From cbcd022f302adc39ecb89fba6faf72e68184c0e0 Mon Sep 17 00:00:00 2001
From: Cullum Smith <cullum@sacredheartsc.com>
Date: Fri, 2 Aug 2024 19:10:39 -0400
Subject: halfway working idm server and laptop hostclasses

---
 vars/hostclass/idm_server         | 9 +++++++++
 vars/hostclass/roadwarrior_laptop | 2 ++
 2 files changed, 11 insertions(+)
 create mode 100644 vars/hostclass/idm_server
 create mode 100644 vars/hostclass/roadwarrior_laptop

(limited to 'vars/hostclass')

diff --git a/vars/hostclass/idm_server b/vars/hostclass/idm_server
new file mode 100644
index 0000000..eec6d1c
--- /dev/null
+++ b/vars/hostclass/idm_server
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+allowed_tcp_ports='ssh ldap ldaps domain kerberos-sec kerberos-adm'
+allowed_udp_ports='domain kerberos-sec kpasswd'
+
+ssh_authorized_keys_user=nobody
+
+unbound_blocklists="\
+https://raw.githubusercontent.com/hagezi/dns-blocklists/main/unbound/pro.plus.blacklist.conf"
diff --git a/vars/hostclass/roadwarrior_laptop b/vars/hostclass/roadwarrior_laptop
new file mode 100644
index 0000000..99f8b9c
--- /dev/null
+++ b/vars/hostclass/roadwarrior_laptop
@@ -0,0 +1,2 @@
+#!/bin/sh
+resolvers=$bootstrap_resolvers
-- 
cgit v1.2.3