source: trunk/puppet/modules/puppet-openldap/manifests/classes/server-slave.pp @ 661

Last change on this file since 661 was 661, checked in by sebas@…, 13 years ago

agrego el schema mozilla y la condicion para no se ejecuta siempre

File size: 4.8 KB
Line 
1# copyright <sebas @ koumbit.org>
2# copyright <josx @ interorganic.com.ar >
3# Licence: GPL
4
5
6class openldap::server::slave::dev {
7
8# TODO
9# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
10# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
11# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/rfc2307bis.ldif
12# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/evolutionperson.ldif
13# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/mozillaabpersonalpha.ldif
14# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/consumer-init.ldif
15# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/consumer-sync.ldif
16
17    define exec_ldap_files($archivos) {
18        exec_ldap_file { $archivos: archivo => $name }
19    }
20
21    define exec_ldap_file($archivo) {
22        $ldap_add = "/usr/bin/ldapadd -Y EXTERNAL -H ldapi:/// -f"
23        file { "${archivo}/$name" : ensure => present }
24        exec { "ejecuta$name":
25            command => "$ldap_add $archivo/$name",
26            unless => "/usr/bin/test -e /etc/ldap/slapd.d/cn=config/cn=schema/cn={*}$name",
27            returns => [0,80],
28       }
29    }
30
31    package { [
32       "slapd",
33       "ldap-utils"
34       ]: ensure => installed
35    }
36
37    service { "slapd":
38        enable    => true,
39        ensure    => running,
40        subscribe => [ Package["slapd"] ],
41    }
42
43    file {
44        "/etc/ldap/schema":
45         ensure => directory,
46         mode   => 644,
47         owner  => root,
48         group  => root,
49         source  => "puppet:///openldap/etc/ldap/schema/",
50         recurse => "true",
51         before  => Exec_ldap_files["/etc/ldap/schema"],
52         require => Package[slapd];
53        "/var/backups/ldap":
54         ensure  => directory,
55         owner   => root,
56         group   => root,
57         mode    => 750;
58#         before  => Exec_ldap_file["/etc/ldap/schema"];
59    }
60
61    file {
62        "/etc/ldap/consumer-init.ldif":
63         content => template("openldap/consumer-init.ldif.erb"),
64         mode    => 0600,
65         owner   => root,
66         group   => root;
67#         before  => Exec_ldap_files["/etc/ldap"];
68        "/etc/ldap/consumer-sync.ldif":
69         content => template("openldap/consumer-sync.ldif.erb"),
70         mode    => 0600,
71         owner   => root,
72         group   => root;
73#         before  => Exec_ldap_files["/etc/ldap"];
74    }
75
76    exec_ldap_files { "/etc/ldap/schema":
77         archivos => [ "cosine.ldif", "inetorgperson.ldif", "rfc2307bis.ldif", "evolutionperson.ldif", "mozillaabpersonalpha.ldif" ]
78    }
79
80#    exec_ldap_files { "/etc/ldap":
81#                        archivos => [ "consumer-init.ldif", "consumer-sync.ldif" ]
82#    }
83
84
85}
86
87class openldap::server::slave {
88
89  debug ("configuring openldap::server::slave with dn '$ldap_base'")
90
91  package {"slapd":
92    ensure        => installed,
93    responsefile  => "/var/cache/debconf/slapd.preseed",
94    require       => File["/var/cache/debconf/slapd.preseed"],
95  }
96#  if defined(Package["ldap-utils"]) { } else {
97#    package {"ldap-utils": ensure => present, }
98#  }
99 
100  service {"slapd":
101    ensure  => running,
102    require => Package[slapd],
103  }
104
105#  if ($ldap_ssl_only) {
106#    $line = 'SLAPD_SERVICES="ldaps:///"'
107#  } else {
108    $line = 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
109#  }
110  line {"listen_locally":
111#    line    => 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"',
112    line    => $line,
113    file    => "/etc/default/slapd",
114    ensure  => present,
115    require => Package[slapd],
116    notify  => Service[slapd],
117  }
118
119  file {
120    "/etc/ldap/slapd.conf":
121      content => template("openldap/slapd.conf_slave.erb"),
122      mode    => 0600,
123      owner   => root,
124      group   => root;
125    "/var/cache/debconf/slapd.preseed":
126      content => template("openldap/slapd.preseed.erb"),
127      mode    => 0600,
128      owner   => root,
129      group   => root;
130    "/var/backups/ldap":
131      ensure  => directory,
132      owner   => root,
133      group   => root,
134      mode    => 750;
135  }
136
137  exec{"slap_conf_update":
138      command => "/etc/init.d/slapd stop && /bin/rm -r /etc/ldap/slapd.d/ &&  /bin/mkdir /etc/ldap/slapd.d && /usr/sbin/slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ && /bin/chown -R openldap:openldap /etc/ldap/slapd.d/  && /bin/chmod -R o-rwx  /etc/ldap/slapd.d/ && /etc/init.d/slapd start",
139      refreshonly => true,
140      subscribe => File["/etc/ldap/slapd.conf"],
141      require => [Package[slapd], File["/etc/ldap/slapd.conf"]],
142  }
143
144 
145  file {
146    "/etc/ldap/schema":
147      ensure => directory,
148      mode   => 644,
149      owner  => root,
150      group  => root,
151      source  => "puppet:///openldap/etc/ldap/schema/",
152      recurse => "true",
153      require => Package[slapd];
154  }
155
156  cron {"ldap-backup":
157    command => "/usr/local/sbin/ldap-backup.sh",
158    user    => "root",
159    hour    => 2,
160    minute  => 0,
161    require => File["/var/backups/ldap"],
162  }
163}
Note: See TracBrowser for help on using the repository browser.