Initial version of kerberos::server class.

kerberos/manifests/init.pp

@@ -85,12 +85,71 @@ class kerberos::auth {
 }
 
 
+# Install Kerberos server
+#
+# === Global variables
+#
+#   $kerberos_realm:
+#       Kerberos realm name.
+#
+#   $kerberos_datadir:
+#       Directory where to store Kerberos database files
+#       defaults to /srv/kerberos
+#
 class kerberos::server inherits kerberos::client {
 
-    package { "heimdal-server":
+    package { "krb5-server":
 	ensure => installed,
     }
 
+    if $kerberos_datadir {
+        file { $kerberos_datadir:
+            ensure => directory,
+            mode   => 0600,
+            owner  => "root",
+            group  => "root",
+        }
+        file { "/srv/kerberos":
+            ensure  => link,
+            target  => $kerberos_datadir,
+            owner   => "root",
+            group   => "root",
+            require => File[$kerberos_datadir],
+        }
+    } else {
+        file { "/srv/kerberos":
+            ensure => directory,
+            mode   => 0600,
+            owner  => "root",
+            group  => "root",
+        }
+    }
+
+    file { "/var/kerberos/krb5kdc/kdc.conf":
+        ensure  => present,
+        content => template("kerberos/kdc.conf.erb"),
+        mode    => 0600,
+        owner   => "root",
+        group   => "root",
+        require => [ Package["krb5-server"],
+                     File["/srv/kerberos"], ],
+        notify  => Service["krb5kdc"],
+    }
+
+    exec { "check-database":
+        command   => "echo 'Run \"kdb5_util create -r ${kerberos_realm} -s\" to initialize database.'",
+        path      => "/bin:/usr/bin:/sbin:/usr/sbin",
+        creates   => "/srv/kerberos/db.${kerberos_realm}.ok",
+        returns   => 1,
+    }
+
+    service { "krb5kdc":
+        ensure    => running,
+        enable    => true,
+        subscribe => File["/etc/krb5.conf"],
+        require   => Exec["check-database"],
+    }
+
 }