ipa changes

This commit is contained in:
nazunalika 2021-01-17 18:49:28 -07:00
parent 3812c14808
commit a3c3ae91d6
3 changed files with 3 additions and 1 deletions

View File

@ -58,6 +58,7 @@
loop:
- httpd_can_network_connect
- httpd_can_network_relay
- httpd_can_connect_ldap
- httpd_read_user_content
- name: Change fcontext to GitLab unix socket for nginx

View File

@ -5,5 +5,6 @@ rocky_ldap_group_basedn: "cn=groups,cn=accounts,dc=rockylinux,dc=org"
rocky_ldap_account_basedn: "cn=accounts,dc=rockylinux,dc=org"
# Requires jinja 2.9+
rocky_ipaserver_list: "{{ groups['ipaserver'] + groups['ipareplicas'] }}"
rocky_ipaserver_lb: "ipa-lb.rockylinux.org"
# This will need to be vaulted
rocky_ldap_bind_pw: "{{ ipa_binder_password }}"

View File

@ -21,7 +21,7 @@ gitlab_ssl_key: "/etc/nginx/ssl/{{ gitlab_domain }}.key"
# LDAP Configuration
gitlab_ldap_enabled: "true"
gitlab_ldap_host: "{{ rocky_ipaserver_list[0] }}"
gitlab_ldap_host: "{{ rocky_ipaserver_lb }}"
gitlab_ldap_port: "389"
gitlab_ldap_uid: "uid"
gitlab_ldap_method: "start_tls"