From 6108498bc2f62e0ff1210538865928f0682df364 Mon Sep 17 00:00:00 2001
From: alex <alex@pdp7.net>
Date: Sat, 4 Feb 2023 14:54:32 +0100
Subject: [PATCH] Fix ragent for h1

---
 .../playbooks/patch_rpc_svcgssd_service.yaml  | 21 +++++++++++++++++++
 .../modules/proxmox/manifests/freeipa.pp      | 10 +++++++++
 .../puppet/modules/proxmox/manifests/init.pp  |  6 ++++++
 3 files changed, 37 insertions(+)
 create mode 100644 personal_infra/playbooks/patch_rpc_svcgssd_service.yaml

diff --git a/personal_infra/playbooks/patch_rpc_svcgssd_service.yaml b/personal_infra/playbooks/patch_rpc_svcgssd_service.yaml
new file mode 100644
index 0000000..957ecdd
--- /dev/null
+++ b/personal_infra/playbooks/patch_rpc_svcgssd_service.yaml
@@ -0,0 +1,21 @@
+---
+- hosts: patch_rpc_svcgssd_service
+  collections: freeipa.ansible_freeipa
+  vars:
+    ansible_user: alex
+    ansible_become: True
+  tasks:
+  - name: del nfs service
+    command: ipa service-del nfs/h1.pdp7.net
+    ignore_errors: True
+  - name: create nfs service
+    command: ipa service-add nfs/{{ inventory_hostname }}
+  - name: clean keytab
+    command: ipa-rmkeytab -p nfs/{{ inventory_hostname }} -k /etc/krb5.keytab
+    ignore_errors: True
+  - name: get keytab
+    command: ipa-getkeytab -p nfs/{{ inventory_hostname }} -k /etc/krb5.keytab
+  - name: restart
+    service:
+      name: rpc-svcgssd.service
+      state: restarted
diff --git a/personal_infra/puppet/modules/proxmox/manifests/freeipa.pp b/personal_infra/puppet/modules/proxmox/manifests/freeipa.pp
index e91c56e..f3464c7 100644
--- a/personal_infra/puppet/modules/proxmox/manifests/freeipa.pp
+++ b/personal_infra/puppet/modules/proxmox/manifests/freeipa.pp
@@ -4,4 +4,14 @@ class proxmox::freeipa {
   file {['/etc/subuid', '/etc/subgid']:
     content => epp('proxmox/freeipa_subxid', {'freeipa' => lookup('freeipa')}),
   }
+
+  # TODO
+  service {['sssd-ssh.socket', 'sssd-pam-priv.socket', 'sssd-nss.socket', 'sssd-sudo.socket', 'sssd-pam.socket']:
+    ensure => stopped,
+    enable => mask,
+  }
+  ~>
+  exec {'/usr/bin/systemctl reset-failed':
+    refreshonly => true,
+  }
 }
diff --git a/personal_infra/puppet/modules/proxmox/manifests/init.pp b/personal_infra/puppet/modules/proxmox/manifests/init.pp
index 53a6d24..b3297eb 100644
--- a/personal_infra/puppet/modules/proxmox/manifests/init.pp
+++ b/personal_infra/puppet/modules/proxmox/manifests/init.pp
@@ -21,6 +21,12 @@ class proxmox {
     enable => mask,
   }
 
+  file {'/etc/logrotate.d/pve':
+    ensure => absent,
+  }
+  ~>
+  service {'logrotate':}
+
   file {'/etc/apt/sources.list.d/pve-enterprise.list':
     ensure => absent,
   }
-- 
2.47.3