source: trunk/puppet/modules/puppet-openldap/manifests/classes/server-slave.pp @ 726

Last change on this file since 726 was 726, checked in by sebas@…, 14 years ago

ajustar las dependencias entre los execs
File size: 4.9 KB
RevLine 
[655]1# copyright <sebas @ koumbit.org>
2# copyright <josx @ interorganic.com.ar >
3# Licence: GPL
4
5
[651]6class openldap::server::slave::dev {
7
8    package { [
9       "slapd",
10       "ldap-utils"
11       ]: ensure => installed
12    }
13
14    service { "slapd":
15        enable    => true,
16        ensure    => running,
17        subscribe => [ Package["slapd"] ],
18    }
19
20    file {
21        "/etc/ldap/schema":
22         ensure => directory,
23         mode   => 644,
24         owner  => root,
25         group  => root,
26         source  => "puppet:///openldap/etc/ldap/schema/",
27         recurse => "true",
[726]28         notify  => Exec_ldap_files["/etc/ldap/schema"],
[656]29         before  => Exec_ldap_files["/etc/ldap/schema"],
[726]30         require => Package["slapd", "ldap-utils"];
[651]31        "/var/backups/ldap":
32         ensure  => directory,
33         owner   => root,
34         group   => root,
[656]35         mode    => 750;
[651]36    }
37
38    file {
39        "/etc/ldap/consumer-init.ldif":
40         content => template("openldap/consumer-init.ldif.erb"),
41         mode    => 0600,
42         owner   => root,
43         group   => root;
44        "/etc/ldap/consumer-sync.ldif":
45         content => template("openldap/consumer-sync.ldif.erb"),
46         mode    => 0600,
47         owner   => root,
[656]48         group   => root;
[651]49    }
[655]50
[665]51
52    define exec_ldap_files($archivos) {
53        exec_ldap_file { $archivos: archivo => $name }
54    }
55
56    define exec_ldap_file($archivo) {
57        $test = "/usr/bin/test"
58        $ldap_add = "/usr/bin/ldapadd -Y EXTERNAL -H ldapi:/// -f"
59        $slapd_path =  "/etc/ldap/slapd.d"
60        $unless = "$test -e $slapd_path/cn=config/cn=schema/cn={*}$name"
61
[726]62#        file { "${archivo}/$name" : ensure => present }
[665]63        exec { "ejecuta$name":
64            command => "$ldap_add $archivo/$name",
65            unless => $unless,
66            returns => [0,80],
[726]67            notify  => Exec["ejecutaConsumerInit"],
68            before  => [ Exec["ejecutaConsumerInit"]  ],
[665]69       }
70    }
71
[656]72    exec_ldap_files { "/etc/ldap/schema":
[664]73        archivos => [ "cosine.ldif", "inetorgperson.ldif", "rfc2307bis.ldif", "evolutionperson.ldif", "mozillaabpersonalpha.ldif" ],
[655]74    }
75
[664]76    $test = "/usr/bin/test"
77    $ldap_add = "/usr/bin/ldapadd -Y EXTERNAL -H ldapi:/// -f"
78    $slapd_path =  "/etc/ldap/slapd.d"
79    exec { "ejecutaConsumerInit":
80        command => "$ldap_add /etc/ldap/consumer-init.ldif",
[726]81        unless  => "$test -e $slapd_path/cn=config/cn=module{0}.ldif",
[664]82        returns => [0,80],
[726]83        notify  => Exec["ejecutaConsumerSync"],
84        before  => [ Exec["ejecutaConsumerSync"]  ],
[664]85    }
86    exec { "ejecutaConsumerSync":
87        command => "$ldap_add /etc/ldap/consumer-sync.ldif",
88        unless => "/bin/grep -q 'olcModuleLoad: {1}syncprov' $slapd_path/cn=config/cn=module{0}.ldif",
89        returns => [0,80],
90    }
[655]91
[651]92}
93
[446]94class openldap::server::slave {
95
96  debug ("configuring openldap::server::slave with dn '$ldap_base'")
97
98  package {"slapd":
99    ensure        => installed,
100    responsefile  => "/var/cache/debconf/slapd.preseed",
101    require       => File["/var/cache/debconf/slapd.preseed"],
102  }
103#  if defined(Package["ldap-utils"]) { } else {
104#    package {"ldap-utils": ensure => present, }
105#  }
106 
107  service {"slapd":
108    ensure  => running,
109    require => Package[slapd],
110  }
111
112#  if ($ldap_ssl_only) {
113#    $line = 'SLAPD_SERVICES="ldaps:///"'
114#  } else {
115    $line = 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
116#  }
117  line {"listen_locally":
118#    line    => 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"',
119    line    => $line,
120    file    => "/etc/default/slapd",
121    ensure  => present,
122    require => Package[slapd],
123    notify  => Service[slapd],
124  }
125
126  file {
127    "/etc/ldap/slapd.conf":
[449]128      content => template("openldap/slapd.conf_slave.erb"),
[446]129      mode    => 0600,
130      owner   => root,
131      group   => root;
132    "/var/cache/debconf/slapd.preseed":
133      content => template("openldap/slapd.preseed.erb"),
134      mode    => 0600,
135      owner   => root,
136      group   => root;
137    "/var/backups/ldap":
138      ensure  => directory,
139      owner   => root,
140      group   => root,
141      mode    => 750;
142  }
[501]143
144  exec{"slap_conf_update":
[503]145      command => "/etc/init.d/slapd stop && /bin/rm -r /etc/ldap/slapd.d/ &&  /bin/mkdir /etc/ldap/slapd.d && /usr/sbin/slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ && /bin/chown -R openldap:openldap /etc/ldap/slapd.d/  && /bin/chmod -R o-rwx  /etc/ldap/slapd.d/ && /etc/init.d/slapd start",
[501]146      refreshonly => true,
147      subscribe => File["/etc/ldap/slapd.conf"],
[502]148      require => [Package[slapd], File["/etc/ldap/slapd.conf"]],
[501]149  }
150
[446]151 
152  file {
153    "/etc/ldap/schema":
154      ensure => directory,
[506]155      mode   => 644,
[446]156      owner  => root,
157      group  => root,
[506]158      source  => "puppet:///openldap/etc/ldap/schema/",
159      recurse => "true",
[446]160      require => Package[slapd];
161  }
162
163  cron {"ldap-backup":
164    command => "/usr/local/sbin/ldap-backup.sh",
165    user    => "root",
166    hour    => 2,
167    minute  => 0,
168    require => File["/var/backups/ldap"],
169  }
170}
Note: See TracBrowser for help on using the repository browser.