realms for pve and pam cant be renamed

This commit is contained in:
Robert Kaussow 2018-11-14 22:07:57 +01:00
parent abcd135615
commit 377a41a89c
3 changed files with 3 additions and 17 deletions

View File

@ -20,8 +20,8 @@ pve_nginx_tls_enabled: True
pve_nginx_tls_cert_file: mycert.pem pve_nginx_tls_cert_file: mycert.pem
pve_nginx_tls_key_file: mykey.pem pve_nginx_tls_key_file: mykey.pem
# Configure pam auth
pve_auth_pam_is_default: True pve_auth_pam_is_default: True
pve_auth_pam_realm: pam
pve_auth_pam_description: Linux PAM standard authentication pve_auth_pam_description: Linux PAM standard authentication
pve_auth_pam_tfa_oath_enabled: False pve_auth_pam_tfa_oath_enabled: False
@ -34,7 +34,6 @@ pve_auth_pam_tfa_yubico_enabled: False
# pve_auth_pam_tfa_yubico_url: http://127.0.0.1:8080 # pve_auth_pam_tfa_yubico_url: http://127.0.0.1:8080
pve_auth_pve_is_default: False pve_auth_pve_is_default: False
pve_auth_pve_realm: pve
pve_auth_pve_description: Linux pve standard authentication pve_auth_pve_description: Linux pve standard authentication
pve_auth_pve_tfa_oath_enabled: False pve_auth_pve_tfa_oath_enabled: False

View File

@ -1,5 +1,5 @@
#jinja2:lstrip_blocks: True #jinja2:lstrip_blocks: True
pam: {{ pve_auth_pam_realm }} pam: pam
comment {{ pve_auth_pam_description }} comment {{ pve_auth_pam_description }}
default {{ 1 if pve_auth_pam_is_default else 0 }} default {{ 1 if pve_auth_pam_is_default else 0 }}
{% if pve_auth_pam_tfa_oath_enabled and not pve_auth_pam_tfa_yubico_enabled %} {% if pve_auth_pam_tfa_oath_enabled and not pve_auth_pam_tfa_yubico_enabled %}
@ -8,7 +8,7 @@ pam: {{ pve_auth_pam_realm }}
tfa type=yubico,id={{ pve_auth_pam_tfa_yubico_api_id }},key={{ pve_auth_pam_tfa_yubico_api_key }},url={{ pve_auth_pam_tfa_yubico_url }} tfa type=yubico,id={{ pve_auth_pam_tfa_yubico_api_id }},key={{ pve_auth_pam_tfa_yubico_api_key }},url={{ pve_auth_pam_tfa_yubico_url }}
{% endif %} {% endif %}
pve: {{ pve_auth_pve_realm }} pve: pve
comment {{ pve_auth_pve_description }} comment {{ pve_auth_pve_description }}
default {{ 1 if pve_auth_pve_is_default else 0 }} default {{ 1 if pve_auth_pve_is_default else 0 }}
{% if pve_auth_pve_tfa_oath_enabled and not pve_auth_pve_tfa_yubico_enabled %} {% if pve_auth_pve_tfa_oath_enabled and not pve_auth_pve_tfa_yubico_enabled %}

View File

@ -1,15 +1,2 @@
--- ---
__pve_base_dir: /etc/pve __pve_base_dir: /etc/pve
# __pve_certificates:
# cert:
# name: pveproxy-ssl.pem
# path: /etc/pki/tls/certs
# source: "{{ pve_tls_cert_source }}"
# nodes: "{{ pve_nodes }}"
# mode: "0750"
# key:
# name: pveproxy-ssl.key
# path: /etc/pki/tls/private
# source: "{{ pve_tls_key_source }}"
# nodes: "{{ pve_nodes }}"
# mode: "0600"