infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 7 Projects Releases Packages Wiki Activity Actions
ansible/roles/openshift/ipa-client/templates/krb5.conf
Aurélien Bompard f02d19dcb9
IPA client for openshift: deploy a krb5.conf file 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2020-09-11 12:17:00 +02:00

36 lines
1.1 KiB
Text
Raw Blame History

# includedir /etc/krb5.conf.d/
[libdefaults]
default_realm = {{ ipa_realm }}
dns_lookup_realm = false
dns_lookup_kdc = false
rdns = false
dns_canonicalize_hostname = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
udp_preference_limit = 0
default_ccache_name = FILE:/tmp/%u.ccache
default_keytab_name = FILE:/etc/keytabs/host.keytab
[realms]
{{ ipa_realm }} = {
kdc = {{ ipa_server }}:88
master_kdc = {{ ipa_server }}:88
admin_server = {{ ipa_server }}:749
kpasswd_server = {{ ipa_server }}:464
default_domain = {{ ipa_realm | lower }}
pkinit_anchors = FILE:/etc/ipa/ca.crt
pkinit_pool = FILE:/etc/ipa/ca.crt
}
[domain_realm]
.fedoraproject.org = FEDORAPROJECT.ORG
fedoraproject.org = FEDORAPROJECT.ORG
.{{ datacenter }}.fedoraproject.org = FEDORAPROJECT.ORG
{{ datacenter }}.fedoraproject.org = FEDORAPROJECT.ORG
.stg.fedoraproject.org = STG.FEDORAPROJECT.ORG
stg.fedoraproject.org = STG.FEDORAPROJECT.ORG
.{{ datacenter }}.stg.fedoraproject.org = STG.FEDORAPROJECT.ORG
{{ datacenter }}.stg.fedoraproject.org = STG.FEDORAPROJECT.ORG
{{ public_hostname }} = {{ ipa_realm }}
Reference in a new issue View git blame Copy permalink