infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

and then we tried to make cloud-noc01 use fakefas

Browse source
This commit is contained in:
Stephen Smoogen 2014-11-03 23:18:19 +00:00
parent 57d2f64097
commit 396c116b74
3 changed files with 26 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

21
files/2fa/pam_url.conf.cloud Normal file
View file

@ -0,0 +1,21 @@
pam_url:
{
settings:
{
url = "https://fas-all.phx2.fedoraproject.org:8443/"; # URI to fetch
returncode = "OK"; # The remote script/cgi should return a 200 http code and this string as its only results
userfield = "user"; # userfield name to send
passwdfield = "token"; # passwdfield name to send
extradata = "&do=login"; # extradata to send
prompt = "Password+Token: "; # password prompt
};
ssl:
{
verify_peer = true; # Should we verify SSL ?
verify_host = true; # Should we verify the CN in the SSL cert?
client_cert = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side certificate
client_key = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side key (can be same file as above if a single cert)
ca_cert = "/etc/pki/tls/private/totpcgi-ca.cert";
};
};