pam, pve auth cant be disabled

This commit is contained in:
Robert Kaussow 2018-11-14 22:03:59 +01:00
parent a4dc7359e9
commit abcd135615
2 changed files with 1 additions and 9 deletions

View File

@ -20,8 +20,6 @@ pve_nginx_tls_enabled: True
pve_nginx_tls_cert_file: mycert.pem pve_nginx_tls_cert_file: mycert.pem
pve_nginx_tls_key_file: mykey.pem pve_nginx_tls_key_file: mykey.pem
# Enables pam authication
pve_auth_pam_enabled: True
pve_auth_pam_is_default: True pve_auth_pam_is_default: True
pve_auth_pam_realm: pam pve_auth_pam_realm: pam
pve_auth_pam_description: Linux PAM standard authentication pve_auth_pam_description: Linux PAM standard authentication
@ -35,8 +33,6 @@ pve_auth_pam_tfa_yubico_enabled: False
# pve_auth_pam_tfa_yubico_api_key: 123456 # pve_auth_pam_tfa_yubico_api_key: 123456
# pve_auth_pam_tfa_yubico_url: http://127.0.0.1:8080 # pve_auth_pam_tfa_yubico_url: http://127.0.0.1:8080
# Enables proxmox internal auth service
pve_auth_pve_enabled: True
pve_auth_pve_is_default: False pve_auth_pve_is_default: False
pve_auth_pve_realm: pve pve_auth_pve_realm: pve
pve_auth_pve_description: Linux pve standard authentication pve_auth_pve_description: Linux pve standard authentication

View File

@ -1,5 +1,4 @@
#jinja2:lstrip_blocks: True #jinja2:lstrip_blocks: True
{% if pve_auth_pam_enabled %}
pam: {{ pve_auth_pam_realm }} pam: {{ pve_auth_pam_realm }}
comment {{ pve_auth_pam_description }} comment {{ pve_auth_pam_description }}
default {{ 1 if pve_auth_pam_is_default else 0 }} default {{ 1 if pve_auth_pam_is_default else 0 }}
@ -8,9 +7,7 @@ pam: {{ pve_auth_pam_realm }}
{% elif pve_auth_pam_tfa_yubico_enabled and not pve_auth_pam_tfa_oath_enabled %} {% elif pve_auth_pam_tfa_yubico_enabled and not pve_auth_pam_tfa_oath_enabled %}
tfa type=yubico,id={{ pve_auth_pam_tfa_yubico_api_id }},key={{ pve_auth_pam_tfa_yubico_api_key }},url={{ pve_auth_pam_tfa_yubico_url }} tfa type=yubico,id={{ pve_auth_pam_tfa_yubico_api_id }},key={{ pve_auth_pam_tfa_yubico_api_key }},url={{ pve_auth_pam_tfa_yubico_url }}
{% endif %} {% endif %}
{% endif %}
{% if pve_auth_pve_enabled %}
pve: {{ pve_auth_pve_realm }} pve: {{ pve_auth_pve_realm }}
comment {{ pve_auth_pve_description }} comment {{ pve_auth_pve_description }}
default {{ 1 if pve_auth_pve_is_default else 0 }} default {{ 1 if pve_auth_pve_is_default else 0 }}
@ -19,9 +16,8 @@ pve: {{ pve_auth_pve_realm }}
{% elif pve_auth_pve_tfa_yubico_enabled and not pve_auth_pve_tfa_oath_enabled %} {% elif pve_auth_pve_tfa_yubico_enabled and not pve_auth_pve_tfa_oath_enabled %}
tfa type=yubico,id={{ pve_auth_pve_tfa_yubico_api_id }},key={{ pve_auth_pve_tfa_yubico_api_key }},url={{ pve_auth_pve_tfa_yubico_url }} tfa type=yubico,id={{ pve_auth_pve_tfa_yubico_api_id }},key={{ pve_auth_pve_tfa_yubico_api_key }},url={{ pve_auth_pve_tfa_yubico_url }}
{% endif %} {% endif %}
{% endif %}
{% if pve_auth_ldap_enabled %} {% if pve_auth_ldap_enabled %}
ldap: {{ pve_auth_ldap_realm }} ldap: {{ pve_auth_ldap_realm }}
comment {{ pve_auth_ldap_description }} comment {{ pve_auth_ldap_description }}
base_dn {{ pve_auth_ldap_base_dn }} base_dn {{ pve_auth_ldap_base_dn }}