %}
+# Kerb auth
+
+AuthPrincipal = host/koji.stg.fedoraproject.org
+AuthKeytab = /etc/koji-hub/koji-hub.keytab
+
+{% endif %}
 ##  SSL client certificate auth configuration  ##
 #note: ssl auth may also require editing the httpd config (conf.d/kojihub.conf)