From f5ab90fcee83994037a717146ce154a412f41a6c Mon Sep 17 00:00:00 2001 From: nazunalika Date: Wed, 27 Jan 2021 18:49:25 -0700 Subject: [PATCH] fixing --- ansible/playbooks/role-rocky-sigul-bridge.yml | 2 +- ansible/playbooks/vars/sigul_bridge.yml | 13 +++++++------ ansible/playbooks/vars/sigul_server.yml | 13 +++++++------ 3 files changed, 15 insertions(+), 13 deletions(-) diff --git a/ansible/playbooks/role-rocky-sigul-bridge.yml b/ansible/playbooks/role-rocky-sigul-bridge.yml index b22cd48..b3911a2 100644 --- a/ansible/playbooks/role-rocky-sigul-bridge.yml +++ b/ansible/playbooks/role-rocky-sigul-bridge.yml @@ -79,7 +79,7 @@ - name: Enable the sigul bridge systemd: name: sigul_bridge - state: running + state: restarted enabled: true - name: Touching run file that ansible has ran here diff --git a/ansible/playbooks/vars/sigul_bridge.yml b/ansible/playbooks/vars/sigul_bridge.yml index 1a17cc0..e483f5e 100644 --- a/ansible/playbooks/vars/sigul_bridge.yml +++ b/ansible/playbooks/vars/sigul_bridge.yml @@ -3,13 +3,14 @@ sigul_type: bridge sigul_ipa_realm: "ROCKYLINUX.ORG" sigul_bridge_cert_nickname: "sigul-bridge" -sigul_principal: "sigul/{{ inventory_hostname }}@{{ sigul_ipa_realm }}" +sigul_principal: "sigul/sigul.rockylinux.org@{{ sigul_ipa_realm }}" sigul_keytab: /etc/sigul.keytab sigul_nss_dir: /etc/pki/tls/sigul # ipa-getcert variables -getcert_name: "{{ ansible_fqdn }}" -getcert_owner: sigul -getcert_nss_db_dir: "{{ sigul_nss_dir }}" -getcert_nss_nickname: "{{ sigul_bridge_cert_nickname }}" -getcert_nss: true +ipa_getcert_nss: true +ipa_getcert_requested_hostnames: + - name: "{{ ansible_fqdn }}" + owner: sigul + nss_db_dir: "{{ sigul_nss_dir }}" + nss_nickname: "{{ sigul_bridge_cert_nickname }}" diff --git a/ansible/playbooks/vars/sigul_server.yml b/ansible/playbooks/vars/sigul_server.yml index 5ecd243..8dff2b5 100644 --- a/ansible/playbooks/vars/sigul_server.yml +++ b/ansible/playbooks/vars/sigul_server.yml @@ -3,11 +3,12 @@ sigul_type: server sigul_server_cert_nickname: "sigul-server" sigul_nss_dir: /etc/pki/tls/sigul -sigul_bridge_name: "sigul-bridge.rockylinux.org" +sigul_bridge_name: "" # ipa-getcert variables -getcert_name: "{{ ansible_fqdn }}" -getcert_owner: sigul -getcert_nss_db_dir: "{{ sigul_nss_dir }}" -getcert_nss_nickname: "{{ sigul_bridge_cert_nickname }}" -getcert_nss: true +ipa_getcert_nss: true +ipa_getcert_requested_hostnames: + - name: "{{ ansible_fqdn }}" + owner: sigul + nss_db_dir: "{{ sigul_nss_dir }}" + nss_nickname: "{{ sigul_bridge_cert_nickname }}"