ipa/client: enable for odcs in prod

Signed-off-by: Nils Philippsen <nils@redhat.com>

inventory/group_vars/odcs

@@ -1,3 +1,4 @@
+primary_auth_source: ipa
 ipa_host_group: odcs
 ipa_host_group_desc: On Demand Compose Service
 ipa_client_shell_groups:

inventory/group_vars/odcs_backend

@@ -28,8 +28,6 @@ nfs_mount_opts: "ro,hard,bg,intr,noatime,nodev,nosuid,nfsvers=3"
 # Neeed for rsync from log01 for logs.
 custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 
-fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-odcs,sysadmin-veteran
-
 fedmsg_hub_auto_restart: False
  
 # These are consumed by a task in roles/fedmsg/base/main.yml

inventory/group_vars/odcs_frontend

@@ -21,8 +21,6 @@ udp_ports: [ 111 ]
 # Neeed for rsync from log01 for logs.
 custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
 
-fas_client_groups: sysadmin-noc,sysadmin-releng,sysadmin-odcs,sysadmin-veteran
-
 # These are consumed by a task in roles/fedmsg/base/main.yml
 fedmsg_certs:
 - service: odcs

playbooks/groups/odcs.yml

@@ -18,15 +18,12 @@
   - rkhunter
   - nagios_client
   - hosts
-  - { role: fas_client, when: env != "staging" }
+  - ipa/client
-  - { role: ipa/client, when: env == "staging" }
   - rsyncd
   - sudo
   - collectd/base
 
   tasks:
-  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
-    when: env != "staging"
   - import_tasks: "{{ tasks_path }}/motd.yml"
 
   handlers: