|
|
class ldap::common {
case $ldap_base_dn {
"": {
$ldap_base_dn = "dc=example,dc=com" # Write a function that uses the domain fact
warning("ldap_base_dn not set, using default $ldap_base_dn")
}
}
case $ldap_admin_dn {
"": {
$ldap_admin_dn = "cn=admin,$ldap_base_dn"
warning("ldap_admin_dn not set, using default $ldap_admin_dn")
}
}
case $ldap_admin_password {
"": {
fail("ldap_admin_password not set!")
}
}
$ldappackage = "slapd"
$ldapservice = "slapd"
$ldapdir = "/etc/ldap"
$ldaputilpackage = "ldap-utils"
$ldapclientpackage = "libnss-ldap"
file { "$ldapdir/ldap.conf":
content => template("ldap/ldap.conf.erb"),
require => Package[$ldaputilpackage],
}
package {
$ldaputilpackage: ensure => installed;
}
}
class ldap::client inherits ldap::common {
case $ldap_server {
"": {
fail("ldap_server not set!")
}
}
package { $ldapclientpackage: ensure => installed; }
file { "/etc/libnss-ldap.conf":
content => template("ldap/libnss-ldap.conf.erb"),
require => [ Package[$ldapclientpackage], File["/etc/libnss-ldap.secret"] ],
}
file { "/etc/libnss-ldap.secret":
mode => 600,
content => "$ldap_admin_password",
}
}
class ldap::master inherits ldap::common {
package {
$ldappackage: ensure => installed;
}
file { "$ldapdir/slapd.conf":
content => template("ldap/slapd.conf.erb"),
require => Package[$ldappackage],
notify => Service["$ldapservice"],
}
service { $ldapservice:
require => [ Package[$ldappackage], File["$ldapdir/slapd.conf"] ],
ensure => running,
enable => true,
}
}
|
Pastie << self Blog
