Move the vnc password into ansible-private and change it
Set post script to pull via https instead of http.
http gets redirected and curl doesn't follow the redirect by default.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
In f42+, there's no longer a /usr/local/sbin, everything should be in
/usr/local/bin. Move this last script there.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Due to ordering, these config files don't get copied over before the
first time httpd gets restarted. Setting them as optional should allow
initial runs to work better.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
mm-backend01 no longer exists, the application has moved into openshift.
So, just drop this and the files will get synced.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This causes an issue where we have a proxy01.iad2 and a proxy01.rdu3.
They are different hosts, but if it uses the short name then the second
one fails because it has the same name as the first.
Lets just use fqdn for now and see if causes any problems in
display in the interface. If it does, we can change it to
perhaps include the second octet.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Move kickstarts into ansible from the side repo they were in before.
Hopefully this will make it easier for people to contibute to them
and see what they are. All sensitive info here should be templated
out from the private repo.
note that before we merge/run this, we need to move the old repo
out of the way in the location we are syncing to.
We can gradually move other kickstarts out of the old repo into this
role as we need them to build rdu3 out.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
We need this up and working in order to install the prod openshift
cluster since it uses a proxy to talk to the api and communicate with
the control plane.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The zones I added are not under a view, they are the same for everyone.
And some old no longer used zones are expired and the new named in
rhel9.6 will not load them. So, just drop the signed ones for now.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
First the mgmt zone was loading the wrong thing.
Next, rdu3 does in fact need to be able to resolve iad2 zones, because
we need to be able to resolve the ipa servers in order for sssd
to work.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
In the get_url we hit https://github.com/ansible/ansible/pull/80751,
since the ansible version is not 2.16 (it's 2.14), thus manually adding
the certificates instead of getting them from url.
Mistakenly I copied this from IAD2 and failed to change the zone that it
was loading, so it was always giving the IAD2 view in RDU3.
This should fix that.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
