This commit is contained in:
nazunalika 2021-01-14 21:28:47 -07:00
parent 13ecd9fc6d
commit 608c1e24c8
5 changed files with 20 additions and 7 deletions

View File

@ -3,7 +3,6 @@
ipaadmin_principal: admin ipaadmin_principal: admin
ipaclient_mkhomedir: true ipaclient_mkhomedir: true
ipaserver_realm: ROCKYLINUX.ORG ipaserver_realm: ROCKYLINUX.ORG
ipaserver_hostname: ipa002.rockylinux.org
ipareplica_domain: rockylinux.org ipareplica_domain: rockylinux.org
ipareplica_auto_forwarders: true ipareplica_auto_forwarders: true
ipareplica_setup_firewalld: true ipareplica_setup_firewalld: true

View File

@ -26,7 +26,7 @@
ipaadmin_password: "{{ ipaadmin_password }}" ipaadmin_password: "{{ ipaadmin_password }}"
name: "{{ item.role }}" name: "{{ item.role }}"
privilege: "{{ item.privilege }}" privilege: "{{ item.privilege }}"
user: "{{ item.user }}" user: "{{ item.user|default(omit) }}"
loop: "{{ ipaprivileges }}" loop: "{{ ipaprivileges }}"
when: ipaprivileges is defined when: ipaprivileges is defined
tags: tags:
@ -37,7 +37,7 @@
ipaadmin_password: "{{ ipaadmin_password }}" ipaadmin_password: "{{ ipaadmin_password }}"
name: "{{ item.role }}" name: "{{ item.role }}"
privilege: "{{ item.privileges }}" privilege: "{{ item.privileges }}"
user: "{{ item.user }}" user: "{{ item.user|default(omit) }}"
loop: "{{ iparoles }}" loop: "{{ iparoles }}"
when: iparoles is defined when: iparoles is defined
tags: tags:

View File

@ -8,7 +8,7 @@
name: "{{ item.name }}" name: "{{ item.name }}"
first: "{{ item.first }}" first: "{{ item.first }}"
last: "{{ item.last }}" last: "{{ item.last }}"
email: "{{ item.email }}" email: "{{ item.email|default(omit) }}"
password: "{{ item.password }}" password: "{{ item.password }}"
title: "{{ item.title }}" title: "{{ item.title }}"
loginshell: "{{ item.loginshell }}" loginshell: "{{ item.loginshell }}"
@ -23,7 +23,7 @@
name: "{{ item.name }}" name: "{{ item.name }}"
first: "{{ item.first }}" first: "{{ item.first }}"
last: "{{ item.last }}" last: "{{ item.last }}"
email: "{{ item.email }}" email: "{{ item.email|default(omit) }}"
password: "{{ item.password }}" password: "{{ item.password }}"
title: "{{ item.title }}" title: "{{ item.title }}"
loginshell: "{{ item.loginshell }}" loginshell: "{{ item.loginshell }}"
@ -38,7 +38,7 @@
name: "{{ item.name }}" name: "{{ item.name }}"
first: "{{ item.first }}" first: "{{ item.first }}"
last: "{{ item.last }}" last: "{{ item.last }}"
email: "{{ item.email }}" email: "{{ item.email|default(omit) }}"
password: "{{ item.password }}" password: "{{ item.password }}"
title: "{{ item.title }}" title: "{{ item.title }}"
loginshell: "{{ item.loginshell }}" loginshell: "{{ item.loginshell }}"

View File

@ -2,7 +2,7 @@
# This builds out the initial users and groups for the rocky linux infra # This builds out the initial users and groups for the rocky linux infra
- name: Create our initial users - name: Create our initial users
hosts: ipaserver hosts: ipaserver
become: false become: true
gather_facts: false gather_facts: false
vars_files: vars_files:
- vars/vaults/encpass.yml - vars/vaults/encpass.yml

View File

@ -20,6 +20,19 @@ ipagroups:
description: Quality Assurance Team description: Quality Assurance Team
- group: marketing - group: marketing
description: Marketing description: Marketing
- group: rocky
description: Rocky Linux Team
user:
- label
- gmk
- brian
- hbjy
- jorp
- neil
- rlh
- rfelsburg
- tg
- bagner
- group: rockyadm - group: rockyadm
description: Rocky Linux Administrators - Only Admin Accounts description: Rocky Linux Administrators - Only Admin Accounts
user: user:
@ -62,6 +75,7 @@ ipagroups:
- group: services - group: services
description: Rocky Linux Service Accounts description: Rocky Linux Service Accounts
user: user:
- userman
- hostman - hostman
- kerbman - kerbman
- rockykoji - rockykoji