tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Run slaptest to validate configuration files before (re)starting slapd service.

Browse source
This commit is contained in:
Ossi Herrala 2013-02-05 12:56:14 +00:00
parent 47f614031f
commit 6ab334fa62
1 changed files with 22 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

36
ldap/manifests/init.pp
View file

@ -365,7 +365,7 @@ class ldap::server {
command => "usermod -a -G ssl-cert openldap",
unless => "id -n -G openldap | grep '\\bssl-cert\\b'",
require => Package["openldap-server"],
before => Service["slapd"],
before => Exec["slaptest"],
}
}
"fedora": {
@ -424,7 +424,7 @@ class ldap::server {
default => "root",
},
require => Package["openldap-server"],
notify => Service["slapd"],
notify => Exec["slaptest"],
}
file { "${ssl::private}/slapd.key":
ensure => present,
@ -433,7 +433,7 @@ class ldap::server {
owner => "root",
group => $group,
require => Package["openldap-server"],
notify => Service["slapd"],
notify => Exec["slaptest"],
}
file { "/etc/openldap/cacerts":
@ -449,7 +449,7 @@ class ldap::server {
cwd => "/etc/openldap/cacerts",
onlyif => "find /etc/openldap/cacerts ! -newer /etc/openldap/ca-certificates.crt | egrep '.*' || [ -z \"`ls /etc/openldap/cacerts`\" ]",
require => File["/etc/openldap/cacerts"],
before => Service["slapd"],
before => Exec["slaptest"],
}
file { "slapd.conf":
@ -459,7 +459,7 @@ class ldap::server {
mode => "0640",
owner => "root",
group => $group,
notify => Service["slapd"],
notify => Exec["slaptest"],
require => Package["openldap-server"],
}
file { "${config}/slapd.conf.d":
@ -484,7 +484,7 @@ class ldap::server {
mode => "0644",
owner => "root",
group => "root",
notify => Service["slapd"],
notify => Exec["slaptest"],
require => Package["openldap-server"],
}
}
@ -495,12 +495,20 @@ class ldap::server {
mode => "0644",
owner => "root",
group => "root",
notify => Service["slapd"],
notify => Exec["slaptest"],
require => Package["openldap-server"],
}
}
}
exec { "slaptest":
command => "slaptest",
path => "/bin:/usr/bin:/sbin:/usr/sbin",
refreshonly => true,
require => File["${config}/slapd.conf.d"],
notify => Service["slapd"],
}
service { "slapd":
name => $service_name,
start => $::operatingsystem ? {
@ -509,7 +517,7 @@ class ldap::server {
},
ensure => running,
enable => true,
require => Package ["openldap-server"]
require => Package["openldap-server"]
}
if $ldap_datadir {
@ -578,7 +586,7 @@ class ldap::server {
path => "/bin:/usr/bin:/sbin:/usr/sbin",
refreshonly => true,
require => File["${config}/slapd.conf.d"],
notify => Service["slapd"],
notify => Exec["slaptest"],
}
ldap::server::schema { [ "core", "cosine", "ppolicy", ]:
idx => 10,
@ -590,13 +598,13 @@ class ldap::server {
owner => "root",
group => $group,
require => Exec["generate-slapd-database-config"],
notify => Service["slapd"],
notify => Exec["slaptest"],
}
exec { "generate-slapd-database-config":
command => "find ${config}/slapd.conf.d/db.*.conf -exec echo 'include {}' \\; > ${config}/slapd.conf.d/database.conf",
path => "/bin:/usr/bin:/sbin:/usr/sbin",
refreshonly => true,
notify => Service["slapd"],
notify => Exec["slaptest"],
}
}
@ -654,7 +662,7 @@ define ldap::server::database($aclsource = "", $master = "", $syncpw = "", $modu
mode => "0640",
owner => "root",
group => $ldap::server::group,
notify => Service["slapd"],
notify => Exec["slaptest"],
}
file { "${ldap::server::config}/slapd.conf.d/index.${name}.conf":
@ -665,7 +673,7 @@ define ldap::server::database($aclsource = "", $master = "", $syncpw = "", $modu
mode => "0640",
owner => "root",
group => $ldap::server::group,
notify => Service["slapd"],
notify => Exec["slaptest"],
}
file { "/srv/ldap/${name}":
@ -690,7 +698,7 @@ define ldap::server::database($aclsource = "", $master = "", $syncpw = "", $modu
},
seltype => "slapd_db_t",
require => File["/srv/ldap/${name}"],
before => Service["slapd"],
before => Exec["slaptest"],
}
}