From ee7937acef49bfc1f44483c82fe6ebf76613182f Mon Sep 17 00:00:00 2001
From: Dan Fandrich <dan@coneharvesters.com>
Date: Wed, 20 Dec 2023 21:30:27 -0800
Subject: Provide a slapd file for the master, too

Puppet insists on it.
---
 modules/openldap/manifests/init.pp         |  2 ++
 modules/openldap/manifests/master.pp       |  4 ++++
 modules/openldap/templates/slapd.sysconfig | 37 ++++++++++++++++++++++++++++++
 3 files changed, 43 insertions(+)
 create mode 100644 modules/openldap/templates/slapd.sysconfig

diff --git a/modules/openldap/manifests/init.pp b/modules/openldap/manifests/init.pp
index c9d26c89..7f97aa59 100644
--- a/modules/openldap/manifests/init.pp
+++ b/modules/openldap/manifests/init.pp
@@ -28,5 +28,7 @@ class openldap {
             content => '';
         '/etc/sysconfig/ldap':
             content => '';
+        '/etc/sysconfig/slapd':
+            content => '';
     }
 }
diff --git a/modules/openldap/manifests/master.pp b/modules/openldap/manifests/master.pp
index bac15a37..53122628 100644
--- a/modules/openldap/manifests/master.pp
+++ b/modules/openldap/manifests/master.pp
@@ -23,6 +23,10 @@ class openldap::master inherits openldap {
         content => template('openldap/ldap.sysconfig'),
     }
 
+    Openldap::Config['/etc/sysconfig/slapd'] {
+        content => template('openldap/slapd.sysconfig'),
+    }
+
     host { "ldap.${::domain}":
         ip => '127.0.0.1',
     }
diff --git a/modules/openldap/templates/slapd.sysconfig b/modules/openldap/templates/slapd.sysconfig
new file mode 100644
index 00000000..e6ae2e05
--- /dev/null
+++ b/modules/openldap/templates/slapd.sysconfig
@@ -0,0 +1,37 @@
+# debug level for slapd
+SLAPDSYSLOGLEVEL="0"
+SLAPDSYSLOGLOCALUSER="local4"
+
+# SLAPD URL list
+SLAPDURLLIST="ldap:/// ldaps:/// ldapi:///"
+
+# Config file to use for slapd
+#SLAPDCONF=/etc/openldap/slapd.conf
+
+# Which user to run as
+#LDAPUSER=ldap
+#LDAPGROUP=ldap
+
+# Should file permissions on database files be fixed at startup. Default is yes
+# FIXPERMS=no
+
+# Whether database recovery should be run before starting slapd in start
+# (not strictly be necessary in 2.3). Default is no
+# AUTORECOVER=yes
+
+# At what intervals to run ldap-hot-db-backup from cron, which will
+# do hot database backups for all bdb/hdb databases, and archive
+# unnecessary transaction logs, one of hourly,daily,weekly,monthly,yearly
+# Default is daily
+# RUN_DB_BACKUP=daily
+
+# How many days to keep archived transaction logs for. This should be just
+# greater than the backup interval on these files. Default is 7
+# KEEP_ARCHIVES_DAYS=7
+
+# How many files slapd should be able to have open. By default, the process
+# will inherit the default per-process limit (usually 1024), which may
+# not be enough, so ulimit -n is run with the value in MAXFILES (which
+# defaults to 1024 as well). 4096 is the maximum OpenLDAP will use without
+# recompiling.
+# MAXFILES=4096
-- 
cgit v1.2.1