|
|
bd1205af61
|
add ldap/nss role to git hosts to fix repository owner name
|
2019-06-13 20:02:22 +03:00 |
|
|
|
8920d79078
|
selinux file context fixes for nginx data directories
|
2019-06-11 15:53:55 +03:00 |
|
|
|
5016b70292
|
make sure that selinux contexts are correct in ldap data directory
|
2019-06-11 15:52:53 +03:00 |
|
|
|
020a10677b
|
add ldap/nss to cups/server dependency to get group access correct
|
2019-06-10 21:06:00 +03:00 |
|
|
|
9fc02e7bef
|
add role ldap/nss
|
2019-06-10 21:05:08 +03:00 |
|
|
|
998dc0b643
|
install htop on all hosts
|
2019-06-10 19:24:15 +03:00 |
|
|
|
3129b5e58c
|
first version of cups server role
|
2019-06-10 19:23:36 +03:00 |
|
|
|
6541059276
|
set sasl-host to get kerberos tickets match hostname
|
2019-06-08 17:28:58 +03:00 |
|
|
|
6c6dcda8ac
|
add ldap02 host
|
2019-06-08 17:28:29 +03:00 |
|
|
|
d599adcd95
|
enable ldap slave
|
2019-06-08 17:24:42 +03:00 |
|
|
|
8335a9723e
|
copy keytab instead of generating it
|
2019-06-08 17:23:51 +03:00 |
|
|
|
c69316ec6f
|
remove unused ldap02.foo.sh site from proxies
|
2019-06-06 23:16:54 +03:00 |
|
|
|
bc51574113
|
rename ansible_dir_private to ansible_private
|
2019-06-06 23:16:06 +03:00 |
|
|
|
b13fbe1c2a
|
add support for ldap replication
|
2019-06-06 22:11:10 +03:00 |
|
|
|
b6b3dbbca3
|
more authz regexp base dn's for gssapi authentication
|
2019-06-06 02:30:56 +03:00 |
|
|
|
da6ed9d4ac
|
force sasl to use external (certificates) when connecting ldap as root
|
2019-06-06 02:29:59 +03:00 |
|
|
|
1a22ce543b
|
lint fixes
|
2019-06-06 02:04:51 +03:00 |
|
|
|
d512c8b8bd
|
add gssapi auth support for ldap server
|
2019-06-06 01:58:04 +03:00 |
|
|
|
9cd3910f42
|
rename keytab to be more logical
|
2019-06-06 01:56:52 +03:00 |
|
|
|
b533542b57
|
add support for defining multiple upstream servers for proxy sites
|
2019-06-06 01:56:00 +03:00 |
|
|
|
11e4a82a35
|
configure authz mappings for gssapi authenticated users
|
2019-06-06 01:54:54 +03:00 |
|
|
|
1979925f7e
|
always install login/plain support for sasl
|
2019-06-06 01:52:36 +03:00 |
|
|
|
00f7b86de6
|
first version of kerberos/keytab role
|
2019-06-06 00:29:10 +03:00 |
|
|
|
87340a1e2a
|
first version of kerberos/client role
|
2019-06-05 20:18:39 +03:00 |
|
|
|
911332ec6f
|
add daily ldap database dumps to ldap master
|
2019-05-31 19:11:32 +03:00 |
|
|
|
80b017b5d1
|
write ldap datadirectory handling more cleanly
|
2019-05-31 18:56:24 +03:00 |
|
|
|
a3ea2437a3
|
only mount /export on ldap master
|
2019-05-31 18:35:40 +03:00 |
|
|
|
0163a5f932
|
don't use /export for ldap data directory on slaves
|
2019-05-31 18:34:39 +03:00 |
|
|
|
7238a595f2
|
don't set mac address if we use static address on interface
|
2019-05-31 18:32:16 +03:00 |
|
|
|
05f2b28c4f
|
use random mac address if it's not provided
|
2019-05-31 18:30:36 +03:00 |
|
|
|
7f33b7792a
|
add robots.txt to git server webroot
|
2019-05-31 16:57:15 +03:00 |
|
|
|
5fcf58a3d6
|
only add datadisk on master ldap
|
2019-05-31 02:34:46 +03:00 |
|
|
|
2374804bfd
|
change kadmin to use different user than kdc when connecting to ldap
|
2019-05-31 02:32:57 +03:00 |
|
|
|
6c917dc696
|
add acl's for kadmin user
|
2019-05-31 02:31:58 +03:00 |
|
|
|
fbffa25346
|
install and configure ldapvi on ldap servers
|
2019-05-31 02:30:53 +03:00 |
|
|
|
666ada404e
|
add carp interfaces to gw hosts
|
2019-05-30 20:38:19 +03:00 |
|
|
|
4ba69d7632
|
add ldap indexes for kerberos kdc
|
2019-05-29 19:38:25 +03:00 |
|
|
|
4cac7b8bc7
|
finish up kdcproxy
|
2019-05-29 19:37:55 +03:00 |
|
|
|
2ab21a87f5
|
allow all users to runtime directory
|
2019-05-29 19:35:51 +03:00 |
|
|
|
e1311e7ccc
|
change kdc tcp port to listen only localhost
|
2019-05-29 03:19:45 +03:00 |
|
|
|
f2934aef91
|
add kdcproxy to kdc role
|
2019-05-29 03:15:49 +03:00 |
|
|
|
f1d32f86b7
|
added gunicorn role
|
2019-05-29 03:14:46 +03:00 |
|
|
|
40abdfca64
|
change ldap base dn entries to use variables
|
2019-05-29 01:59:00 +03:00 |
|
|
|
53cacdcb2e
|
log ldap queries to syslog
|
2019-05-29 01:57:41 +03:00 |
|
|
|
bb7b20c65e
|
add support for creating stash files
|
2019-05-29 01:56:26 +03:00 |
|
|
|
45d23c90af
|
fix puppetism typo
|
2019-05-29 01:55:53 +03:00 |
|
|
|
8db1ce69fd
|
add kerberos role to ldap group still work in progress
|
2019-05-29 00:41:57 +03:00 |
|
|
|
c1db2dc402
|
create syslogd role and enable it on openbsd
|
2019-05-29 00:34:44 +03:00 |
|
|
|
13f0332fa1
|
create rsyslog role which logs everything to /var/log/all.log
|
2019-05-29 00:07:39 +03:00 |
|
|
|
e0b519cf21
|
use global variable for default certificate bundle location
|
2019-05-28 21:22:14 +03:00 |
|
