[526] | 1 | # |
---|
| 2 | # used like this: |
---|
| 3 | # |
---|
[565] | 4 | # $ldap_uri = 'ldap://ldap-server' |
---|
| 5 | # $ldap_base = 'dc=example,dc=com' |
---|
| 6 | # $ldap_ssl = 'true' |
---|
[526] | 7 | # if ssl is not activated just don't put the line above. |
---|
| 8 | # include openldap::client |
---|
| 9 | |
---|
[444] | 10 | class openldap::client { |
---|
[526] | 11 | package { [ |
---|
| 12 | "base-files", |
---|
| 13 | "libnss-ldap", |
---|
| 14 | "libpam-ldap", |
---|
[529] | 15 | "libpam-cracklib", |
---|
[530] | 16 | "nscd" |
---|
| 17 | ]: ensure => installed |
---|
[526] | 18 | } |
---|
[541] | 19 | |
---|
| 20 | case $operatingsystem { |
---|
| 21 | Debian: { |
---|
| 22 | file { |
---|
| 23 | "/etc/pam_ldap.conf": |
---|
| 24 | require => Package["base-files"], |
---|
| 25 | ensure => present, |
---|
| 26 | content => template("openldap/pam_ldap.conf.erb"); |
---|
| 27 | "/etc/libnss-ldap.conf": |
---|
| 28 | require => Package["base-files"], |
---|
| 29 | ensure => present, |
---|
| 30 | content => template("openldap/ldap.conf.erb"); |
---|
| 31 | } |
---|
| 32 | } |
---|
| 33 | Ubuntu: { |
---|
| 34 | file { |
---|
| 35 | "/etc/ldap.conf": |
---|
| 36 | require => Package["base-files"], |
---|
| 37 | ensure => present, |
---|
| 38 | content => template("openldap/ldap.conf.erb"); |
---|
| 39 | "/etc/ldap/ldap.conf": |
---|
| 40 | require => Package["base-files"], |
---|
| 41 | ensure => present, |
---|
| 42 | content => template("openldap/ldap.conf.erb"); |
---|
| 43 | } |
---|
| 44 | } |
---|
| 45 | default: { |
---|
| 46 | err("Your $operatingsystem is not supported yet to configure openldap-client") |
---|
| 47 | } |
---|
| 48 | } |
---|
[444] | 49 | |
---|
[526] | 50 | file { |
---|
| 51 | "/etc/nsswitch.conf": |
---|
| 52 | source => "puppet:///openldap/etc/nsswitch.conf", |
---|
| 53 | ensure => present, |
---|
[530] | 54 | require => Package["base-files"]; |
---|
[529] | 55 | "/etc/pam.d": |
---|
| 56 | ensure => directory, |
---|
| 57 | mode => 644, |
---|
| 58 | owner => root, |
---|
| 59 | group => root, |
---|
| 60 | source => "puppet:///openldap/etc/pam.d/", |
---|
| 61 | recurse => "true", |
---|
| 62 | require => Package[base-files]; |
---|
[526] | 63 | } |
---|
[444] | 64 | } |
---|
[568] | 65 | |
---|
| 66 | # |
---|
| 67 | # used like this: |
---|
[573] | 68 | # * for one mount point |
---|
| 69 | # $pammount_fstype = 'nfs' |
---|
| 70 | # $pammount_server = '10.0.0.2' |
---|
| 71 | # $pammount_path = '~' |
---|
| 72 | # $pammount_mountpoint = '~' |
---|
| 73 | # * if you need a second mount point |
---|
| 74 | # $pammount_fstype2 = 'nfs' |
---|
| 75 | # $pammount_server2 = '10.0.0.2' |
---|
| 76 | # $pammount_path2 = '/home/shared/' |
---|
| 77 | # $pammount_mountpoint2 = '/home/shared' |
---|
[568] | 78 | # include openldap::client::pammount |
---|
| 79 | |
---|
| 80 | class openldap::client::pammount { |
---|
| 81 | package { [ |
---|
| 82 | "nfs-common", |
---|
| 83 | "libpam-mount" |
---|
| 84 | ]: ensure => installed |
---|
| 85 | } |
---|
| 86 | |
---|
| 87 | case $operatingsystem { |
---|
| 88 | Ubuntu: { |
---|
| 89 | file { |
---|
| 90 | "/etc/security/pam_mount.conf.xml": |
---|
| 91 | require => Package["libpam-mount"], |
---|
| 92 | ensure => present, |
---|
| 93 | content => template("openldap/pam_mount.conf.xml.erb"); |
---|
| 94 | } |
---|
| 95 | } |
---|
| 96 | default: { |
---|
| 97 | err("Your $operatingsystem is not supported yet to configure openldap-client") |
---|
| 98 | } |
---|
| 99 | } |
---|
| 100 | } |
---|