blob: 89657e793c404266db755494ed5b481b0dd57767 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
freeipa_packages:
- ipa-server
- ipa-server-trust-ad
- ipa-server-dns
freeipa_backup_dir: /var/lib/ipa/backup
# These services must be explicitly allowed if the default HBAC-allow-all policy
# is not used. See https://pagure.io/freeipa/issue/7831
freeipa_system_services:
- systemd-user
- sudo
- sudo-i
- polkit-1
freeipa_automount_maps:
- auto.nfs
- auto.home
- auto.nfs_user
- auto.nfs_group
- auto.nfs_media
freeipa_automount_keys:
- map: auto.master
key: /net
info: -hosts
- map: auto.master
key: /nfs
info: auto.nfs -browse
- map: auto.nfs
key: user
info: -fstype=autofs auto.nfs_user
- map: auto.nfs
key: group
info: -fstype=autofs auto.nfs_group
- map: auto.nfs
key: media
info: -fstype=autofs auto.nfs_media
freeipa_log_files:
- path: /var/log/pki/pki-tomcat/ca/transactions
tag: ipa-ca
- path: /var/log/dirsrv/slapd-{{ freeipa_realm | replace('.', '-') }}/access
tag: slapd
- path: /var/log/dirsrv/slapd-{{ freeipa_realm | replace('.', '-') }}/audit
tag: slapd
- path: /var/log/dirsrv/slapd-{{ freeipa_realm | replace('.', '-') }}/errors
tag: slapd
severity: error
- path: /var/log/httpd/access_log
tag: httpd
- path: /var/log/httpd/error_log
tag: httpd
severity: error
freeipa_custom_schema_dir: /usr/local/share/dirsrv/schema
|