diff options
| author | Ralph Bean <rbean@redhat.com> | 2015-06-12 17:53:22 +0000 |
|---|---|---|
| committer | Ralph Bean <rbean@redhat.com> | 2015-06-12 17:53:22 +0000 |
| commit | a8f0d2cd7ee3bf098763d1bd60038da1994301af (patch) | |
| tree | 294c2236f42e3d8f2d27c1b575a5b337bc743452 | |
| parent | 966cab0192eb208511eb8c50e8d9ca5f40caefc7 (diff) | |
Declare certs for lockbox.
| -rw-r--r-- | inventory/group_vars/lockbox | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/inventory/group_vars/lockbox b/inventory/group_vars/lockbox index 7c82a435a..7d05524f8 100644 --- a/inventory/group_vars/lockbox +++ b/inventory/group_vars/lockbox @@ -7,3 +7,21 @@ num_cpus: 2 tcp_ports: [ 443 ] fas_client_groups: sysadmin-noc,sysadmin-qa,fi-apprentice + +# These are consumed by a task in roles/fedmsg/base/main.yml +# We don't really use the announce cert.. but it was supposed to be a way for +# the FPL and other powers that be to broadcast announcements, like the FCC's +# emergency broadcast system. The cert are group are here.. but no tools on the +# client side are configured to do anything with this yet. +fedmsg_certs: +- service: shell + owner: root + group: sysadmin + can_send: + - ansible.playbook.complete + - ansible.playbook.start +- service: announce + owner: root + group: fedmsg-announce + can_send: + - announce.announcement |