Added LDAP authentication support for ejabberd

ejabberd/manifests/init.pp

@@ -23,6 +23,19 @@
 #   $ejabberd_muclog_format:
 #       Chatroom log format. Valid values html or plaintext.
 #
+#   $ejabberd_auth:
+#       Authentication method or array of multiple methods.
+#       Valid values internal, external or ldap. Defaults to internal.
+#
+#   $ejabberd_extauth:
+#       Path to external authentication command.
+#
+#   $ejabberd_ldap_server:
+#       Array of LDAP authentication servers.
+#
+#   $ejabberd_ldap_basedn.
+#       LDAP base dn.
+#
 class ejabberd {
 
     include user::system
@@ -34,6 +47,9 @@ class ejabberd {
     if !$ejabberd_admin {
         $ejabberd_admin = []
     }
+    if !$ejabberd_auth {
+        $ejabberd_auth = "internal"
+    }
 
     case $ejabberd_muclog_format {
         "","html","plaintext": { }

ejabberd/templates/ejabberd.cfg.erb

@@ -213,11 +213,22 @@ override_acls.
 %%%.   ==============
 %%%'   AUTHENTICATION
 
-<% if has_variable?("ejabberd_extauth") -%>
+<% if ejabberd_auth.is_a?(Array) -%>
-{auth_method, external}.
+{auth_method, [<%= ejabberd_auth.join(", ") %>]}.
-{extauth_program, "<%= ejabberd_extauth %>"}.
 <% else -%>
-{auth_method, internal}.
+{auth_method, <%= ejabberd_auth %>}.
+<% end -%>
+<% if has_variable?("ejabberd_extauth") -%>
+{extauth_program, "<%= ejabberd_extauth %>"}.
+<% end -%>
+<% if has_variable?("ejabberd_ldap_server") -%>
+<% ejabberd_ldap_server.map! { |server| '"%s"' % server } -%>
+{ldap_servers, [<%= ejabberd_ldap_server.join(", ") %>]}.
+{ldap_base, "<%= ejabberd_ldap_basedn %>"}.
+{ldap_encrypt, tls}.
+{ldap_port, 636}.
+{ldap_uids, [{"uid", "%u"}]}.
+{ldap_filter, "(!(loginShell=/sbin/nologin))"}.
 <% end -%>
 
 %%