From cd1ce69f104686bbb33e049c2c4c112e78febd36 Mon Sep 17 00:00:00 2001 From: Cullum Smith Date: Wed, 25 Sep 2024 21:38:13 -0400 Subject: finish idm client stuff --- vars/common | 5 ++++- vars/hostclass/freebsd_hypervisor | 1 + vars/hostclass/idm_server | 4 ++++ vars/hostname/pkg1 | 3 +++ 4 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 vars/hostname/pkg1 (limited to 'vars') diff --git a/vars/common b/vars/common index 20c7976..5c22f09 100644 --- a/vars/common +++ b/vars/common @@ -31,12 +31,15 @@ bootstrap_resolvers='1.1.1.1' desktop_type=kde graphics_type=intel boxconf_username='s-boxconf' +host_keytab_groupname=hostkeytab +host_keytab_gid=788 krb5_ticket_lifetime=24h krb5_renew_lifetime=7d nslcd_min_uid=1000 nscd_ttl=600 nscd_negative_ttl=20 -ssh_authzkeys_user=_authzkeys +ssh_authzkeys_uid=789 +ssh_authzkeys_username=sshkeys tcp_buffer_size=2097152 # suitable for 1 GigE nginx_nofile=2048 diff --git a/vars/hostclass/freebsd_hypervisor b/vars/hostclass/freebsd_hypervisor index c38452f..f3d6ac1 100644 --- a/vars/hostclass/freebsd_hypervisor +++ b/vars/hostclass/freebsd_hypervisor @@ -1,5 +1,6 @@ #!/bin/sh enable_pf=false +enable_idm=false smtp_host=${smtp_host_ip} resolvers=$bootstrap_resolvers diff --git a/vars/hostclass/idm_server b/vars/hostclass/idm_server index dec58b7..6389567 100644 --- a/vars/hostclass/idm_server +++ b/vars/hostclass/idm_server @@ -1,8 +1,12 @@ #!/bin/sh +BOXCONF_LDAP_SASL=true + allowed_tcp_ports='ssh ldap ldaps domain kerberos-sec kerberos-adm' allowed_udp_ports='domain kerberos-sec kpasswd' +enable_idm=false + kdc_master_key='changeme' ssh_authorized_keys_user=nobody diff --git a/vars/hostname/pkg1 b/vars/hostname/pkg1 new file mode 100644 index 0000000..59a3f84 --- /dev/null +++ b/vars/hostname/pkg1 @@ -0,0 +1,3 @@ +#!/bin/sh + +cnames=pkg -- cgit v1.2.3