infrastructure/mono-infrastructure
6
0
Fork 0
mirror of https://github.com/rocky-linux/infrastructure synced 2024-12-22 19:08:30 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #14966 from rocky-linux/develop

Browse Source 
Develop
This commit is contained in:
Louis Abel 2021-01-13 23:38:12 -07:00 committed by GitHub
commit 2a8c886e4a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 8 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ansible/inventories/production/group_vars/ipareplicas/main.yml
View File

@ -1,7 +1,6 @@
--- ---
ipaadmin_principal: admin ipaadmin_principal: admin
ipaclient_no_ntp: true
ipaclient_mkhomedir: true ipaclient_mkhomedir: true
ipaserver_realm: ROCKYLINUX.ORG ipaserver_realm: ROCKYLINUX.ORG
ipaserver_hostname: ipa002.rockylinux.org ipaserver_hostname: ipa002.rockylinux.org

6
ansible/inventories/production/hosts.ini
View File

@ -16,6 +16,7 @@ ipa001.rockylinux.org ansible_host=10.100.1.110
[ipareplicas] [ipareplicas]
ipa002.rockylinux.org ansible_host=10.100.1.111 ipa002.rockylinux.org ansible_host=10.100.1.111
ipa003.rockylinux.org ansible_host=10.100.1.112
[ipaclients] [ipaclients]
build-a-box.rockylinux.org ansible_host=10.100.1.112 build-a-box.rockylinux.org ansible_host=10.100.1.112
@ -60,3 +61,8 @@ ppc64le-03.boxbuild.rockylinux.org ansible_host=10.100.1.212
[mqtt] [mqtt]
mqtt.boxbuild.rockylinux.org ansible_host=10.100.1.213 mqtt.boxbuild.rockylinux.org ansible_host=10.100.1.213
[rabbitmq]
rabbitmq01.rockylinux.org ansible_host=10.100.1.214
rabbitmq02.rockylinux.org ansible_host=10.100.1.215
rabbitmq03.rockylinux.org ansible_host=10.100.1.216

2
ansible/playbooks/init-rocky-ipa-internal-dns.yml
View File

@ -21,10 +21,12 @@
freeipa.ansible_freeipa.ipadnszone: freeipa.ansible_freeipa.ipadnszone:
ipaadmin_password: '{{ ipaadmin_password }}' ipaadmin_password: '{{ ipaadmin_password }}'
name: '{{ item }}' name: '{{ item }}'
dynamic_update: true
with_items: '{{ rdns }}' with_items: '{{ rdns }}'
- name: "Create Forward Domains" - name: "Create Forward Domains"
freeipa.ansible_freeipa.ipadnszone: freeipa.ansible_freeipa.ipadnszone:
ipaadmin_password: '{{ ipaadmin_password }}' ipaadmin_password: '{{ ipaadmin_password }}'
name: '{{ item }}' name: '{{ item }}'
dynamic_update: true
with_items: '{{ fdns }}' with_items: '{{ fdns }}'

1
ansible/playbooks/role-rocky-ipa-replica.yml
View File

@ -6,7 +6,6 @@
become: true become: true
vars_files: vars_files:
- vars/vaults/encpass.yml - vars/vaults/encpass.yml
- vars/ipa/ipareplica.yml
# This is to try to avoid the handler issue in pre/post tasks # This is to try to avoid the handler issue in pre/post tasks
handlers: handlers:

1
ansible/playbooks/role-rocky-ipa.yml
View File

@ -11,7 +11,6 @@
become: true become: true
vars_files: vars_files:
- vars/vaults/encpass.yml - vars/vaults/encpass.yml
- vars/ipa/ipaserver.yml
# This is to try to avoid the handler issue in pre/post tasks # This is to try to avoid the handler issue in pre/post tasks
handlers: handlers:

10
ansible/playbooks/vars/ipa/adminusers.yml
View File

@ -3,70 +3,60 @@ adminusers:
- name: label2 - name: label2
first: Louis first: Louis
last: Abel last: Abel
email: label@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Infrastructure IdM Manager title: Infrastructure IdM Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: gmk2 - name: gmk2
first: Gregory first: Gregory
last: Kurtzer last: Kurtzer
email: gmk@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Executive Director title: Executive Director
loginshell: /bin/bash loginshell: /bin/bash
- name: brian2 - name: brian2
first: Brian first: Brian
last: Clemens last: Clemens
email: brian@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Project Manager title: Project Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: hbjy2 - name: hbjy2
first: Hayden first: Hayden
last: Young last: Young
email: hbjy@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Web & Branding Manager title: Web & Branding Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: jorp2 - name: jorp2
first: Jordan first: Jordan
last: Pisaniello last: Pisaniello
email: jorp@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Community Manager title: Community Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: neil2 - name: neil2
first: Neil first: Neil
last: Hanlon last: Hanlon
email: neil@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Infrastructure Manager title: Infrastructure Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: rlh2 - name: rlh2
first: R. Leigh first: R. Leigh
last: Hennig last: Hennig
email: rlh@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Operations Manager title: Operations Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: rfelsburg2 - name: rfelsburg2
first: Rob first: Rob
last: Felsburg last: Felsburg
email: rfelsburg@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Operations Manager title: Operations Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: tg2 - name: tg2
first: Taylor first: Taylor
last: Goodwill last: Goodwill
email: tg@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Infrastructure Manager title: Infrastructure Manager
loginshell: /bin/bash loginshell: /bin/bash
- name: bagner2 - name: bagner2
first: Benjamin first: Benjamin
last: Agner last: Agner
email: bagner@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: Security Director title: Security Director
loginshell: /bin/bash loginshell: /bin/bash

7
ansible/playbooks/vars/ipa/svcusers.yml
View File

@ -3,49 +3,42 @@ svcusers:
- name: hostman - name: hostman
first: Host first: Host
last: Manager last: Manager
email: infrastructure@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: System Account - Host Manager title: System Account - Host Manager
loginshell: /sbin/nologin loginshell: /sbin/nologin
- name: kerbman - name: kerbman
first: Kerberos first: Kerberos
last: Manager last: Manager
email: infrastructure@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: System Account - Kerberos Key Manager title: System Account - Kerberos Key Manager
loginshell: /sbin/nologin loginshell: /sbin/nologin
- name: userman - name: userman
first: User first: User
last: Manager last: Manager
email: infrastructure@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: System Account - User Manager title: System Account - User Manager
loginshell: /sbin/nologin loginshell: /sbin/nologin
- name: rockykoji - name: rockykoji
first: Koji first: Koji
last: Manager last: Manager
email: infrastructure@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: System Account - Koji Manager title: System Account - Koji Manager
loginshell: /sbin/nologin loginshell: /sbin/nologin
- name: pubsub_federation - name: pubsub_federation
first: pubsub first: pubsub
last: federation last: federation
email: infrastructure@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: System Account - pubsub federator title: System Account - pubsub federator
loginshell: /sbin/nologin loginshell: /sbin/nologin
- name: rockypubsub - name: rockypubsub
first: rocky first: rocky
last: pubsub last: pubsub
email: infrastructure@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: System Account - pubsub title: System Account - pubsub
loginshell: /sbin/nologin loginshell: /sbin/nologin
- name: rockyautomation - name: rockyautomation
first: Rocky first: Rocky
last: Automation last: Automation
email: infrastructure@rockylinux.org
password: ThisIsNotMyPassword1! password: ThisIsNotMyPassword1!
title: System Account - Automation title: System Account - Automation
loginshell: /sbin/nologin loginshell: /sbin/nologin