Merge pull request #14968 from rocky-linux/develop

fixes
2024-11-22 13:11:29 +00:00 · 2021-01-14 21:30:31 -07:00 · 2021-01-14 21:30:31 -07:00 · 3d7ac6090c
commit 3d7ac6090c
parent 13ecd9fc6d 608c1e24c8
5 changed files with 20 additions and 7 deletions
--- a/ansible/inventories/production/group_vars/ipareplicas/main.yml
+++ b/ansible/inventories/production/group_vars/ipareplicas/main.yml
@ -3,7 +3,6 @@
 ipaadmin_principal: admin
 ipaclient_mkhomedir: true
 ipaserver_realm: ROCKYLINUX.ORG
-ipaserver_hostname: ipa002.rockylinux.org
 ipareplica_domain: rockylinux.org
 ipareplica_auto_forwarders: true
 ipareplica_setup_firewalld: true
--- a/ansible/playbooks/import-rockyipaprivs.yml
+++ b/ansible/playbooks/import-rockyipaprivs.yml
@ -26,7 +26,7 @@
    ipaadmin_password: "{{ ipaadmin_password }}"
    name: "{{ item.role }}"
    privilege: "{{ item.privilege }}"
-    user: "{{ item.user }}"
+    user: "{{ item.user|default(omit) }}"
  loop: "{{ ipaprivileges }}"
  when: ipaprivileges is defined
  tags:
@ -37,7 +37,7 @@
    ipaadmin_password: "{{ ipaadmin_password }}"
    name: "{{ item.role }}"
    privilege: "{{ item.privileges }}"
-    user: "{{ item.user }}"
+    user: "{{ item.user|default(omit) }}"
  loop: "{{ iparoles }}"
  when: iparoles is defined
  tags:
--- a/ansible/playbooks/import-rockyusers.yml
+++ b/ansible/playbooks/import-rockyusers.yml
@ -8,7 +8,7 @@
    name: "{{ item.name }}"
    first: "{{ item.first }}"
    last: "{{ item.last }}"
-    email: "{{ item.email }}"
+    email: "{{ item.email|default(omit) }}"
    password: "{{ item.password }}"
    title: "{{ item.title }}"
    loginshell: "{{ item.loginshell }}"
@ -23,7 +23,7 @@
    name: "{{ item.name }}"
    first: "{{ item.first }}"
    last: "{{ item.last }}"
-    email: "{{ item.email }}"
+    email: "{{ item.email|default(omit) }}"
    password: "{{ item.password }}"
    title: "{{ item.title }}"
    loginshell: "{{ item.loginshell }}"
@ -38,7 +38,7 @@
    name: "{{ item.name }}"
    first: "{{ item.first }}"
    last: "{{ item.last }}"
-    email: "{{ item.email }}"
+    email: "{{ item.email|default(omit) }}"
    password: "{{ item.password }}"
    title: "{{ item.title }}"
    loginshell: "{{ item.loginshell }}"
--- a/ansible/playbooks/init-rocky-ipa-team.yml
+++ b/ansible/playbooks/init-rocky-ipa-team.yml
@ -2,7 +2,7 @@
 # This builds out the initial users and groups for the rocky linux infra
 - name: Create our initial users
  hosts: ipaserver
-  become: false
+  become: true
  gather_facts: false
  vars_files:
  - vars/vaults/encpass.yml
--- a/ansible/playbooks/vars/ipa/groups.yml
+++ b/ansible/playbooks/vars/ipa/groups.yml
@ -20,6 +20,19 @@ ipagroups:
    description: Quality Assurance Team
  - group: marketing
    description: Marketing
+  - group: rocky
+    description: Rocky Linux Team
+    user:
+      - label
+      - gmk
+      - brian
+      - hbjy
+      - jorp
+      - neil
+      - rlh
+      - rfelsburg
+      - tg
+      - bagner
  - group: rockyadm
    description: Rocky Linux Administrators - Only Admin Accounts
    user:
@ -62,6 +75,7 @@ ipagroups:
  - group: services
    description: Rocky Linux Service Accounts
    user:
+      - userman
      - hostman
      - kerbman
      - rockykoji