blob: 62be11cbbd47515d9bbe05cc772e5b56ff97cc1d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
---
- name: install pam_url
yum: name=pam_url state=present
tags:
- packages
- name: /etc/pki/tls/private/totpcgi.pem
copy: src="{{ puppet_private }}/2fa-certs/keys/{{ inventory_hostname }}.pem" dest=/etc/pki/tls/private/totpcgi.pem mode=0400
tags:
- config
- name: /etc/pki/tls/private/totpcgi-ca.cert
copy: src="{{ puppet_private }}/2fa-certs/keys/ca.crt" dest=/etc/pki/tls/private/totpcgi-ca.cert mode=0400
tags:
- config
- name: /etc/pam_url.conf - split for staging/phx2/everyone else
template: src={{ item }} dest=/etc/pam_url.conf mode=0644
with_first_found:
- "{{ files }}/2fa/pam_url.conf.{{ inventory_hostname }}"
- "{{ files }}/2fa/pam_url.conf.{{ ansible_domain }}"
- "{{ files }}/2fa/pam_url.conf.{{ datacenter }}"
- "{{ files }}/2fa/pam_url.conf.j2"
tags:
- config
- name: /etc/pam.d/sudo
copy: src={{ item }} dest=/etc/pam.d/sudo mode=0644
with_first_found:
- "{{ files }}/2fa/sudo.pam.{{ inventory_hostname }}"
- "{{ files }}/2fa/sudo.pam.{{ ansible_domain }}"
- "{{ files }}/2fa/sudo.pam"
tags:
- config
|
