From 79a6fe36dafea7bb1547670fbfa8b1cab54f26a3 Mon Sep 17 00:00:00 2001
From: Nils Philippsen <nils@redhat.com>
Date: Mar 24 2021 12:44:33 +0000
Subject: ipa/client: enable for mirrormanager in prod


Signed-off-by: Nils Philippsen <nils@redhat.com>

---

diff --git a/inventory/group_vars/mm b/inventory/group_vars/mm
index 93217d0..8c1a100 100644
--- a/inventory/group_vars/mm
+++ b/inventory/group_vars/mm
@@ -1,8 +1,6 @@
 ---
 # Define resources for this group of hosts here.
-fas_client_groups: sysadmin-noc,sysadmin-web,sysadmin-veteran
-sudoers: "{{ private }}/files/sudo/mm2-sudoers"
-
+primary_auth_source: ipa
 ipa_host_group: mirrormanager
 ipa_host_group_desc: Mirror Manager
 ipa_client_shell_groups:
diff --git a/playbooks/groups/mirrormanager.yml b/playbooks/groups/mirrormanager.yml
index bc3cda8..d3c0ecb 100644
--- a/playbooks/groups/mirrormanager.yml
+++ b/playbooks/groups/mirrormanager.yml
@@ -15,8 +15,7 @@
   - rkhunter
   - nagios_client
   - hosts
-  - { role: fas_client, when: env != "staging" }
-  - { role: ipa/client, when: env == "staging" }
+  - ipa/client
   - sudo
   - collectd/base
   - { role: openvpn/client, when: env != "staging" and inventory_hostname.startswith('mm-frontend')  }
@@ -26,8 +25,6 @@
   - import_tasks: "{{ tasks_path }}/yumrepos.yml"
 
   tasks:
-  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
-    when: env != "staging"
   - import_tasks: "{{ tasks_path }}/motd.yml"
 
   handlers: