Dustin C. Hatch
e9d6020563
The `root_authorized_keys` variable was originally defined only for the *pyrocufflink* group. This used to effectively be "all" machines, since everything was a member of the AD domain. Now that we're moving away from that deployment model, we still want to have the break-glass option, so we need to define the authorized keys for the _all_ group.
11 lines
213 B
YAML
11 lines
213 B
YAML
ansible_become_method: sudo
|
|
|
|
krb5_realm: PYROCUFFLINK.BLUE
|
|
samba_security: ads
|
|
samba_use_winbind: true
|
|
pam_winbind: true
|
|
nss_winbind: true
|
|
pam_mkhomedir: true
|
|
|
|
fileserver_sftp_only_match: 'Group !server?admins,*'
|