update readme

This commit is contained in:
Louis Abel 2023-08-23 00:15:42 -07:00
parent b7005bd5c5
commit 1030cb454c
Signed by: label
GPG key ID: 3331F061D1D9990E
4 changed files with 56 additions and 71 deletions

View file

@ -6,6 +6,13 @@ Ansible AWX is the method used for the Rocky Linux infrastructure, as a replacem
This repository is for IPA Management.
Setting up the initial domain is as so:
* `role-rocky-ipa.yml`
* `role-rocky-replica.yml`
* `role-rocky-client.yml` (for any initial client machines)
* `init-rocky-ipa-team.yml`
```
.
├── adhoc-ipabinder.yml
@ -15,27 +22,62 @@ This repository is for IPA Management.
├── adhoc-ipagetkeytab.yml
├── adhoc-ipagroup.yml
├── adhoc-ipaservice.yml
├── adhoc-ipauser-disable-pdr.yml
├── adhoc-ipauser-disable.yml
├── adhoc-ipauser-enable.yml
├── adhoc-ipauser.yml
├── collections
│   └── requirements.yml
├── defaults
│   └── main.yml
├── files
│   └── README.md
├── handlers
│   └── main.yml
├── import-rockygroups.yml
├── import-rockyipaprivs.yml
├── import-rockypwpolicy.yml
├── import-rockysudo.yml
├── import-rockyusers.yml
├── init-rocky-ipa-internal-dns.yml
├── init-rocky-ipa-team.yml
├── README.md
├── role-rocky-ipa-client.yml
├── role-rocky-ipa-replica.yml
├── role-rocky-ipa.yml
├── roles
│   └── requirements.yml
├── tasks
│   ├── dns-ext.yml
│   ├── domain-prework.yml
│   └── main.yml
├── templates
│   └── README.md
│   ├── etc
│   │   └── named
│   │   ├── ipa-ext.conf
│   │   └── ipa-options-ext.conf
│   ├── README.md
│   └── tmp
│   └── binder.update.j2
├── tests
│   ├── inventory
│   ├── README.md
│   └── test.yml
└── vars
├── ipa
│   ├── adminusers.yml
│   ├── agreements.yml
│   ├── common.yml
│   ├── fdns.yml
│   ├── groups.yml
│   ├── ipaclient.yml
│   ├── ipaprivs.yml
│   ├── ipareplica.yml
│   ├── ipaserver.yml
│   ├── rdns.yml
│   ├── sudorules.yml
│   ├── svcusers.yml
│   └── users.yml
├── ipaserver.yml
└── main.yml
```

View file

@ -6,30 +6,12 @@ adminusers:
password: ThisIsNotMyPassword1!
title: Infrastructure IdM Manager
loginshell: /bin/bash
- name: gmk2
first: Gregory
last: Kurtzer
password: ThisIsNotMyPassword1!
title: Executive Director
loginshell: /bin/bash
- name: brian2
first: Brian
last: Clemens
password: ThisIsNotMyPassword1!
title: Project Manager
loginshell: /bin/bash
- name: neil2
first: Neil
last: Hanlon
password: ThisIsNotMyPassword1!
title: Infrastructure Manager
loginshell: /bin/bash
- name: rlh2
first: R. Leigh
last: Hennig
password: ThisIsNotMyPassword1!
title: Operations Manager
loginshell: /bin/bash
- name: rfelsburg2
first: Rob
last: Felsburg
@ -42,10 +24,4 @@ adminusers:
password: ThisIsNotMyPassword1!
title: Infrastructure Manager
loginshell: /bin/bash
- name: bagner2
first: Benjamin
last: Agner
password: ThisIsNotMyPassword1!
title: Security Director
loginshell: /bin/bash
...

View file

@ -7,45 +7,27 @@ ipagroups:
- neil
- rlh
- rfelsburg
- tg
- tgo
- bagner
- group: operations
description: Operations Team
user:
- rlh
- rfelsburg
- group: development
description: Development Team
- group: qa
description: Quality Assurance Team
- group: marketing
description: Marketing
- group: rocky
description: Rocky Linux Team
user:
- label
- gmk
- brian
- hbjy
- jorp
- neil
- rlh
- rfelsburg
- tg
- bagner
- tgo
- group: rockyadm
description: Rocky Linux Administrators - Only Admin Accounts
user:
- label2
- gmk2
- brian2
- hbjy2
- jorp2
- neil2
- rlh2
- rfelsburg2
- tg2
- bagner2
- group: gitadm
description: Rocky Linux GitLab Admins
user:
@ -53,8 +35,7 @@ ipagroups:
- neil
- rlh
- rfelsburg
- tg
- hbjy
- tgo
- group: gitusers
description: Rocky Linux GitLab Users
user:
@ -62,16 +43,14 @@ ipagroups:
- neil
- rlh
- rfelsburg
- tg
- hbjy
- tgo
- rockyautomation
managers_users:
- label
- neil
- rlh
- rfelsburg
- tg
- hbjy
- tgo
- group: services
description: Rocky Linux Service Accounts
user:
@ -82,18 +61,20 @@ ipagroups:
- pubsub_federation
- rockypubsub
- rockyautomation
- group: iam
description: Rocky Linux Identity Management
user:
- label
managers_users:
- label
- group: releng
description: Rocky Linux Release Engineering
user:
- label
- mustafa
- skip
- pgreco
- tgo
- sherif
- neil
managers_users:
- label
- neil
- mustafa
- group: mq_pub_readonly
description: RabbitMQ ReadOnly
...

View file

@ -28,13 +28,6 @@ users:
password: ThisIsNotMyPassword1!
title: Infrastructure Manager
loginshell: /bin/bash
- name: rlh
first: R. Leigh
last: Hennig
email: rlh@rockylinux.org
password: ThisIsNotMyPassword1!
title: Operations Manager
loginshell: /bin/bash
- name: rfelsburg
first: Rob
last: Felsburg
@ -49,11 +42,4 @@ users:
password: ThisIsNotMyPassword1!
title: Infrastructure Manager
loginshell: /bin/bash
- name: bagner
first: Benjamin
last: Agner
email: bagner@rockylinux.org
password: ThisIsNotMyPassword1!
title: Security Director
loginshell: /bin/bash
...