mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-11-22 13:11:29 +00:00
ipa groups
This commit is contained in:
parent
d30b1e6d9a
commit
83b76d9393
@ -6,6 +6,7 @@
|
|||||||
name: "{{ item.group }}"
|
name: "{{ item.group }}"
|
||||||
description: "{{ item.description }}"
|
description: "{{ item.description }}"
|
||||||
nonposix: false
|
nonposix: false
|
||||||
|
user: "{{ item.user | default(none) }}"
|
||||||
loop: "{{ ipagroups }}"
|
loop: "{{ ipagroups }}"
|
||||||
tags:
|
tags:
|
||||||
- groups
|
- groups
|
||||||
|
16
ansible/playbooks/import-rockypwpolicy.yml
Normal file
16
ansible/playbooks/import-rockypwpolicy.yml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
---
|
||||||
|
# Creates the first set of groups for the IdM Infrastructure
|
||||||
|
- name: "Setting up password policies"
|
||||||
|
freeipa.ansible_freeipa.ipapwpolicy:
|
||||||
|
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||||
|
name: "{{ item.group }}"
|
||||||
|
minlife: "{{ item.minlife | default(0) }}"
|
||||||
|
maxlife: "{{ item.maxlife | default(84) }}"
|
||||||
|
history: "{{ item.history | default(5) }}"
|
||||||
|
priority: "{{ item.priority | default(1) }}"
|
||||||
|
lockouttime: "{{ item.lockout | default(300) }}"
|
||||||
|
minlength: "{{ item.minlength | default(8) }}"
|
||||||
|
maxfile: "{{ item.maxfail | default(5) }}"
|
||||||
|
loop: "{{ ipapwpolicies }}"
|
||||||
|
tags:
|
||||||
|
- groups
|
@ -1,6 +1,6 @@
|
|||||||
---
|
---
|
||||||
# Stands up an ipsilon instance for simple SSO
|
# Stands up an ipsilon instance for simple SSO
|
||||||
- name: Configure ipsilon server
|
- name: Configure koji hub and web server
|
||||||
hosts: kojihub
|
hosts: kojihub
|
||||||
become: true
|
become: true
|
||||||
vars_files:
|
vars_files:
|
||||||
|
@ -2,8 +2,18 @@
|
|||||||
ipagroups:
|
ipagroups:
|
||||||
- group: infrastructure
|
- group: infrastructure
|
||||||
description: Infrastructure Team
|
description: Infrastructure Team
|
||||||
|
user:
|
||||||
|
- label
|
||||||
|
- neil
|
||||||
|
- rlh
|
||||||
|
- rfelsburg
|
||||||
|
- tg
|
||||||
|
- bagner
|
||||||
- group: operations
|
- group: operations
|
||||||
description: Operations Team
|
description: Operations Team
|
||||||
|
user:
|
||||||
|
- rlh
|
||||||
|
- rfelsburg
|
||||||
- group: development
|
- group: development
|
||||||
description: Development Team
|
description: Development Team
|
||||||
- group: qa
|
- group: qa
|
||||||
@ -12,5 +22,29 @@ ipagroups:
|
|||||||
description: Marketing
|
description: Marketing
|
||||||
- group: rockyadm
|
- group: rockyadm
|
||||||
description: Rocky Linux Administrators - Only Admin Accounts
|
description: Rocky Linux Administrators - Only Admin Accounts
|
||||||
|
user:
|
||||||
|
- label2
|
||||||
|
- gmk2
|
||||||
|
- brian2
|
||||||
|
- hbjy2
|
||||||
|
- jorp2
|
||||||
|
- neil2
|
||||||
|
- rlh2
|
||||||
|
- rfelsburg2
|
||||||
|
- tg2
|
||||||
|
- bagner2
|
||||||
- group: gitadm
|
- group: gitadm
|
||||||
description: Rocky Linux GitLab Admins
|
description: Rocky Linux GitLab Admins
|
||||||
|
user:
|
||||||
|
- label
|
||||||
|
- neil
|
||||||
|
- rlh
|
||||||
|
- rfelsburg
|
||||||
|
- tg
|
||||||
|
- hbjy
|
||||||
|
- group: services
|
||||||
|
description: Rocky Linux Service Accounts
|
||||||
|
user:
|
||||||
|
- hostman
|
||||||
|
- kerbman
|
||||||
|
- rockykoji
|
||||||
|
Loading…
Reference in New Issue
Block a user