Puppet Class: ldap::server::config

Inherits:
ldap::server
Defined in:
manifests/server/config.pp

Overview

Class: ldap::server::config

Manage the configuration of the ldap server service



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
 
# File 'manifests/server/config.pp', line 5

class ldap::server::config inherits ldap::server {
  # If $config is true, we will be configuring the "config" LDAP database
  # for storing OpenLDAP configurations in LDAP itself.
  if $config {
    # If $configdn is set, use that in the template.  Else use $rootdn
    if $configdn {
      $_configdn = $configdn
    } else {
      $_configdn = $::ldap::server::rootdn
    }
    # If $configpw is set, use that in the template.  Else use $rootpw
    if $configpw {
      $_configpw = $configpw
    } else {
      $_configpw = $::ldap::server::rootpw
    }
  }

  # If $monitor is true, we will be configuring the "monitor" LDAP database
  # which allows us to query the LDAP server for statistics about itself
  if $monitor {
    # If $monitordn is set, use that in the template.  Else use $rootdn
    if $monitordn {
      $_monitordn = $monitordn
    } else {
      $_monitordn = $::ldap::server::rootdn
    }
    # If $monitorpw is set, use that in the template.  Else use $rootpw
    if $monitorpw {
      $_monitorpw = $monitorpw
    } else {
      $_monitorpw = $::ldap::server::rootpw
    }
  }

  file { $ldap::server::config_file:
    owner   => $ldap::server::ldapowner,
    group   => $ldap::server::ldapgroup,
    # may contain passwords
    mode    => $ldap::server::config_file_mode,
    content => template($ldap::server::config_template),
  }

  if $ldap::server::default_file {
    file { $ldap::server::default_file:
      owner   => 0,
      group   => 0,
      mode    => $ldap::server::default_file_mode,
      content => template($ldap::server::default_template),
    }
  }

  file { $ldap::server::schema_directory:
    ensure => directory,
    owner  => 0,
    group  => 0,
    mode   => $ldap::server::schema_directory_mode,
  }
  ->
  ldap::schema_file { $ldap::server::extra_schemas:
    directory        => $ldap::server::schema_directory,
    source_directory => $ldap::server::schema_source_directory,
  }

  file { $ldap::server::directory:
    ensure => directory,
    owner  => $ldap::server::ldapowner,
    group  => $ldap::server::ldapgroup,
    mode   => $ldap::server::directory_mode,
  }

  file { $ldap::server::run_directory:
    ensure => directory,
    owner  => $ldap::server::ldapowner,
    group  => $ldap::server::ldapgroup,
    mode   => $ldap::server::run_directory_mode,
  }

  if $ldap::server::backend == 'bdb' or $ldap::server::backend == 'hdb' {
    file { $ldap::server::db_config_file:
      owner   => $ldap::server::ldapowner,
      group   => $ldap::server::ldapgroup,
      mode    => $ldap::server::db_config_file_mode,
      content => template($ldap::server::db_config_template),
      require => File[$ldap::server::directory],
    }
  }

  if $ldap::server::dynconfig_directory and $ldap::server::purge_dynconfig_directory == true {
    file { $ldap::server::dynconfig_directory:
      ensure  => absent,
      path    => $ldap::server::dynconfig_directory,
      recurse => true,
      purge   => true,
      force   => true,
    }
  }
}