tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
puppet/ldap/manifests/init.pp

197 lines
4.5 KiB
Puppet
Raw Blame History

# Install and configure ldap client
#
# === Global variables
#
# $ldap_server:
# Array containing LDAP server URI's.
#
# $ldap_basedn:
# LDAP base DN.
#
# $ldap_login_umask:
# Default umask for LDAP users in OpenBSD, defaults to 077.
#
class ldap::client {
package { "openldap-client":
name => $operatingsystem ? {
openbsd => "openldap-client",
default => "openldap-clients",
},
ensure => installed,
}
file { "/etc/openldap/ldap.conf":
ensure => present,
content => template("ldap/ldap.conf.erb"),
mode => 0644,
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
default => root,
},
require => Package["openldap-client"],
}
case $operatingsystem {
OpenBSD: {
if ! $ldap_login_umask {
$ldap_login_umask = "077"
}
package { "login_ldap":
ensure => installed,
}
file { "/etc/login.conf":
ensure => present,
content => template("ldap/login.conf.erb"),
mode => 0644,
owner => root,
group => wheel,
require => [ File["/etc/openldap/ldap.conf"],
Package["login_ldap"], ]
}
}
}
}
# Install python ldap bindings.
#
class ldap::client::python {
package { "python-ldap":
name => $operatingsystem ? {
openbsd => "py-ldap",
default => "python-ldap",
},
ensure => installed,
}
}
# Install Ruby ldap bindings.
#
class ldap::client::ruby {
case $operatingsystem {
ubuntu: {
$pkgname = regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libldap-ruby\1')
}
default: {
$pkgname = "ruby-ldap"
}
}
package { "ruby-ldap":
name => $pkgname,
ensure => installed,
}
}
# Install OpenLDAP server.
#
# $ldap_datadir:
# Directory for LDAP databases. Defaults to /srv/ldap.
#
class ldap::server {
if $ldap_datadir {
file { "${ldap_datadir}":
ensure => directory,
mode => 0700,
owner => ldap,
group => ldap,
require => Package["openldap-servers"],
}
file { "/srv/ldap":
ensure => link,
target => "${ldap_datadir}",
require => File["${ldap_datadir}"],
}
} else {
file { "/srv/ldap":
ensure => directory,
mode => 0700,
owner => ldap,
group => ldap,
require => Package["openldap-servers"],
}
}
package { [ "openldap-servers", "openldap-servers-overlays", ]:
ensure => installed,
}
service { "ldap":
ensure => running,
enable => true,
require => Package["openldap-servers"],
}
file { "/etc/openldap/slapd.conf":
ensure => present,
source => [ "puppet:///files/ldap/slapd.conf.${fqdn}",
"puppet:///files/ldap/slapd.conf", ],
mode => 0640,
owner => root,
group => ldap,
notify => Service["ldap"],
require => Package["openldap-servers"],
}
file { "/srv/ldap/DB_CONFIG":
ensure => present,
source => [ "puppet:///files/ldap/DB_CONFIG.${fqdn}",
"puppet:///files/ldap/DB_CONFIG",
"puppet:///ldap/DB_CONFIG", ],
mode => 0644,
owner => root,
group => root,
require => Package["openldap-servers"],
}
ldap::server::schema { "apple-auth": }
ldap::server::schema { "apple": }
ldap::server::schema { "autofs": }
ldap::server::schema { "dnszone": }
ldap::server::schema { "hdb": }
ldap::server::schema { "openssh-lpk": }
ldap::server::schema { "rfc2307bis": }
ldap::server::schema { "samba": }
}
# Install custom schema to OpenLDAP.
#
# === Parameters
#
# $name:
# Schema name.
#
# === Sample usage
#
# ldap::server::schema { "samba": }
#
define ldap::server::schema() {
include ldap::server
file { "/etc/openldap/schema/${name}.schema":
ensure => present,
source => [ "puppet:///files/ldap/${name}.schema",
"puppet:///ldap/${name}.schema", ],
mode => 0644,
owner => root,
group => root,
require => Package["openldap-servers"],
}
}
Reference in a new issue View git blame Copy permalink