FreeIPA: re-enable dnssec
The weird bug turned out to be caused by an internal DNS zone in the new infra not being signed: https://pagure.io/fedora-infrastructure/issue/9411 This is now resolved, so we can drop the workaround. Signed-off-by: Adam Williamson <awilliam@redhat.com>
This commit is contained in:
parent
46d89432ae
commit
fa42229275
@ -56,7 +56,7 @@ sub run {
|
||||
|
||||
# deploy as a replica
|
||||
my ($ip, $hostname) = split(/ /, get_var("POST_STATIC"));
|
||||
my $args = "--ip-address=$ip --setup-dns --no-dnssec-validation --auto-forwarders --setup-ca --allow-zone-overlap -U --principal admin --admin-password monkeys123";
|
||||
my $args = "--ip-address=$ip --setup-dns --auto-forwarders --setup-ca --allow-zone-overlap -U --principal admin --admin-password monkeys123";
|
||||
assert_script_run "ipa-replica-install $args", 1500;
|
||||
|
||||
# enable and start the systemd service
|
||||
|
@ -38,7 +38,7 @@ sub run {
|
||||
}
|
||||
assert_script_run "systemctl restart firewalld.service";
|
||||
# deploy the server
|
||||
my $args = "-U --auto-forwarders --realm=DOMAIN.LOCAL --domain=domain.local --ds-password=monkeys123 --admin-password=monkeys123 --setup-dns --no-dnssec-validation --reverse-zone=2.16.172.in-addr.arpa --allow-zone-overlap";
|
||||
my $args = "-U --auto-forwarders --realm=DOMAIN.LOCAL --domain=domain.local --ds-password=monkeys123 --admin-password=monkeys123 --setup-dns --reverse-zone=2.16.172.in-addr.arpa --allow-zone-overlap";
|
||||
assert_script_run "ipa-server-install $args", 1200;
|
||||
# enable and start the systemd service
|
||||
assert_script_run "systemctl enable ipa.service";
|
||||
|
Loading…
Reference in New Issue
Block a user