1a36ffd08e
In openstack-infra we use AFS for a lot of things, so create 2 roles to handle creating / destroying of the tokens. Change-Id: I3dee184d0b87023e7e0808372cfeda94f8337b4f Signed-off-by: Paul Belanger <pabelanger@redhat.com>
22 lines
521 B
YAML
22 lines
521 B
YAML
- name: Create AFS keytab tempfile
|
|
tempfile:
|
|
state: file
|
|
register: afs_keytab_tmp
|
|
|
|
- name: Create (base64 decode) AFS keytab from secret
|
|
copy:
|
|
content: "{{ afs.keytab | b64decode }}"
|
|
dest: "{{ afs_keytab_tmp.path }}"
|
|
mode: 0400
|
|
|
|
- name: Obtain ticket for Kerberos
|
|
command: "kinit -k -t {{ afs_keytab_tmp.path}} {{ afs.service_name }}"
|
|
|
|
- name: Delete AFS keytab tempfile
|
|
file:
|
|
path: "{{ afs_keytab_tmp.path }}"
|
|
state: absent
|
|
|
|
- name: Obtain authentication token for AFS
|
|
command: aklog
|