WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-01 05:51:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
43,966 Commits 9 Branches 0 Tags
04dcafe578f9cd6d98ad525529341b35f424ad4e
Commit Graph

31 Commits

Author SHA1 Message Date
Michal Konecny
f1b1deb66f [ipa/server] Increase nsslapd sizelimit 
It seems that the issue https://github.com/dogtagpki/pki/issues/5133 we
are hitting now is because the limit on the newly deployed is set only
to 2000, which makes it reach the LDAP administrative limit.
 2025-06-25 11:47:25 +00:00
Michal Konecny
b3a22d9049 [ipa/server] Add logrotate config for krb5kdc 
The log files for krb5kdc had around 1 GB each on ipa01.stg. To prevent this in
future let us replace the original config with one that is compressing the old logs.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-11-06 15:12:16 +00:00
Kevin Fenzi
1c2e14769c koji / hub: deny any tagging for draft builds currently 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-02-06 12:12:50 -08:00
Michal Konecny
dd2093e4c6 [ipa/server] Move ipa-rewrite.conf to templates 
There are some variables that need to be filled in ipa-rewrite.conf, but it was
not in template directory, so that didn't happen.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2023-11-29 21:57:19 +01:00
Aurélien Bompard
94478cc88b Install IPA replicas with a larger nsslapd-maxsasliosize 
Related to https://pagure.io/fedora-infrastructure/issue/10358

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2023-11-09 09:33:15 +00:00
Andrew Heath
a128021328 Adding Sweeper to clean up expired tokens 2023-02-21 19:14:21 +00:00
Aurélien Bompard
86567270dc The keytab path is hostname-dependant 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-05-07 10:12:11 +02:00
Aurélien Bompard
abaf67b66c Adjust the keytab location to the service 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-05-07 09:16:16 +02:00
Aurélien Bompard
3ddc3934da Add a periodic cleanup script for stage users 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-05-06 13:59:21 +02:00
Aurélien Bompard
809635c923 Improve the IPA backup process 
Fixes: https://pagure.io/fedora-infrastructure/issue/9916

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-04-30 10:35:33 +02:00
Mark O'Brien
b51c4a5c7b ipa: need more modules enabled 2021-04-23 15:33:35 +01:00
Kevin Fenzi
85ac490787 ipa / server / backups: only send errors to cron emails 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-03-27 10:42:40 -07:00
Mark O'Brien
e32c6c21b9 create daily data only backups of ipa 2021-03-23 18:06:38 +00:00
Aurélien Bompard
60ed2dabd5 Fix login_kerberos on the IPA API 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-11-19 11:38:21 +01:00
Kevin Fenzi
66c94678e1 ipa: try and fix the popup auth window that comes up on windows 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-11-04 16:31:42 -08:00
Aurélien Bompard
d9cda33f98 IPA: missing rewrite 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-21 15:52:25 +02:00
Aurélien Bompard
daf96efd15 IPA: use ansible modules and tasks wherever possible 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-09-01 15:34:07 +02:00
Aurélien Bompard
944431bf59 IPA: Allow users to read their own data 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-09-01 00:11:45 +02:00
Aurélien Bompard
b2cdf5dc62 Now that IPA is the reference, allow users to change their own attributes 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-08-31 22:59:00 +02:00
Patrick Uiterwijk
b1fbff5b1c Add LDIF file to fix SASL limits 
We keep hitting this otherwise because of our directory size

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2020-06-02 20:38:49 +02:00
Patrick Uiterwijk
0d3d6838a2 Disable default permissions that would break our privacy policy 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-01-03 10:54:17 +00:00
Patrick Uiterwijk
2192db58db Allow id.fp.o use 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-12-20 08:06:46 +00:00
Patrick Uiterwijk
9b53f51f0e Disable rewrites on ipa servers 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-12-04 02:49:47 +00:00
Patrick Uiterwijk
bff96ef88e Move IPA setup to ansible 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-11-28 10:54:55 +00:00
Patrick Uiterwijk
6691c6f07f This can fail without failing 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-11-28 10:49:07 +00:00
Patrick Uiterwijk
86973ab724 DM password is no longer needed 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-11-28 10:47:21 +00:00
Patrick Uiterwijk
a8006bd403 Split fas_sync into separate ldif 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-11-28 10:35:11 +00:00
Patrick Uiterwijk
7bd1227d59 Deploy custom LDIF scripts 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-11-28 10:31:35 +00:00
Patrick Uiterwijk
c9c904f2bd Disable password expiration 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-11-23 13:28:54 +00:00
Patrick Uiterwijk
9ab3668db2 Update configuration script to use autobinding (Thanks Simo) 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-10-18 17:44:06 +00:00
Patrick Uiterwijk
c74bd6d108 Move ipa to ipa/server 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2016-10-18 17:43:22 +00:00