finish idm client stuff

4 files changed, 12 insertions, 1 deletions

diff --git a/vars/common b/vars/common
index 20c7976..5c22f09 100644
--- a/vars/common
+++ b/vars/common
@@ -31,12 +31,15 @@ bootstrap_resolvers='1.1.1.1'
 desktop_type=kde
 graphics_type=intel
 boxconf_username='s-boxconf'
+host_keytab_groupname=hostkeytab
+host_keytab_gid=788
 krb5_ticket_lifetime=24h
 krb5_renew_lifetime=7d
 nslcd_min_uid=1000
 nscd_ttl=600
 nscd_negative_ttl=20
-ssh_authzkeys_user=_authzkeys
+ssh_authzkeys_uid=789
+ssh_authzkeys_username=sshkeys
 tcp_buffer_size=2097152  # suitable for 1 GigE
 
 nginx_nofile=2048
diff --git a/vars/hostclass/freebsd_hypervisor b/vars/hostclass/freebsd_hypervisor
index c38452f..f3d6ac1 100644
--- a/vars/hostclass/freebsd_hypervisor
+++ b/vars/hostclass/freebsd_hypervisor
@@ -1,5 +1,6 @@
 #!/bin/sh
 
 enable_pf=false
+enable_idm=false
 smtp_host=${smtp_host_ip}
 resolvers=$bootstrap_resolvers
diff --git a/vars/hostclass/idm_server b/vars/hostclass/idm_server
index dec58b7..6389567 100644
--- a/vars/hostclass/idm_server
+++ b/vars/hostclass/idm_server
@@ -1,8 +1,12 @@
 #!/bin/sh
 
+BOXCONF_LDAP_SASL=true
+
 allowed_tcp_ports='ssh ldap ldaps domain kerberos-sec kerberos-adm'
 allowed_udp_ports='domain kerberos-sec kpasswd'
 
+enable_idm=false
+
 kdc_master_key='changeme'
 
 ssh_authorized_keys_user=nobody
diff --git a/vars/hostname/pkg1 b/vars/hostname/pkg1
new file mode 100644
index 0000000..59a3f84
--- /dev/null
+++ b/vars/hostname/pkg1
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cnames=pkg