fedora-infra_ansible

mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-26 19:42:55 +08:00

Author	SHA1	Message	Date
Aurélien Bompard	6b9d639421	ipsilon: add sebooleans on f36 Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-06-03 09:55:25 +02:00
Kevin Fenzi	a180488e0d	ipsilon: drop staging conditional on wsgiscriptalias Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2022-06-02 15:28:32 -07:00
Kevin Fenzi	b68200e0bc	ipsilon: make sure /etc/ipsilon/root is owned by ipsilon Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2022-06-02 15:25:22 -07:00
Kevin Fenzi	4c4be31afb	ipsilon / staging: the wsgi is named differently in stg/f36? Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2022-05-25 17:42:30 -07:00
Kevin Fenzi	792f082750	Revert "ipsilon / staging: fixes for f36" This reverts commit `6d5911cc3c`. Turns out these are the way the new version installs. ;)	2022-05-25 17:38:04 -07:00
Kevin Fenzi	6d5911cc3c	ipsilon / staging: fixes for f36 The wsgi has changed from /usr/libexec/ipsilon/ipsilon.py to /usr/libexec/ipsilon, so adjust wsgi and directory perms to handle that. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2022-05-25 16:58:17 -07:00
Aurélien Bompard	c030ab4c77	Ipsilon needs an SELinux boolean to use python-pam Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-05-25 11:32:57 +02:00
Aurélien Bompard	b6390112af	amend last commit Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-05-25 11:22:57 +02:00
Aurélien Bompard	cd277a01d8	We now use PAM auth in Ipsilon Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-05-25 11:21:07 +02:00
Aurélien Bompard	61821fb1ba	Update ipsilon to 3.0.1 in prod Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-05-25 10:27:02 +02:00
Stephen Gallagher	7d26c4cde9	Use persistent SAML identifiers Using "unspecified" will always send just the user's (FAS) username, which has been known to conflict with existing accounts on Gitlab. The "persistent" name-id format guarantees uniqueness. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>	2022-05-11 18:39:05 +00:00
Kevin Fenzi	6260673484	update SAML2 data for bugzilla.redhat.com Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2022-03-01 16:58:23 -08:00
Kevin Fenzi	9bb24871c3	ipsilon: add saml2 for gitlab.com Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-11-30 15:37:33 +00:00
Kevin Fenzi	cc0f507a2c	ipsilon: run the saml2 script as ipsilon user Right now it runs as root which means ipsilon can't read it. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-11-30 07:34:16 -08:00
Aurélien Bompard	286bde8098	Ipsilon: use the pam auth module on staging Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-10-27 10:12:59 +02:00
Clement Verna	ea2354658f	Remove fpdc playbooks and config. Signed-off-by: Clement Verna <cverna@tutanota.com>	2021-08-10 20:37:12 +00:00
Kevin Fenzi	79afbb7406	bugzilla: try and update saml2 data for new bugzilla Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-07-31 12:10:38 -07:00
Mattia Verga	15f3dea6a1	Use bugzilla.stage instance after partner-bugzilla shutdown Signed-off-by: Mattia Verga <mattia.verga@protonmail.com>	2021-07-31 17:08:49 +00:00
Ryan Lerch	ff1395d99c	ipsilon: clean up ipsilon role This cleans up the ipsilon role, removing a bunch of old, commented out lines, and removes files and templates that are no longer used. Signed-off-by: Ryan Lerch <rlerch@redhat.com>	2021-07-08 10:13:41 +00:00
Kevin Fenzi	f732a95cb3	ipsilon / sssd: try and set ldap_dref_threshold to 0 to improve things with sssd Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-05-27 11:05:40 -07:00
Aurélien Bompard	06605d7d35	Ipsilon: allow dots in usernames Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-05-27 13:05:33 +02:00
Patrick Uiterwijk	cd8859d7a6	Update RHBZ SAML data Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2021-05-27 07:32:03 +02:00
Aurélien Bompard	0c845843c4	Update ipsilon-fedora on the Ipsilon servers Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-04-30 10:37:31 +02:00
Patrick Uiterwijk	8979bb9a05	Import pre-prod bugzilla SAML data Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2021-04-01 07:35:24 +02:00
Kevin Fenzi	0a53920236	ipsilon: up number of processes to handle more load Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-03-31 13:52:20 -07:00
Aurélien Bompard	196d20086c	Some Ipsilon fixes for the new openid api extension Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-26 12:11:07 +01:00
Aurélien Bompard	94b32cee08	Use our custom info plugin Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-25 18:56:08 +01:00
Aurélien Bompard	fc759fd447	Add the ipsilon script to generate the metadata Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-25 11:15:29 +01:00
Aurélien Bompard	2c04966b51	Adjust the location of the service keytab in ipsilon Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-24 17:58:12 +01:00
Aurélien Bompard	4c5e2d605b	Fix the sssd config file Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-24 17:31:55 +01:00
Aurélien Bompard	be8535cf05	Fix ipsilon config Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-24 17:03:58 +01:00
Aurélien Bompard	7b2c578983	Ipsilon in prod is now on a VM like in staging Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-24 13:49:33 +01:00
Aurélien Bompard	b8e6754f97	Use a VM for Ipsilon in prod too Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-23 16:55:38 +00:00
Aurélien Bompard	2269f0ece1	Prepare Noggin & FASJSON for prod Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-22 17:53:42 +00:00
Aurélien Bompard	9e7b8efc2e	Get fasPronoun in sssd Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-02-05 16:47:01 +01:00
Aurélien Bompard	95ca01284a	Use a template for ipsilon's sssd.conf instead of replacing lines Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-01-20 10:32:33 +01:00
Patrick Uiterwijk	a07e65afdc	Fix saml2 file locations in Ipsilon Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2020-12-01 10:16:08 +01:00
Aurélien Bompard	fadcf80cfd	Get the website in ipsilon Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-21 17:41:51 +02:00
Aurélien Bompard	a2f74a447e	Ipsilon: fix attribute mapping for GPG & SSH Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-21 11:59:43 +02:00
Aurélien Bompard	dadb90e633	Missing part of `bd1cc1d` Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-16 09:36:03 +02:00
Aurélien Bompard	e0918f5c96	Ipsilon: set the attribute mapping for openid too Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 19:05:08 +02:00
Aurélien Bompard	157f1d2d52	Ipsilon: improve the HBAC rule Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 18:46:51 +02:00
Aurélien Bompard	35f2aeb15d	Actually those tasks must be run on the IPA server Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 18:04:21 +02:00
Aurélien Bompard	2cc20bb1af	Ipsilon: create a HBAC rule Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 17:51:21 +02:00
Aurélien Bompard	bd1cc1d5f7	Allow redirect on usernames that have an underscore Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 17:25:23 +02:00
Aurélien Bompard	b75b580a49	Ipsilon: re-enable the alias for the well-known dir Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 15:07:49 +02:00
Aurélien Bompard	78ad8c102a	Ipsilon: fix access to the well-known dir Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 14:55:10 +02:00
Aurélien Bompard	1ca3aff8f1	Ipsilon: configure SSSd Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-08 12:29:37 +02:00
Aurélien Bompard	f4684a1f07	Ipsilon: fix config files Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-08 10:11:36 +02:00
Aurélien Bompard	3a1885bcc9	Ipsilon in staging: deploy config files Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-08 09:48:31 +02:00

1 2 3 4 5 ...

306 Commits