diff options
Diffstat (limited to 'setup_kanidm.sh')
| -rw-r--r-- | setup_kanidm.sh | 56 |
1 files changed, 0 insertions, 56 deletions
diff --git a/setup_kanidm.sh b/setup_kanidm.sh deleted file mode 100644 index d6d50ab..0000000 --- a/setup_kanidm.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash - -UNIXERS_GROUP = {{ unixers }} - -/etc/kanidm/config -<<< -uri = "https://{{ idm_domain }}" -verify_ca = true -verify_hostnames = true ->>> - -/etc/kanidm/unixd -<<< -version = '2' - -default_shell = "/bin/zsh" - -home_attr = "uuid" -home_alias = "name" -home_prefix = "/home/" - -[kanidm] -pam_allowed_login_groups = ["{{ unixers }}"] - -[[kanidm.map_group]] -local = "admins" -with = "coffee_admins" ->>> - -/etc/sudo -<<< -%admins ALL=(ALL:ALL) ALL ->>> - -systemctl enable --now kanidm-unixd -systemctl enable --now kanidm-unixd-tasks - -add_line /etc/nsswitch.conf -<<< -passwd: kanidm files systemd -group: kanidm [SUCCESS=merge] files systemd ->>> - -add_line /etc/ssh/sshd_config.d/10-kanidm-keys.conf -<<< -PubkeyAuthentication yes -UsePAM yes - -Match Group {{ unixers_group }} - AuthorizedKeysCommand /usr/sbin/kanidm_ssh_authorizedkeys %u - AuthorizedKeysCommandUser nobody ->>> - -# PAM -add_line /etc/pam.d/common-account -<<< |