aboutsummaryrefslogtreecommitdiffstats
path: root/modules/openldap/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'modules/openldap/manifests')
-rw-r--r--modules/openldap/manifests/config.pp7
-rw-r--r--modules/openldap/manifests/exported_slave.pp3
-rw-r--r--modules/openldap/manifests/init.pp122
-rw-r--r--modules/openldap/manifests/master.pp50
-rw-r--r--modules/openldap/manifests/slave.pp23
-rw-r--r--modules/openldap/manifests/slave_instance.pp8
-rw-r--r--modules/openldap/manifests/var.pp3
7 files changed, 115 insertions, 101 deletions
diff --git a/modules/openldap/manifests/config.pp b/modules/openldap/manifests/config.pp
new file mode 100644
index 00000000..336f8a23
--- /dev/null
+++ b/modules/openldap/manifests/config.pp
@@ -0,0 +1,7 @@
+define openldap::config($content) {
+ file { $name:
+ require => Package['openldap-servers'],
+ content => $content,
+ notify => Exec["slaptest"],
+ }
+}
diff --git a/modules/openldap/manifests/exported_slave.pp b/modules/openldap/manifests/exported_slave.pp
new file mode 100644
index 00000000..5b9f6b87
--- /dev/null
+++ b/modules/openldap/manifests/exported_slave.pp
@@ -0,0 +1,3 @@
+# this define is here only to be exported by slave
+# and later used by get_ldap_servers
+define openldap::exported_slave { }
diff --git a/modules/openldap/manifests/init.pp b/modules/openldap/manifests/init.pp
index 4f2c2d33..34a214a2 100644
--- a/modules/openldap/manifests/init.pp
+++ b/modules/openldap/manifests/init.pp
@@ -1,114 +1,34 @@
class openldap {
- define config($content) {
- file { $name:
- require => Package["openldap-servers"],
- content => $content,
- notify => Exec["/etc/init.d/ldap check"],
- }
- }
-
- class common {
- package { 'openldap-servers': }
-
- service { ldap:
- subscribe => Package['openldap-servers'],
- require => Openssl::Self_signed_cert["ldap.$domain"],
- }
-
- exec { "/etc/init.d/ldap check":
- refreshonly => true,
- notify => Service["ldap"],
- }
+ include openldap::var
- file {"/etc/ssl/openldap/":
- ensure => directory,
- }
+ package { 'openldap-servers': }
- openssl::self_signed_cert{ "ldap.$domain":
- directory => "/etc/ssl/openldap/"
- }
-
- openldap::config {
- '/etc/openldap/slapd.conf': content => "";
- '/etc/openldap/mandriva-dit-access.conf': content => "";
- '/etc/sysconfig/ldap': content => "";
- }
+ service { $openldap::var::service:
+ subscribe => Package['openldap-servers'],
+ require => Openssl::Self_signed_cert["ldap.${::domain}"],
}
- class master inherits common {
- Openldap::Config['/etc/openldap/mandriva-dit-access.conf'] {
- content => template("openldap/mandriva-dit-access.conf"),
- }
-
- $ldap_test_password = extlookup("ldap_test_password",'x')
- $ldap_test_directory = "/var/lib/ldap/test"
- file { "$ldap_test_directory":
- ensure => directory,
- group => ldap,
- owner => ldap,
- require => Package["openldap-servers"],
- before => Service['ldap'],
- }
-
- Openldap::Config['/etc/openldap/slapd.conf'] {
- content => template("openldap/slapd.conf", "openldap/slapd.test.conf"),
- }
-
- Openldap::Config['/etc/sysconfig/ldap'] {
- content => template("openldap/ldap.sysconfig"),
- }
-
- if $environment == "test" {
- # if we ae in a test vm, we need to fill the directory
- # with data
- package { "openldap-clients": }
-
- local_script { "init_ldap.sh":
- content => template('openldap/init_ldap.sh'),
- require => Package["openldap-clients"],
- }
-
- exec { "init_ldap.sh":
- # taken arbitrary among all possible files
- creates => "/var/lib/ldap/objectClass.bdb",
- require => Local_script["init_ldap.sh"],
- }
- }
+ exec { "slaptest":
+ refreshonly => true,
+ notify => Service[$openldap::var::service],
}
- # this define is here only to be exported by slave
- # and later used by get_ldap_servers
- define exported_slave {
-
+ file { '/etc/ssl/openldap/':
+ ensure => directory,
}
- # TODO create the user for sync in ldap
- # syntaxic sugar
- define slave_instance($rid) {
- # seems the inheritance do not work as I believe
- include openldap::common
- class { 'openldap::slave':
- rid => $rid,
- }
+ openssl::self_signed_cert{ "ldap.${::domain}":
+ directory => '/etc/ssl/openldap/',
}
- class slave($rid) inherits common {
-
- @@openldap::exported_slave { $rid: }
-
- $sync_password = extlookup("ldap_syncuser-$hostname",'x')
-
- # same access rights as master
- Openldap::Config['/etc/openldap/mandriva-dit-access.conf'] {
- content => template("openldap/mandriva-dit-access.conf"),
- }
-
- Openldap::Config['/etc/openldap/slapd.conf'] {
- content => template("openldap/slapd.conf",'openldap/slapd.syncrepl.conf'),
- }
-
- Openldap::Config['/etc/sysconfig/ldap'] {
- content => template("openldap/ldap.sysconfig"),
- }
+ openldap::config {
+ '/etc/openldap/slapd.conf':
+ content => '';
+ '/etc/openldap/mandriva-dit-access.conf':
+ content => '';
+ '/etc/sysconfig/ldap':
+ content => '';
+ '/etc/sysconfig/slapd':
+ content => '';
}
}
diff --git a/modules/openldap/manifests/master.pp b/modules/openldap/manifests/master.pp
new file mode 100644
index 00000000..53122628
--- /dev/null
+++ b/modules/openldap/manifests/master.pp
@@ -0,0 +1,50 @@
+class openldap::master inherits openldap {
+ include openldap::var
+
+ Openldap::Config['/etc/openldap/mandriva-dit-access.conf'] {
+ content => template('openldap/mandriva-dit-access.conf'),
+ }
+
+ $ldap_test_password = extlookup('ldap_test_password','x')
+ $ldap_test_directory = '/var/lib/ldap/test'
+ file { $ldap_test_directory:
+ ensure => directory,
+ group => 'ldap',
+ owner => 'ldap',
+ require => Package['openldap-servers'],
+ before => Service[$openldap::var::service],
+ }
+
+ Openldap::Config['/etc/openldap/slapd.conf'] {
+ content => template('openldap/slapd.conf', 'openldap/slapd.test.conf'),
+ }
+
+ Openldap::Config['/etc/sysconfig/ldap'] {
+ content => template('openldap/ldap.sysconfig'),
+ }
+
+ Openldap::Config['/etc/sysconfig/slapd'] {
+ content => template('openldap/slapd.sysconfig'),
+ }
+
+ host { "ldap.${::domain}":
+ ip => '127.0.0.1',
+ }
+
+ if $::environment == 'test' {
+ # if we are in a test vm, we need to fill the directory
+ # with data
+ package { 'openldap-clients': }
+
+ mga_common::local_script { 'init_ldap.sh':
+ content => template('openldap/init_ldap.sh'),
+ require => Package['openldap-clients'],
+ }
+
+ exec { 'init_ldap.sh':
+ # taken arbitrary among all possible files
+ creates => '/var/lib/ldap/objectClass.bdb',
+ require => Mga_common::Local_script['init_ldap.sh'],
+ }
+ }
+}
diff --git a/modules/openldap/manifests/slave.pp b/modules/openldap/manifests/slave.pp
new file mode 100644
index 00000000..ba0cfb9d
--- /dev/null
+++ b/modules/openldap/manifests/slave.pp
@@ -0,0 +1,23 @@
+class openldap::slave($rid) inherits openldap {
+
+ @@openldap::exported_slave { $rid: }
+
+ $sync_password = extlookup("ldap_syncuser-${::hostname}",'x')
+
+ # same access rights as master
+ Openldap::Config['/etc/openldap/mandriva-dit-access.conf'] {
+ content => template('openldap/mandriva-dit-access.conf'),
+ }
+
+ Openldap::Config['/etc/openldap/slapd.conf'] {
+ content => template('openldap/slapd.conf','openldap/slapd.syncrepl.conf'),
+ }
+
+ Openldap::Config['/etc/sysconfig/ldap'] {
+ content => template('openldap/ldap.sysconfig'),
+ }
+
+ Openldap::Config['/etc/sysconfig/slapd'] {
+ content => template('openldap/slapd-slave.sysconfig'),
+ }
+}
diff --git a/modules/openldap/manifests/slave_instance.pp b/modules/openldap/manifests/slave_instance.pp
new file mode 100644
index 00000000..fbf998c6
--- /dev/null
+++ b/modules/openldap/manifests/slave_instance.pp
@@ -0,0 +1,8 @@
+# TODO create the user for sync in ldap
+# this define is mainly syntactic sugar
+define openldap::slave_instance($rid) {
+ include openldap
+ class { 'openldap::slave':
+ rid => $rid,
+ }
+}
diff --git a/modules/openldap/manifests/var.pp b/modules/openldap/manifests/var.pp
new file mode 100644
index 00000000..d6947eb8
--- /dev/null
+++ b/modules/openldap/manifests/var.pp
@@ -0,0 +1,3 @@
+class openldap::var {
+ $service = 'slapd'
+}
generated by cgit v1.2.1 (git 2.21.0) at 2025-11-24 02:27:00 +0000