diff --git a/ansible/playbooks/files/usr/local/bin/lock-wrapper b/ansible/playbooks/files/usr/local/bin/lock-wrapper
index 834d77b..17c96ff 100644
--- a/ansible/playbooks/files/usr/local/bin/lock-wrapper
+++ b/ansible/playbooks/files/usr/local/bin/lock-wrapper
@@ -22,7 +22,6 @@ PIDFILE="$LOCKDIR/pid"
 
 function cleanup {
     rm -rf "$LOCKDIR"
-
 }
 
 RESTORE_UMASK=$(umask -p)
@@ -33,9 +32,9 @@ if [ $? != 0  ]; then
     if [ -n "$PID"  ] && /bin/ps $PID > /dev/null
     then
         if [ "$SILENT" != "yes"  ]; then
-	    echo "$PID is still running"
-	    /bin/ps -o user,pid,start,time,comm $PID
-	fi
+            echo "$PID is still running"
+            /bin/ps -o user,pid,start,time,comm $PID
+        fi
         exit 1;
     else
         echo "$LOCKDIR exists but $PID is dead"
diff --git a/ansible/playbooks/vars/common.yml b/ansible/playbooks/vars/common.yml
index 3e4bfe1..aac6209 100644
--- a/ansible/playbooks/vars/common.yml
+++ b/ansible/playbooks/vars/common.yml
@@ -1,8 +1,9 @@
 ---
 rocky_ldap_bind_dn: "uid=binder,cn=sysaccounts,cn=etc,dc=rockylinux,dc=org"
-rocky_ldap_bind_pw: "ThisIsNotThePassword!"
 rocky_ldap_user_basedn: "cn=users,cn=accounts,dc=rockylinux,dc=org"
 rocky_ldap_group_basedn: "cn=groups,cn=accounts,dc=rockylinux,dc=org"
 rocky_ldap_account_basedn: "cn=accounts,dc=rockylinux,dc=org"
 # Requires jinja 2.9+
 rocky_ipaserver_list: "{{ groups['ipaserver'] + groups['ipareplicas'] }}"
+# This will need to be vaulted
+rocky_ldap_bind_pw: "ThisIsNotThePassword!"
diff --git a/ansible/playbooks/vars/kojihub.yml b/ansible/playbooks/vars/kojihub.yml
index e3f28cd..b835192 100644
--- a/ansible/playbooks/vars/kojihub.yml
+++ b/ansible/playbooks/vars/kojihub.yml
@@ -1,7 +1,7 @@
 ---
 # koji hub settings
 # This should be the front-facing URL of koji
-koji_url_name: koji.rockylinux.org
+#koji_url_name: koji.rockylinux.org
 
 # Use an internal CA (IPA)
 koji_internal_ca: true
@@ -42,7 +42,7 @@ koji_hub_proxy_principals: "HTTP/{{ inventory_hostname }}@ROCKYLINUX.ORG"
 koji_hub_keytab: /etc/keytabs/host.keytab
 koji_hub_principal_format: compile/%s@ROCKYLINUX.ORG
 # This should be sufficient even for LE
-koji_hub_ca: "{{ koji_web_cacert  }}"
+koji_hub_ca: "{{ koji_web_cacert }}"
 
 # Koji FAS Syncing
 # This isn't implemented yet in the role