Puppet Class: ipa::install

Defined in:
manifests/install.pp

Overview

Parameters:

  • auto_home_share (String) (defaults to: $ipa::automount_home_share)
  • auto_location (String) (defaults to: $ipa::automount_location)
  • autofs_package (String) (defaults to: $ipa::params::autofs_package_name)
  • configure_dns (Boolean) (defaults to: $ipa::final_configure_dns_server)
  • install_ad_trust (Boolean) (defaults to: $ipa::install_trust_ad)
  • install_autofs (Boolean) (defaults to: $ipa::install_autofs)
  • install_epel (Boolean) (defaults to: $ipa::install_epel)
  • install_ipa_server (Boolean) (defaults to: $ipa::install_ipa_server)
  • install_sssd (Boolean) (defaults to: $ipa::install_sssd)
  • install_sssd_tools (Boolean) (defaults to: $ipa::install_sssdtools)
  • ipa_role (String) (defaults to: $ipa::ipa_role)
  • sssd_package_name (String) (defaults to: $ipa::params::sssd_package_name)
  • sssd_tools_package (String) (defaults to: $ipa::params::sssdtools_package_name) 


7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
 
# File 'manifests/install.pp', line 7

class ipa::install (
  String  $auto_home_share     = $ipa::automount_home_share,
  String  $auto_location       = $ipa::automount_location,
  String  $autofs_package      = $ipa::params::autofs_package_name,
  Boolean $configure_dns       = $ipa::final_configure_dns_server,
  Boolean $install_ad_trust    = $ipa::install_trust_ad,
  Boolean $install_autofs      = $ipa::install_autofs,
  Boolean $install_epel        = $ipa::install_epel,
  Boolean $install_ipa_server  = $ipa::install_ipa_server,
  Boolean $install_sssd        = $ipa::install_sssd,
  Boolean $install_sssd_tools  = $ipa::install_sssdtools,
  String  $ipa_role            = $ipa::ipa_role,
  String  $sssd_package_name   = $ipa::params::sssd_package_name,
  String  $sssd_tools_package  = $ipa::params::sssdtools_package_name,
) {
  # Do we want to do this or rely on Satellite repository?
  if $install_epel and $facts['os']['family'] == 'RedHat' {
    contain epel

    # if CentOS 8+, need to enabled the "idm" DNF module version "DL1" that includes
    # both the client and server installs
    $os_name = $facts['os']['name']
    $os_maj = $facts['os']['release']['major']
    if ($os_name == 'CentOS' and versioncmp($os_maj, '8') >= 0 and !defined(Package['idm'])) {
      package { 'idm':
        ensure   => 'DL1',
        provider => 'dnfmodule',
      }
    }
  }

  # Configure firewall rules if enabled.
  if $ipa_role == 'master' or $ipa_role == 'replica' {
    case $facts['os']['family'] {
      'RedHat': {
        case $facts['os']['release']['major'] {
          /(7)/, /(8)/: {}
          default: {
            fail("ERROR: Server can only be installed on RHEL 7+, \
            not RHEL version: ${facts['os']['full']}")
          }
        }
      }
      default: {
        fail("ERROR: Server can only be installed on RHEL 7+, \
        not on operating system: ${facts['os']['family']}")
      }
    }

    contain ipa::helpers::firewalld
  }

  if $install_sssd {
    contain ipa::install::sssd
  }

  if $install_sssd_tools {
    package { $sssd_tools_package:
      ensure => present,
    }
  }

  # install AutoFS here so both clients and servers get the package if they ask for it
  # otherwise we would have to put this in both server and client manifests
  if $install_autofs {
    ensure_resource('package', $autofs_package, { 'ensure' => 'present' })
  }

  # Install client if setting up replica server
  if $ipa_role == 'client' or $ipa_role == 'replica' {
    contain ipa::install::client
  }

  if $ipa_role == 'master' or $ipa_role == 'replica' {
    if $configure_dns {
      $dns_packages = [
        'ipa-server-dns',
        'bind-dyndb-ldap',
      ]
      package{$dns_packages:
        ensure => present,
      }
    }

    # Call server install mainfest
    if $install_ipa_server {
      contain ipa::install::server
    }

    # Call trust_ad install manifest
    if $install_ad_trust == true and $facts['trust_ad'] == undef {
      contain ipa::install::server::trust_ad
    }

    # Call autofs install mainfest
    if $ipa_role == 'master' {
      if $install_autofs {
        class { 'ipa::install::server::autofs':
          automount_home_share => $auto_home_share,
          automount_location   => $auto_location,
        }
        contain ipa::install::server::autofs
      }
    }
  }

  # Define helper
  ipa::helpers::flushcache { "server_${$facts['fqdn']}": }

}