WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-01 22:11:01 +08:00
Code Issues Packages Projects Releases Wiki Activity
37,638 Commits 9 Branches 0 Tags
debbc13616f53f1c00a30c48fa167b5a69dfbb74
Commit Graph

92 Commits

Author SHA1 Message Date
Aurélien Bompard
293cf34e8d Adapt to Ipsilon 3.0.3 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-07-05 17:36:03 +02:00
Aurélien Bompard
6b9d639421 ipsilon: add sebooleans on f36 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-06-03 09:55:25 +02:00
Kevin Fenzi
b68200e0bc ipsilon: make sure /etc/ipsilon/root is owned by ipsilon 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2022-06-02 15:25:22 -07:00
Aurélien Bompard
c030ab4c77 Ipsilon needs an SELinux boolean to use python-pam 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-05-25 11:32:57 +02:00
Aurélien Bompard
cd277a01d8 We now use PAM auth in Ipsilon 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-05-25 11:21:07 +02:00
Aurélien Bompard
61821fb1ba Update ipsilon to 3.0.1 in prod 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2022-05-25 10:27:02 +02:00
Kevin Fenzi
cc0f507a2c ipsilon: run the saml2 script as ipsilon user 
Right now it runs as root which means ipsilon can't read it.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-11-30 07:34:16 -08:00
Ryan Lerch
ff1395d99c ipsilon: clean up ipsilon role 
This cleans up the ipsilon role, removing a bunch of old, commented out
lines, and removes files and templates that are no longer used.

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2021-07-08 10:13:41 +00:00
Aurélien Bompard
0c845843c4 Update ipsilon-fedora on the Ipsilon servers 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-04-30 10:37:31 +02:00
Aurélien Bompard
196d20086c Some Ipsilon fixes for the new openid api extension 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-26 12:11:07 +01:00
Aurélien Bompard
fc759fd447 Add the ipsilon script to generate the metadata 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-25 11:15:29 +01:00
Aurélien Bompard
b8e6754f97 Use a VM for Ipsilon in prod too 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-03-23 16:55:38 +00:00
Aurélien Bompard
95ca01284a Use a template for ipsilon's sssd.conf instead of replacing lines 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2021-01-20 10:32:33 +01:00
Aurélien Bompard
a2f74a447e Ipsilon: fix attribute mapping for GPG & SSH 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-21 11:59:43 +02:00
Aurélien Bompard
157f1d2d52 Ipsilon: improve the HBAC rule 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 18:46:51 +02:00
Aurélien Bompard
35f2aeb15d Actually those tasks must be run on the IPA server 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 18:04:21 +02:00
Aurélien Bompard
2cc20bb1af Ipsilon: create a HBAC rule 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-15 17:51:21 +02:00
Aurélien Bompard
1ca3aff8f1 Ipsilon: configure SSSd 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-08 12:29:37 +02:00
Aurélien Bompard
f4684a1f07 Ipsilon: fix config files 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-08 10:11:36 +02:00
Aurélien Bompard
3a1885bcc9 Ipsilon in staging: deploy config files 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-08 09:48:31 +02:00
Aurélien Bompard
1a1f7d79e4 Ipsilon: fix files location 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-07 14:53:45 +02:00
Aurélien Bompard
62823f5fee Ipsilon: the custom admin db path must exist, let's set it later 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-07 13:47:39 +02:00
Aurélien Bompard
e73a1bd501 Fix ipsilon config and install script in staging 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-07 12:19:00 +02:00
Aurélien Bompard
7e7399fb50 Syntax. 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-07 10:07:49 +02:00
Aurélien Bompard
ba82363e78 Add a role for ipa clients and use it in Ipsilon 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-07 10:05:19 +02:00
Aurélien Bompard
3ae9b4bd65 We need this plugin obviously 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-07 09:08:52 +02:00
Aurélien Bompard
47d4923de9 Undefined variable 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-06 17:06:44 +02:00
Aurélien Bompard
373d9385e1 Missing dep 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-06 16:50:13 +02:00
Aurélien Bompard
ae35433095 Missing dep 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-06 10:54:25 +02:00
Aurélien Bompard
d1edc6db3d Prepare ipsilon for a VM deployment in staging 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-10-05 17:24:56 +02:00
Kevin Fenzi
56489ef2c3 ipsilon: comment out for now all the old rhel7 python2 tasks 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-09-24 15:08:54 -07:00
Kevin Fenzi
7d9c26fe51 ipsilon: no libsemanage-python in f32 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-09-24 14:57:14 -07:00
Aurélien Bompard
5a01ac3566 Ipsilon: deploy the Fedora-specific files from a git repo 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2020-09-11 12:17:00 +02:00
Rick Elrod
ea96618bd4 Get rid of modernpaste everywhere, redirect it to paste.centos.org everywhere 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2020-04-24 21:34:18 +02:00
Kevin Fenzi
e50fa5f3f2 freshmaker: remove everything 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-04-24 21:34:14 +02:00
Kevin Fenzi
c7d3ba82f4 Enable fpdc scopes in ipsilon. Ticket 7299. 
This simply installs the ipsilon plugin for fpdc scopes and
restarts it. If there's an issue we can easily remove it to
roll back to where we were.

+1s?
 2018-10-16 17:20:52 +00:00
Ricky Elrod
5f12f40dfb ipsilon oidc scope for modernpaste 
Signed-off-by: Ricky Elrod <relrod@redhat.com>
 2018-04-04 19:37:08 +00:00
Patrick Uiterwijk
de9af8deda Add src.fp.o OIDC push OIDC scope 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-02-07 19:48:49 +01:00
Ralph Bean
193971bcf0 Enable freshmaker OIDC scopes in prod ipsilon. 2018-02-02 17:10:21 +00:00
Ralph Bean
3b21215d4d Add OIDC scope for freshmaker (staging). 2018-02-02 17:04:05 +00:00
Patrick Uiterwijk
d2cb9a71e6 Prevent confusion by adding handlers 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-01-03 00:21:22 +01:00
Patrick Uiterwijk
714d351fc9 Add src.fp.o to trusted roots and deploy wiki scope to prod 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-11-16 19:33:04 +00:00
Patrick Uiterwijk
bc0bd0df5b Define mediawiki scope 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-11-13 00:37:39 +00:00
Ralph Bean
cd36f2d5a0 Remove unnecessary with_items. 2017-11-06 19:45:26 +00:00
Patrick Uiterwijk
936e8b261a yum accepted pkg=, package calls it name= 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2017-10-09 00:38:26 +02:00
Patrick Uiterwijk
adcbf72f03 Packageize this, packageize that, packageize the world 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2017-10-08 22:25:52 +00:00
Ralph Bean
80a9b9476b Remove unnecessary conditional. Config handles this. 2017-09-21 01:24:06 +00:00
Ralph Bean
e9609eeac0 Add ODCS scopes (staging only). 2017-09-21 01:19:48 +00:00
Ricky Elrod
2c0b780d28 Add waiverdb scope in stg 
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
 2017-07-27 17:16:03 +00:00
Patrick Uiterwijk
cd04ea4fae Extend infofas 2017-06-26 18:17:13 +00:00