From a4061e6bbc879b3965b399a7998efd67eeee4e57 Mon Sep 17 00:00:00 2001 From: Nils Philippsen Date: Fri, 19 Mar 2021 17:25:38 +0100 Subject: [PATCH] ipa/client: enable for pagure in prod Signed-off-by: Nils Philippsen --- inventory/group_vars/pagure | 12 +++++++++++- inventory/group_vars/pagure_stg | 11 ++++++++++- playbooks/groups/pagure.yml | 4 +--- 3 files changed, 22 insertions(+), 5 deletions(-) diff --git a/inventory/group_vars/pagure b/inventory/group_vars/pagure index 5f6c22b299..4b2c3ab86c 100644 --- a/inventory/group_vars/pagure +++ b/inventory/group_vars/pagure @@ -64,7 +64,17 @@ fedmsg_certs: fedmsg_prefix: io.pagure fedmsg_env: prod -fas_client_groups: sysadmin-noc,sysadmin-web,sysadmin-veteran +primary_auth_source: ipa +ipa_host_group: pagure +ipa_host_group_desc: Pagure GIT Forge +ipa_client_shell_groups: +- sysadmin-noc +- sysadmin-web +- sysadmin-veteran +ipa_client_sudo_groups: +- sysadmin-noc +- sysadmin-web +- sysadmin-veteran freezes: true postfix_group: vpn.pagure diff --git a/inventory/group_vars/pagure_stg b/inventory/group_vars/pagure_stg index 0643839c9f..57aff68e53 100644 --- a/inventory/group_vars/pagure_stg +++ b/inventory/group_vars/pagure_stg @@ -62,7 +62,16 @@ fedmsg_certs: fedmsg_prefix: io.pagure fedmsg_env: stg -fas_client_groups: sysadmin-noc,sysadmin-web,sysadmin-veteran +ipa_host_group: pagure +ipa_host_group_desc: Pagure GIT Forge +ipa_client_shell_groups: +- sysadmin-noc +- sysadmin-web +- sysadmin-veteran +ipa_client_sudo_groups: +- sysadmin-noc +- sysadmin-web +- sysadmin-veteran freezes: false env: pagure-staging diff --git a/playbooks/groups/pagure.yml b/playbooks/groups/pagure.yml index 2b56eb285c..d74bc7cb50 100644 --- a/playbooks/groups/pagure.yml +++ b/playbooks/groups/pagure.yml @@ -15,8 +15,7 @@ - rkhunter - nagios_client - hosts - - { role: ipa/client, when: env == "staging" } - - { role: fas_client, when: env != "staging" } + - ipa/client - sudo - collectd/base - openvpn/client @@ -26,7 +25,6 @@ - import_tasks: "{{ tasks_path }}/yumrepos.yml" tasks: - - import_tasks: "{{ tasks_path }}/2fa_client.yml" - import_tasks: "{{ tasks_path }}/motd.yml" handlers: