Puppet Class: ds_389

Defined in:
manifests/init.pp

Summary

Manages and configures the 389 Directory Server

Overview

Examples:

include ds_389

Parameters:

  • cacert_rehash (String)

    The command that is used to rehash CA certificates.

  • cacerts_path (Stdlib::Absolutepath)

    Target directory the 389 ds certs should be exported to. Default: ‘/etc/openldap/cacerts’

  • dnf_module_name (Optional[String]) (defaults to: undef)

    The name of the DNF module that should be enabled on RHEL. Optional.

  • dnf_module_version (Optional[String]) (defaults to: undef)

    The version of the DNF module that should be enabled on RHEL. Optional.

  • group (String)

    Group account 389 ds user should belong to. Default: ‘dirsrv’

  • home_dir (Stdlib::Absolutepath)

    Home directory for the 389 ds user account. Default: ‘/usr/share/dirsrv’

  • instances (Hash)

    A hash of ds_389::instance resources. Optional.

  • limits_config_dir (Stdlib::Absolutepath)

    Target directory for resource limit configuration.

  • nsstools_package_name (String)

    Name of the NSS tools package.

  • package_ensure (String)

    389 ds package state. Default ‘installed’

  • package_name (Variant[String,Array])

    Name of the 389 ds package to install. Default: ‘389-ds-base’

  • path (String)

    Specifies the content of the PATH environment variable when running commands. Should usually NOT be altered.

  • service_type (String)

    The service manager that should be used.

  • ssl_dir (Stdlib::Absolutepath)

    Target directory for generated SSL certificates.

  • ssl_version_min_support (Boolean)

    Obsolete parameter, only kept for compatibility with spacepants/puppet-ds_389. Will be removed in a later version.

  • supplier_role_name (String)

    In 389-ds the name of the supplier replication role was renamed from ‘master’ to ‘supplier’ in a backwards-incompatible fashion (issue #4656).

  • user (String)

    User account 389 ds should run as. Default: ‘dirsrv’

  • user_shell (String)

    Shell for the user account. Usually a pseudo-shell to prevent console access.



63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
# File 'manifests/init.pp', line 63

class ds_389 (
  Stdlib::Absolutepath $cacerts_path,
  String $cacert_rehash,
  String $group,
  Stdlib::Absolutepath $home_dir,
  Hash $instances,
  Stdlib::Absolutepath $limits_config_dir,
  String $nsstools_package_name,
  String $package_ensure,
  Variant[String,Array] $package_name,
  String $path,
  String $service_type,
  Stdlib::Absolutepath $ssl_dir,
  Boolean $ssl_version_min_support,
  String $supplier_role_name,
  String $user,
  String $user_shell,
  Optional[String] $dnf_module_name = undef,
  Optional[String] $dnf_module_version = undef,
) {
  class { 'ds_389::install': }

  if $instances {
    $instances.each |$instance_name, $params| {
      ds_389::instance { $instance_name:
        root_dn           => $params['root_dn'],
        suffix            => $params['suffix'],
        cert_db_pass      => $params['cert_db_pass'],
        root_dn_pass      => $params['root_dn_pass'],
        group             => $params['group'],
        user              => $params['user'],
        server_id         => $params['server_id'],
        server_host       => $params['server_host'],
        server_port       => $params['server_port'],
        server_ssl_port   => $params['server_ssl_port'],
        subject_alt_names => $params['subject_alt_names'],
        replication       => $params['replication'],
        ssl               => $params['ssl'],
        ssl_version_min   => $params['ssl_version_min'],
        schema_extensions => $params['schema_extensions'],
        modify_ldifs      => $params['modify_ldifs'],
        add_ldifs         => $params['add_ldifs'],
        base_load_ldifs   => $params['base_load_ldifs'],
        require           => Class['ds_389::install'],
      }
    }
  }
}