source: trunk/puppet/modules/puppet-openldap/manifests/classes/server-slave.pp @ 655

Last change on this file since 655 was 655, checked in by josx@…, 12 years ago

Agregando soporte para ejectutar con ldapadd

File size: 4.5 KB
Line 
1# copyright <sebas @ koumbit.org>
2# copyright <josx @ interorganic.com.ar >
3# Licence: GPL
4
5
6class openldap::server::slave::dev {
7
8# TODO
9# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
10# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
11# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/rfc2307bis.ldif
12# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/evolutionperson.ldif
13# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/mozillaabpersonalpha.ldif
14# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/consumer-init.ldif
15# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/consumer-sync.ldif
16
17    define exec_ldap_files($archivos) {
18        exec_ldap_file { $archivos: archivo => $name }
19    }
20
21    define exec_ldap_file($archivo) {
22        $ldap_add = "ldapadd -Y EXTERNAL -H ldapi:/// -f"
23        file { "${archivo}/$name" : ensure => present }
24        exec { "ejecuta$name": command => "$ldap_add $archivo/$name"}
25    }
26
27    package { [
28       "slapd",
29       "ldap-utils"
30       ]: ensure => installed
31    }
32
33    service { "slapd":
34        enable    => true,
35        ensure    => running,
36        subscribe => [ Package["slapd"] ],
37    }
38
39    file {
40        "/etc/ldap/schema":
41         ensure => directory,
42         mode   => 644,
43         owner  => root,
44         group  => root,
45         source  => "puppet:///openldap/etc/ldap/schema/",
46         recurse => "true",
47         require => Package[slapd];
48        "/var/backups/ldap":
49         ensure  => directory,
50         owner   => root,
51         group   => root,
52         mode    => 750,
53         before  => Exec_ldap_file["/etc/ldap/schemas"];
54    }
55
56    file {
57        "/etc/ldap/consumer-init.ldif":
58         content => template("openldap/consumer-init.ldif.erb"),
59         mode    => 0600,
60         owner   => root,
61         group   => root;
62        "/etc/ldap/consumer-sync.ldif":
63         content => template("openldap/consumer-sync.ldif.erb"),
64         mode    => 0600,
65         owner   => root,
66         group   => root,
67         before  => Exec_ldap_file["/etc/ldap"];
68    }
69
70    exec_ldap_files { "/etc/ldap/schemas":
71                        archivos => [ "cosine.ldif", "inetorgperson.ldif", "rfc2307bis.ldif", "evolutionperson.ldif" ]
72    }
73
74    exec_ldap_files { "/etc/ldap":
75                        archivos => [ "consumer-init.ldif", "consumer-sync.ldif" ]
76    }
77
78
79}
80
81class openldap::server::slave {
82
83  debug ("configuring openldap::server::slave with dn '$ldap_base'")
84
85  package {"slapd":
86    ensure        => installed,
87    responsefile  => "/var/cache/debconf/slapd.preseed",
88    require       => File["/var/cache/debconf/slapd.preseed"],
89  }
90#  if defined(Package["ldap-utils"]) { } else {
91#    package {"ldap-utils": ensure => present, }
92#  }
93 
94  service {"slapd":
95    ensure  => running,
96    require => Package[slapd],
97  }
98
99#  if ($ldap_ssl_only) {
100#    $line = 'SLAPD_SERVICES="ldaps:///"'
101#  } else {
102    $line = 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
103#  }
104  line {"listen_locally":
105#    line    => 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"',
106    line    => $line,
107    file    => "/etc/default/slapd",
108    ensure  => present,
109    require => Package[slapd],
110    notify  => Service[slapd],
111  }
112
113  file {
114    "/etc/ldap/slapd.conf":
115      content => template("openldap/slapd.conf_slave.erb"),
116      mode    => 0600,
117      owner   => root,
118      group   => root;
119    "/var/cache/debconf/slapd.preseed":
120      content => template("openldap/slapd.preseed.erb"),
121      mode    => 0600,
122      owner   => root,
123      group   => root;
124    "/var/backups/ldap":
125      ensure  => directory,
126      owner   => root,
127      group   => root,
128      mode    => 750;
129  }
130
131  exec{"slap_conf_update":
132      command => "/etc/init.d/slapd stop && /bin/rm -r /etc/ldap/slapd.d/ &&  /bin/mkdir /etc/ldap/slapd.d && /usr/sbin/slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ && /bin/chown -R openldap:openldap /etc/ldap/slapd.d/  && /bin/chmod -R o-rwx  /etc/ldap/slapd.d/ && /etc/init.d/slapd start",
133      refreshonly => true,
134      subscribe => File["/etc/ldap/slapd.conf"],
135      require => [Package[slapd], File["/etc/ldap/slapd.conf"]],
136  }
137
138 
139  file {
140    "/etc/ldap/schema":
141      ensure => directory,
142      mode   => 644,
143      owner  => root,
144      group  => root,
145      source  => "puppet:///openldap/etc/ldap/schema/",
146      recurse => "true",
147      require => Package[slapd];
148  }
149
150  cron {"ldap-backup":
151    command => "/usr/local/sbin/ldap-backup.sh",
152    user    => "root",
153    hour    => 2,
154    minute  => 0,
155    require => File["/var/backups/ldap"],
156  }
157}
Note: See TracBrowser for help on using the repository browser.