update readme

This commit is contained in:
Louis Abel 2023-08-23 00:15:42 -07:00
parent b7005bd5c5
commit 1030cb454c
Signed by: label
GPG Key ID: 3331F061D1D9990E
4 changed files with 56 additions and 71 deletions

View File

@ -6,6 +6,13 @@ Ansible AWX is the method used for the Rocky Linux infrastructure, as a replacem
This repository is for IPA Management. This repository is for IPA Management.
Setting up the initial domain is as so:
* `role-rocky-ipa.yml`
* `role-rocky-replica.yml`
* `role-rocky-client.yml` (for any initial client machines)
* `init-rocky-ipa-team.yml`
``` ```
. .
├── adhoc-ipabinder.yml ├── adhoc-ipabinder.yml
@ -15,27 +22,62 @@ This repository is for IPA Management.
├── adhoc-ipagetkeytab.yml ├── adhoc-ipagetkeytab.yml
├── adhoc-ipagroup.yml ├── adhoc-ipagroup.yml
├── adhoc-ipaservice.yml ├── adhoc-ipaservice.yml
├── adhoc-ipauser-disable-pdr.yml
├── adhoc-ipauser-disable.yml ├── adhoc-ipauser-disable.yml
├── adhoc-ipauser-enable.yml ├── adhoc-ipauser-enable.yml
├── adhoc-ipauser.yml ├── adhoc-ipauser.yml
├── collections
│   └── requirements.yml
├── defaults ├── defaults
│   └── main.yml │   └── main.yml
├── files ├── files
│   └── README.md │   └── README.md
├── handlers ├── handlers
│   └── main.yml │   └── main.yml
├── import-rockygroups.yml
├── import-rockyipaprivs.yml
├── import-rockypwpolicy.yml
├── import-rockysudo.yml
├── import-rockyusers.yml
├── init-rocky-ipa-internal-dns.yml
├── init-rocky-ipa-team.yml
├── README.md ├── README.md
├── role-rocky-ipa-client.yml ├── role-rocky-ipa-client.yml
├── role-rocky-ipa-replica.yml ├── role-rocky-ipa-replica.yml
├── role-rocky-ipa.yml ├── role-rocky-ipa.yml
├── roles
│   └── requirements.yml
├── tasks ├── tasks
│   ├── dns-ext.yml
│   ├── domain-prework.yml
│   └── main.yml │   └── main.yml
├── templates ├── templates
│   └── README.md │   ├── etc
│   │   └── named
│   │   ├── ipa-ext.conf
│   │   └── ipa-options-ext.conf
│   ├── README.md
│   └── tmp
│   └── binder.update.j2
├── tests ├── tests
│   ├── inventory │   ├── inventory
│   ├── README.md │   ├── README.md
│   └── test.yml │   └── test.yml
└── vars └── vars
├── ipa
│   ├── adminusers.yml
│   ├── agreements.yml
│   ├── common.yml
│   ├── fdns.yml
│   ├── groups.yml
│   ├── ipaclient.yml
│   ├── ipaprivs.yml
│   ├── ipareplica.yml
│   ├── ipaserver.yml
│   ├── rdns.yml
│   ├── sudorules.yml
│   ├── svcusers.yml
│   └── users.yml
├── ipaserver.yml
└── main.yml └── main.yml
``` ```

View File

@ -6,30 +6,12 @@ adminusers:
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Infrastructure IdM Manager title: Infrastructure IdM Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: gmk2
first: Gregory
last: Kurtzer
password: ThisIsNotMyPassword1!
title: Executive Director
loginshell: /bin/bash
- name: brian2
first: Brian
last: Clemens
password: ThisIsNotMyPassword1!
title: Project Manager
loginshell: /bin/bash
- name: neil2 - name: neil2
first: Neil first: Neil
last: Hanlon last: Hanlon
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Infrastructure Manager title: Infrastructure Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: rlh2
first: R. Leigh
last: Hennig
password: ThisIsNotMyPassword1!
title: Operations Manager
loginshell: /bin/bash
- name: rfelsburg2 - name: rfelsburg2
first: Rob first: Rob
last: Felsburg last: Felsburg
@ -42,10 +24,4 @@ adminusers:
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Infrastructure Manager title: Infrastructure Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: bagner2
first: Benjamin
last: Agner
password: ThisIsNotMyPassword1!
title: Security Director
loginshell: /bin/bash
... ...

View File

@ -7,45 +7,27 @@ ipagroups:
- neil - neil
- rlh - rlh
- rfelsburg - rfelsburg
- tg - tgo
- bagner - bagner
- group: operations
description: Operations Team
user:
- rlh
- rfelsburg
- group: development - group: development
description: Development Team description: Development Team
- group: qa
description: Quality Assurance Team
- group: marketing
description: Marketing
- group: rocky - group: rocky
description: Rocky Linux Team description: Rocky Linux Team
user: user:
- label - label
- gmk - gmk
- brian - brian
- hbjy
- jorp
- neil - neil
- rlh
- rfelsburg - rfelsburg
- tg - tgo
- bagner
- group: rockyadm - group: rockyadm
description: Rocky Linux Administrators - Only Admin Accounts description: Rocky Linux Administrators - Only Admin Accounts
user: user:
- label2 - label2
- gmk2
- brian2 - brian2
- hbjy2
- jorp2
- neil2 - neil2
- rlh2
- rfelsburg2 - rfelsburg2
- tg2 - tg2
- bagner2
- group: gitadm - group: gitadm
description: Rocky Linux GitLab Admins description: Rocky Linux GitLab Admins
user: user:
@ -53,8 +35,7 @@ ipagroups:
- neil - neil
- rlh - rlh
- rfelsburg - rfelsburg
- tg - tgo
- hbjy
- group: gitusers - group: gitusers
description: Rocky Linux GitLab Users description: Rocky Linux GitLab Users
user: user:
@ -62,16 +43,14 @@ ipagroups:
- neil - neil
- rlh - rlh
- rfelsburg - rfelsburg
- tg - tgo
- hbjy
- rockyautomation - rockyautomation
managers_users: managers_users:
- label - label
- neil - neil
- rlh - rlh
- rfelsburg - rfelsburg
- tg - tgo
- hbjy
- group: services - group: services
description: Rocky Linux Service Accounts description: Rocky Linux Service Accounts
user: user:
@ -82,18 +61,20 @@ ipagroups:
- pubsub_federation - pubsub_federation
- rockypubsub - rockypubsub
- rockyautomation - rockyautomation
- group: iam
description: Rocky Linux Identity Management
user:
- label
managers_users:
- label
- group: releng - group: releng
description: Rocky Linux Release Engineering description: Rocky Linux Release Engineering
user: user:
- label - label
- mustafa
- skip
- pgreco
- tgo
- sherif
- neil
managers_users: managers_users:
- label - label
- neil
- mustafa
- group: mq_pub_readonly - group: mq_pub_readonly
description: RabbitMQ ReadOnly description: RabbitMQ ReadOnly
... ...

View File

@ -28,13 +28,6 @@ users:
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Infrastructure Manager title: Infrastructure Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: rlh
first: R. Leigh
last: Hennig
email: rlh@rockylinux.org
password: ThisIsNotMyPassword1!
title: Operations Manager
loginshell: /bin/bash
- name: rfelsburg - name: rfelsburg
first: Rob first: Rob
last: Felsburg last: Felsburg
@ -49,11 +42,4 @@ users:
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Infrastructure Manager title: Infrastructure Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: bagner
first: Benjamin
last: Agner
email: bagner@rockylinux.org
password: ThisIsNotMyPassword1!
title: Security Director
loginshell: /bin/bash
... ...