diff --git a/ansible/playbooks/vars/encpass.yml b/ansible/playbooks/vars/encpass.yml index b4e2d15..efa8dc7 100644 --- a/ansible/playbooks/vars/encpass.yml +++ b/ansible/playbooks/vars/encpass.yml @@ -13,3 +13,6 @@ ipadm_password: !vault | ipsilon_db_password: !vault | $ANSIBLE_VAULT;1.1;AES256 REDACTED +koji_db_pass: !vault | + $ANSIBLE_VAULT;1.1;AES256 + REDACTED diff --git a/ansible/playbooks/vars/kojihub.yml b/ansible/playbooks/vars/kojihub.yml index 9dca7b7..3cfff99 100644 --- a/ansible/playbooks/vars/kojihub.yml +++ b/ansible/playbooks/vars/kojihub.yml @@ -11,7 +11,8 @@ koji_postgresql_vm: true koji_db_name: koji koji_db_user: koji koji_db_pass: ThisIsNotThePassword! -koji_db_host: localhost +# This will need to change when koji_postgresql_vm is false +koji_db_host: "{{ ansible_fqdn }}" koji_web_url: "https://{{ ansible_fqdn }}/koji" koji_hub_url: "https://{{ ansible_fqdn }}/kojihub" @@ -40,7 +41,7 @@ koji_hub_proxy_principals: koji/kojiweb@ROCKYLINUX.ORG koji_hub_keytab: /etc/koji.keytab koji_hub_principal_format: compile/%s@ROCKYLINUX.ORG # This should be sufficient even for LE -koji_hub_ca: /etc/pki/tls/certs/ca-bundle.crt +koji_hub_ca: "{{ koji_web_cacert }}" # Koji FAS Syncing # This isn't implemented yet in the role