1.1 KiB
pam_url: { settings: { {% if env == 'staging' %} url = "https://fas-all.stg.phx2.fedoraproject.org:8443/"; # URI to fetch {% elif datacenter == 'phx2' %} url = "https://fas-all.phx2.fedoraproject.org:8443/"; # URI to fetch {% else %} url = "https://fas-all.vpn.fedoraproject.org:8443/"; # URI to fetch {% endif %} returncode = "OK"; # The remote script/cgi should return a 200 http code and this string as its only results userfield = "user"; # userfield name to send passwdfield = "token"; # passwdfield name to send extradata = "&do=login"; # extradata to send prompt = "Password+Token: "; # password prompt };
ssl: { verify_peer = true; # Should we verify SSL ? verify_host = true; # Should we verify the CN in the SSL cert? client_cert = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side certificate client_key = "/etc/pki/tls/private/totpcgi.pem"; # file to use as client-side key (can be same file as above if a single cert) ca_cert = "/etc/pki/tls/private/totpcgi-ca.cert"; }; };