update readme
This commit is contained in:
parent
b7005bd5c5
commit
1030cb454c
4 changed files with 56 additions and 71 deletions
44
README.md
44
README.md
|
@ -6,6 +6,13 @@ Ansible AWX is the method used for the Rocky Linux infrastructure, as a replacem
|
|||
|
||||
This repository is for IPA Management.
|
||||
|
||||
Setting up the initial domain is as so:
|
||||
|
||||
* `role-rocky-ipa.yml`
|
||||
* `role-rocky-replica.yml`
|
||||
* `role-rocky-client.yml` (for any initial client machines)
|
||||
* `init-rocky-ipa-team.yml`
|
||||
|
||||
```
|
||||
.
|
||||
├── adhoc-ipabinder.yml
|
||||
|
@ -15,27 +22,62 @@ This repository is for IPA Management.
|
|||
├── adhoc-ipagetkeytab.yml
|
||||
├── adhoc-ipagroup.yml
|
||||
├── adhoc-ipaservice.yml
|
||||
├── adhoc-ipauser-disable-pdr.yml
|
||||
├── adhoc-ipauser-disable.yml
|
||||
├── adhoc-ipauser-enable.yml
|
||||
├── adhoc-ipauser.yml
|
||||
├── collections
|
||||
│ └── requirements.yml
|
||||
├── defaults
|
||||
│ └── main.yml
|
||||
├── files
|
||||
│ └── README.md
|
||||
├── handlers
|
||||
│ └── main.yml
|
||||
├── import-rockygroups.yml
|
||||
├── import-rockyipaprivs.yml
|
||||
├── import-rockypwpolicy.yml
|
||||
├── import-rockysudo.yml
|
||||
├── import-rockyusers.yml
|
||||
├── init-rocky-ipa-internal-dns.yml
|
||||
├── init-rocky-ipa-team.yml
|
||||
├── README.md
|
||||
├── role-rocky-ipa-client.yml
|
||||
├── role-rocky-ipa-replica.yml
|
||||
├── role-rocky-ipa.yml
|
||||
├── roles
|
||||
│ └── requirements.yml
|
||||
├── tasks
|
||||
│ ├── dns-ext.yml
|
||||
│ ├── domain-prework.yml
|
||||
│ └── main.yml
|
||||
├── templates
|
||||
│ └── README.md
|
||||
│ ├── etc
|
||||
│ │ └── named
|
||||
│ │ ├── ipa-ext.conf
|
||||
│ │ └── ipa-options-ext.conf
|
||||
│ ├── README.md
|
||||
│ └── tmp
|
||||
│ └── binder.update.j2
|
||||
├── tests
|
||||
│ ├── inventory
|
||||
│ ├── README.md
|
||||
│ └── test.yml
|
||||
└── vars
|
||||
├── ipa
|
||||
│ ├── adminusers.yml
|
||||
│ ├── agreements.yml
|
||||
│ ├── common.yml
|
||||
│ ├── fdns.yml
|
||||
│ ├── groups.yml
|
||||
│ ├── ipaclient.yml
|
||||
│ ├── ipaprivs.yml
|
||||
│ ├── ipareplica.yml
|
||||
│ ├── ipaserver.yml
|
||||
│ ├── rdns.yml
|
||||
│ ├── sudorules.yml
|
||||
│ ├── svcusers.yml
|
||||
│ └── users.yml
|
||||
├── ipaserver.yml
|
||||
└── main.yml
|
||||
```
|
||||
|
|
|
@ -6,30 +6,12 @@ adminusers:
|
|||
password: ThisIsNotMyPassword1!
|
||||
title: Infrastructure IdM Manager
|
||||
loginshell: /bin/bash
|
||||
- name: gmk2
|
||||
first: Gregory
|
||||
last: Kurtzer
|
||||
password: ThisIsNotMyPassword1!
|
||||
title: Executive Director
|
||||
loginshell: /bin/bash
|
||||
- name: brian2
|
||||
first: Brian
|
||||
last: Clemens
|
||||
password: ThisIsNotMyPassword1!
|
||||
title: Project Manager
|
||||
loginshell: /bin/bash
|
||||
- name: neil2
|
||||
first: Neil
|
||||
last: Hanlon
|
||||
password: ThisIsNotMyPassword1!
|
||||
title: Infrastructure Manager
|
||||
loginshell: /bin/bash
|
||||
- name: rlh2
|
||||
first: R. Leigh
|
||||
last: Hennig
|
||||
password: ThisIsNotMyPassword1!
|
||||
title: Operations Manager
|
||||
loginshell: /bin/bash
|
||||
- name: rfelsburg2
|
||||
first: Rob
|
||||
last: Felsburg
|
||||
|
@ -42,10 +24,4 @@ adminusers:
|
|||
password: ThisIsNotMyPassword1!
|
||||
title: Infrastructure Manager
|
||||
loginshell: /bin/bash
|
||||
- name: bagner2
|
||||
first: Benjamin
|
||||
last: Agner
|
||||
password: ThisIsNotMyPassword1!
|
||||
title: Security Director
|
||||
loginshell: /bin/bash
|
||||
...
|
||||
|
|
|
@ -7,45 +7,27 @@ ipagroups:
|
|||
- neil
|
||||
- rlh
|
||||
- rfelsburg
|
||||
- tg
|
||||
- tgo
|
||||
- bagner
|
||||
- group: operations
|
||||
description: Operations Team
|
||||
user:
|
||||
- rlh
|
||||
- rfelsburg
|
||||
- group: development
|
||||
description: Development Team
|
||||
- group: qa
|
||||
description: Quality Assurance Team
|
||||
- group: marketing
|
||||
description: Marketing
|
||||
- group: rocky
|
||||
description: Rocky Linux Team
|
||||
user:
|
||||
- label
|
||||
- gmk
|
||||
- brian
|
||||
- hbjy
|
||||
- jorp
|
||||
- neil
|
||||
- rlh
|
||||
- rfelsburg
|
||||
- tg
|
||||
- bagner
|
||||
- tgo
|
||||
- group: rockyadm
|
||||
description: Rocky Linux Administrators - Only Admin Accounts
|
||||
user:
|
||||
- label2
|
||||
- gmk2
|
||||
- brian2
|
||||
- hbjy2
|
||||
- jorp2
|
||||
- neil2
|
||||
- rlh2
|
||||
- rfelsburg2
|
||||
- tg2
|
||||
- bagner2
|
||||
- group: gitadm
|
||||
description: Rocky Linux GitLab Admins
|
||||
user:
|
||||
|
@ -53,8 +35,7 @@ ipagroups:
|
|||
- neil
|
||||
- rlh
|
||||
- rfelsburg
|
||||
- tg
|
||||
- hbjy
|
||||
- tgo
|
||||
- group: gitusers
|
||||
description: Rocky Linux GitLab Users
|
||||
user:
|
||||
|
@ -62,16 +43,14 @@ ipagroups:
|
|||
- neil
|
||||
- rlh
|
||||
- rfelsburg
|
||||
- tg
|
||||
- hbjy
|
||||
- tgo
|
||||
- rockyautomation
|
||||
managers_users:
|
||||
- label
|
||||
- neil
|
||||
- rlh
|
||||
- rfelsburg
|
||||
- tg
|
||||
- hbjy
|
||||
- tgo
|
||||
- group: services
|
||||
description: Rocky Linux Service Accounts
|
||||
user:
|
||||
|
@ -82,18 +61,20 @@ ipagroups:
|
|||
- pubsub_federation
|
||||
- rockypubsub
|
||||
- rockyautomation
|
||||
- group: iam
|
||||
description: Rocky Linux Identity Management
|
||||
user:
|
||||
- label
|
||||
managers_users:
|
||||
- label
|
||||
- group: releng
|
||||
description: Rocky Linux Release Engineering
|
||||
user:
|
||||
- label
|
||||
- mustafa
|
||||
- skip
|
||||
- pgreco
|
||||
- tgo
|
||||
- sherif
|
||||
- neil
|
||||
managers_users:
|
||||
- label
|
||||
- neil
|
||||
- mustafa
|
||||
- group: mq_pub_readonly
|
||||
description: RabbitMQ ReadOnly
|
||||
...
|
||||
|
|
|
@ -28,13 +28,6 @@ users:
|
|||
password: ThisIsNotMyPassword1!
|
||||
title: Infrastructure Manager
|
||||
loginshell: /bin/bash
|
||||
- name: rlh
|
||||
first: R. Leigh
|
||||
last: Hennig
|
||||
email: rlh@rockylinux.org
|
||||
password: ThisIsNotMyPassword1!
|
||||
title: Operations Manager
|
||||
loginshell: /bin/bash
|
||||
- name: rfelsburg
|
||||
first: Rob
|
||||
last: Felsburg
|
||||
|
@ -49,11 +42,4 @@ users:
|
|||
password: ThisIsNotMyPassword1!
|
||||
title: Infrastructure Manager
|
||||
loginshell: /bin/bash
|
||||
- name: bagner
|
||||
first: Benjamin
|
||||
last: Agner
|
||||
email: bagner@rockylinux.org
|
||||
password: ThisIsNotMyPassword1!
|
||||
title: Security Director
|
||||
loginshell: /bin/bash
|
||||
...
|
||||
|
|
Loading…
Reference in a new issue