From 608c1e24c864b720b10f4066bb5ec1d577a97065 Mon Sep 17 00:00:00 2001 From: nazunalika Date: Thu, 14 Jan 2021 21:28:47 -0700 Subject: [PATCH] fixes --- .../production/group_vars/ipareplicas/main.yml | 1 - ansible/playbooks/import-rockyipaprivs.yml | 4 ++-- ansible/playbooks/import-rockyusers.yml | 6 +++--- ansible/playbooks/init-rocky-ipa-team.yml | 2 +- ansible/playbooks/vars/ipa/groups.yml | 14 ++++++++++++++ 5 files changed, 20 insertions(+), 7 deletions(-) diff --git a/ansible/inventories/production/group_vars/ipareplicas/main.yml b/ansible/inventories/production/group_vars/ipareplicas/main.yml index 101e54e..13ab775 100644 --- a/ansible/inventories/production/group_vars/ipareplicas/main.yml +++ b/ansible/inventories/production/group_vars/ipareplicas/main.yml @@ -3,7 +3,6 @@ ipaadmin_principal: admin ipaclient_mkhomedir: true ipaserver_realm: ROCKYLINUX.ORG -ipaserver_hostname: ipa002.rockylinux.org ipareplica_domain: rockylinux.org ipareplica_auto_forwarders: true ipareplica_setup_firewalld: true diff --git a/ansible/playbooks/import-rockyipaprivs.yml b/ansible/playbooks/import-rockyipaprivs.yml index c94c314..c6497b7 100644 --- a/ansible/playbooks/import-rockyipaprivs.yml +++ b/ansible/playbooks/import-rockyipaprivs.yml @@ -26,7 +26,7 @@ ipaadmin_password: "{{ ipaadmin_password }}" name: "{{ item.role }}" privilege: "{{ item.privilege }}" - user: "{{ item.user }}" + user: "{{ item.user|default(omit) }}" loop: "{{ ipaprivileges }}" when: ipaprivileges is defined tags: @@ -37,7 +37,7 @@ ipaadmin_password: "{{ ipaadmin_password }}" name: "{{ item.role }}" privilege: "{{ item.privileges }}" - user: "{{ item.user }}" + user: "{{ item.user|default(omit) }}" loop: "{{ iparoles }}" when: iparoles is defined tags: diff --git a/ansible/playbooks/import-rockyusers.yml b/ansible/playbooks/import-rockyusers.yml index 5ee7c94..8f7f20d 100644 --- a/ansible/playbooks/import-rockyusers.yml +++ b/ansible/playbooks/import-rockyusers.yml @@ -8,7 +8,7 @@ name: "{{ item.name }}" first: "{{ item.first }}" last: "{{ item.last }}" - email: "{{ item.email }}" + email: "{{ item.email|default(omit) }}" password: "{{ item.password }}" title: "{{ item.title }}" loginshell: "{{ item.loginshell }}" @@ -23,7 +23,7 @@ name: "{{ item.name }}" first: "{{ item.first }}" last: "{{ item.last }}" - email: "{{ item.email }}" + email: "{{ item.email|default(omit) }}" password: "{{ item.password }}" title: "{{ item.title }}" loginshell: "{{ item.loginshell }}" @@ -38,7 +38,7 @@ name: "{{ item.name }}" first: "{{ item.first }}" last: "{{ item.last }}" - email: "{{ item.email }}" + email: "{{ item.email|default(omit) }}" password: "{{ item.password }}" title: "{{ item.title }}" loginshell: "{{ item.loginshell }}" diff --git a/ansible/playbooks/init-rocky-ipa-team.yml b/ansible/playbooks/init-rocky-ipa-team.yml index 2bf1c39..d3bd6fc 100644 --- a/ansible/playbooks/init-rocky-ipa-team.yml +++ b/ansible/playbooks/init-rocky-ipa-team.yml @@ -2,7 +2,7 @@ # This builds out the initial users and groups for the rocky linux infra - name: Create our initial users hosts: ipaserver - become: false + become: true gather_facts: false vars_files: - vars/vaults/encpass.yml diff --git a/ansible/playbooks/vars/ipa/groups.yml b/ansible/playbooks/vars/ipa/groups.yml index 174a7bc..c11d1dd 100644 --- a/ansible/playbooks/vars/ipa/groups.yml +++ b/ansible/playbooks/vars/ipa/groups.yml @@ -20,6 +20,19 @@ ipagroups: description: Quality Assurance Team - group: marketing description: Marketing + - group: rocky + description: Rocky Linux Team + user: + - label + - gmk + - brian + - hbjy + - jorp + - neil + - rlh + - rfelsburg + - tg + - bagner - group: rockyadm description: Rocky Linux Administrators - Only Admin Accounts user: @@ -62,6 +75,7 @@ ipagroups: - group: services description: Rocky Linux Service Accounts user: + - userman - hostman - kerbman - rockykoji