IdM and Variable Fixes

Identity management Team in their testing found several issues while
testing the playbooks. To ensure they continue working on deployment and
in testing, we have identified and fixed the following issues:

- Inventory variables moved to separate main.yml files were not in yaml
  format
- role-rocky-ipa-client.yml was not directly pointing to its
  collection/role
- role-rocky-ipa-replica.yml was not directly pointing to its
  collection/role

.yamllint

@@ -5,3 +5,7 @@ rules:
   line-length:
     max: 160
     level: warning
+
+ignore: |
+  .travis.yml
+  .github

ansible/inventories/production/group_vars/chronyservers/main.yml

@@ -1,4 +1,4 @@
 ---
 
-chrony_server = true
-chrony_allow_cidr = "10.0.0.0/16"
+chrony_server: true
+chrony_allow_cidr: "10.0.0.0/16"

ansible/inventories/production/group_vars/ipaclients/main.yml

@@ -1,7 +1,7 @@
 ---
 
-ipaclient_domain = rockylinux.org
-ipaclient_realm = ROCKYLINUX.ORG
-ipaadmin_principal = admin
-ipaclient_no_ntp = true
-ipaclient_mkhomedir = true
+ipaclient_domain: rockylinux.org
+ipaclient_realm: ROCKYLINUX.ORG
+ipaadmin_principal: admin
+ipaclient_no_ntp: true
+ipaclient_mkhomedir: true

ansible/inventories/production/group_vars/ipareplicas/main.yml

@@ -1,14 +1,14 @@
 ---
 
-ipaadmin_principal = admin
-ipaclient_no_ntp = true
-ipaclient_mkhomedir = true
-ipaserver_realm = ROCKYLINUX.ORG
-ipaserver_hostname = ipa002.rockylinux.org
-ipareplica_domain = rockylinux.org
-ipareplica_auto_forwarders = true
-ipareplica_setup_firewalld = true
-ipareplica_setup_ca = true
-ipareplica_setup_kra = true
-ipareplica_setup_dns = true
-ipa_dns_master = 10.100.1.110
+ipaadmin_principal: admin
+ipaclient_no_ntp: true
+ipaclient_mkhomedir: true
+ipaserver_realm: ROCKYLINUX.ORG
+ipaserver_hostname: ipa002.rockylinux.org
+ipareplica_domain: rockylinux.org
+ipareplica_auto_forwarders: true
+ipareplica_setup_firewalld: true
+ipareplica_setup_ca: true
+ipareplica_setup_kra: true
+ipareplica_setup_dns: true
+ipa_dns_master: 10.100.1.110

ansible/inventories/production/group_vars/ipaserver/main.yml

@@ -0,0 +1,15 @@
+---
+
+ipaserver_domain: rockylinux.org
+ipaserver_realm: ROCKYLINUX.ORG
+ipaserver_setup_dns: true
+ipaserver_setup_kra: true
+ipaserver_auto_forwarders: true
+ipaserver_no_host_dns: true
+ipaserver_hostname: ipa001.rockylinux.org
+ipaserver_allow_zone_overlap: true
+ipaserver_setup_firewalld: true
+ipaclient_no_ntp: true
+ipaclient_mkhomedir: true
+ipaserver_no_hbac_allow: true
+ipaserver_reverse_zones: ["1.100.10.in-addr.arpa."]

ansible/inventories/production/group_vars/ipaservers/main.yml

@@ -1,14 +0,0 @@
----
-
-ipaserver_domain = rockylinux.org
-ipaserver_realm = ROCKYLINUX.ORG
-ipaserver_setup_dns = true
-ipaserver_setup_kra = true
-ipaserver_auto_forwarders = true
-ipaserver_no_host_dns = true
-ipaserver_hostname = ipa001.rockylinux.org
-ipaserver_allow_zone_overlap = true
-ipaserver_setup_firewalld = true
-ipaclient_no_ntp = true
-ipaclient_mkhomedir = true
-ipaserver_reverse_zones = ["1.100.10.in-addr.arpa."]

ansible/playbooks/role-rocky-ipa-client.yml

@@ -24,7 +24,7 @@
 
 
   roles:
-    - role: ipaclient
+    - role: freeipa.ansible_freeipa.ipaclient
       state: present
 
   post_tasks:

ansible/playbooks/role-rocky-ipa-replica.yml

@@ -50,7 +50,7 @@
         - reload_networkmanager
 
   roles:
-    - role: ipareplica
+    - role: freeipa.ansible_freeipa.ipareplica
       state: present
 
   post_tasks: