29 lines
1.2 KiB
Django/Jinja
29 lines
1.2 KiB
Django/Jinja
pam_url:
|
|
{
|
|
settings:
|
|
{
|
|
{% if env == 'staging' %}
|
|
url = "https://fas-all.stg.phx2.fedoraproject.org:8443/"; # URI to fetch
|
|
{% elif datacenter == 'phx2' %}
|
|
url = "https://fas-all.phx2.fedoraproject.org:8443/"; # URI to fetch
|
|
{% elif datacenter == 'iad2' %}
|
|
url = "https://fas-all.iad2.fedoraproject.org:8443/"; # URI to fetch
|
|
{% else %}
|
|
url = "https://fas-all.vpn.fedoraproject.org:8443/"; # URI to fetch
|
|
{% endif %}
|
|
returncode = "OK"; # The remote script/cgi should return a 200 http code and this string as its only results
|
|
userfield = "user"; # userfield name to send
|
|
passwdfield = "token"; # passwdfield name to send
|
|
extradata = "&do=login"; # extradata to send
|
|
prompt = "Password+Token: "; # password prompt
|
|
};
|
|
|
|
ssl:
|
|
{
|
|
verify_peer = true; # Should we verify SSL ?
|
|
verify_host = true; # Should we verify the CN in the SSL cert?
|
|
client_cert = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side certificate
|
|
client_key = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side key (can be same file as above if a single cert)
|
|
ca_cert = "/etc/pki/tls/private/totpcgi-ca.cert";
|
|
};
|
|
};
|