Merge pull request #14966 from rocky-linux/develop

Develop
2024-06-02 03:40:16 +00:00 · 2021-01-13 23:38:12 -07:00 · 2021-01-13 23:38:12 -07:00 · 2a8c886e4a
commit 2a8c886e4a
parent 912b07f761 5b3293c2f5
7 changed files with 8 additions and 20 deletions
--- a/ansible/inventories/production/group_vars/ipareplicas/main.yml
+++ b/ansible/inventories/production/group_vars/ipareplicas/main.yml
@ -1,7 +1,6 @@
 ---

 ipaadmin_principal: admin
-ipaclient_no_ntp: true
 ipaclient_mkhomedir: true
 ipaserver_realm: ROCKYLINUX.ORG
 ipaserver_hostname: ipa002.rockylinux.org
--- a/ansible/inventories/production/hosts.ini
+++ b/ansible/inventories/production/hosts.ini
@ -16,6 +16,7 @@ ipa001.rockylinux.org ansible_host=10.100.1.110

 [ipareplicas]
 ipa002.rockylinux.org ansible_host=10.100.1.111
+ipa003.rockylinux.org ansible_host=10.100.1.112

 [ipaclients]
 build-a-box.rockylinux.org ansible_host=10.100.1.112
@ -60,3 +61,8 @@ ppc64le-03.boxbuild.rockylinux.org ansible_host=10.100.1.212

 [mqtt]
 mqtt.boxbuild.rockylinux.org ansible_host=10.100.1.213
+
+[rabbitmq]
+rabbitmq01.rockylinux.org ansible_host=10.100.1.214
+rabbitmq02.rockylinux.org ansible_host=10.100.1.215
+rabbitmq03.rockylinux.org ansible_host=10.100.1.216
--- a/ansible/playbooks/init-rocky-ipa-internal-dns.yml
+++ b/ansible/playbooks/init-rocky-ipa-internal-dns.yml
@ -21,10 +21,12 @@
      freeipa.ansible_freeipa.ipadnszone:
        ipaadmin_password: '{{ ipaadmin_password }}'
        name: '{{ item }}'
+        dynamic_update: true
      with_items: '{{ rdns }}'

    - name: "Create Forward Domains"
      freeipa.ansible_freeipa.ipadnszone:
        ipaadmin_password: '{{ ipaadmin_password }}'
        name: '{{ item }}'
+        dynamic_update: true
      with_items: '{{ fdns }}'
--- a/ansible/playbooks/role-rocky-ipa-replica.yml
+++ b/ansible/playbooks/role-rocky-ipa-replica.yml
@ -6,7 +6,6 @@
  become: true
  vars_files:
  - vars/vaults/encpass.yml
-  - vars/ipa/ipareplica.yml

  # This is to try to avoid the handler issue in pre/post tasks
  handlers:
--- a/ansible/playbooks/role-rocky-ipa.yml
+++ b/ansible/playbooks/role-rocky-ipa.yml
@ -11,7 +11,6 @@
  become: true
  vars_files:
  - vars/vaults/encpass.yml
-  - vars/ipa/ipaserver.yml

  # This is to try to avoid the handler issue in pre/post tasks
  handlers:
--- a/ansible/playbooks/vars/ipa/adminusers.yml
+++ b/ansible/playbooks/vars/ipa/adminusers.yml
@ -3,70 +3,60 @@ adminusers:
  - name: label2
    first: Louis
    last: Abel
-    email: label@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Infrastructure IdM Manager
    loginshell: /bin/bash
  - name: gmk2
    first: Gregory
    last: Kurtzer
-    email: gmk@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Executive Director
    loginshell: /bin/bash
  - name: brian2
    first: Brian
    last: Clemens
-    email: brian@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Project Manager
    loginshell: /bin/bash
  - name: hbjy2
    first: Hayden
    last: Young
-    email: hbjy@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Web & Branding Manager
    loginshell: /bin/bash
  - name: jorp2
    first: Jordan
    last: Pisaniello
-    email: jorp@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Community Manager
    loginshell: /bin/bash
  - name: neil2
    first: Neil
    last: Hanlon
-    email: neil@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Infrastructure Manager
    loginshell: /bin/bash
  - name: rlh2
    first: R. Leigh
    last: Hennig
-    email: rlh@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Operations Manager
    loginshell: /bin/bash
  - name: rfelsburg2
    first: Rob
    last: Felsburg
-    email: rfelsburg@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Operations Manager
    loginshell: /bin/bash
  - name: tg2
    first: Taylor
    last: Goodwill
-    email: tg@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Infrastructure Manager
    loginshell: /bin/bash
  - name: bagner2
    first: Benjamin
    last: Agner
-    email: bagner@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: Security Director
    loginshell: /bin/bash
--- a/ansible/playbooks/vars/ipa/svcusers.yml
+++ b/ansible/playbooks/vars/ipa/svcusers.yml
@ -3,49 +3,42 @@ svcusers:
  - name: hostman
    first: Host
    last: Manager
-    email: infrastructure@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: System Account - Host Manager
    loginshell: /sbin/nologin
  - name: kerbman
    first: Kerberos
    last: Manager
-    email: infrastructure@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: System Account - Kerberos Key Manager
    loginshell: /sbin/nologin
  - name: userman
    first: User
    last: Manager
-    email: infrastructure@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: System Account - User Manager
    loginshell: /sbin/nologin
  - name: rockykoji
    first: Koji
    last: Manager
-    email: infrastructure@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: System Account - Koji Manager
    loginshell: /sbin/nologin
  - name: pubsub_federation
    first: pubsub
    last: federation
-    email: infrastructure@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: System Account - pubsub federator
    loginshell: /sbin/nologin
  - name: rockypubsub
    first: rocky
    last: pubsub
-    email: infrastructure@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: System Account - pubsub
    loginshell: /sbin/nologin
  - name: rockyautomation
    first: Rocky
    last: Automation
-    email: infrastructure@rockylinux.org
    password: ThisIsNotMyPassword1!
    title: System Account - Automation
    loginshell: /sbin/nologin