source: trunk/puppet/modules/puppet-openldap/manifests/classes/server-slave.pp @ 664

Last change on this file since 664 was 664, checked in by josx@…, 14 years ago

Agregando al slapd consumer-init y consumer-sync
File size: 4.6 KB
Line 
1# copyright <sebas @ koumbit.org>
2# copyright <josx @ interorganic.com.ar >
3# Licence: GPL
4
5
6class openldap::server::slave::dev {
7
8    define exec_ldap_files($archivos) {
9        exec_ldap_file { $archivos: archivo => $name }
10    }
11
12    define exec_ldap_file($archivo) {
13        $test = "/usr/bin/test"
14        $ldap_add = "/usr/bin/ldapadd -Y EXTERNAL -H ldapi:/// -f"
15        $slapd_path =  "/etc/ldap/slapd.d"
16        $unless = "$test -e $slapd_path/cn=config/cn=schema/cn={*}$name"
17
18        file { "${archivo}/$name" : ensure => present }
19        exec { "ejecuta$name":
20            command => "$ldap_add $archivo/$name",
21            unless => $unless,
22            returns => [0,80],
23       }
24    }
25
26    package { [
27       "slapd",
28       "ldap-utils"
29       ]: ensure => installed
30    }
31
32    service { "slapd":
33        enable    => true,
34        ensure    => running,
35        subscribe => [ Package["slapd"] ],
36    }
37
38    file {
39        "/etc/ldap/schema":
40         ensure => directory,
41         mode   => 644,
42         owner  => root,
43         group  => root,
44         source  => "puppet:///openldap/etc/ldap/schema/",
45         recurse => "true",
46         before  => Exec_ldap_files["/etc/ldap/schema"],
47         require => Package[slapd];
48        "/var/backups/ldap":
49         ensure  => directory,
50         owner   => root,
51         group   => root,
52         mode    => 750;
53    }
54
55    file {
56        "/etc/ldap/consumer-init.ldif":
57         content => template("openldap/consumer-init.ldif.erb"),
58         mode    => 0600,
59         owner   => root,
60         group   => root;
61        "/etc/ldap/consumer-sync.ldif":
62         content => template("openldap/consumer-sync.ldif.erb"),
63         mode    => 0600,
64         owner   => root,
65         group   => root;
66    }
67
68    exec_ldap_files { "/etc/ldap/schema":
69        archivos => [ "cosine.ldif", "inetorgperson.ldif", "rfc2307bis.ldif", "evolutionperson.ldif", "mozillaabpersonalpha.ldif" ],
70    }
71
72    $test = "/usr/bin/test"
73    $ldap_add = "/usr/bin/ldapadd -Y EXTERNAL -H ldapi:/// -f"
74    $slapd_path =  "/etc/ldap/slapd.d"
75    exec { "ejecutaConsumerInit":
76        command => "$ldap_add /etc/ldap/consumer-init.ldif",
77        unless => "$test -e $slapd_path/cn=config/cn=module{0}.ldif",
78        returns => [0,80],
79    }
80    exec { "ejecutaConsumerSync":
81        command => "$ldap_add /etc/ldap/consumer-sync.ldif",
82        unless => "/bin/grep -q 'olcModuleLoad: {1}syncprov' $slapd_path/cn=config/cn=module{0}.ldif",
83        returns => [0,80],
84    }
85
86}
87
88class openldap::server::slave {
89
90  debug ("configuring openldap::server::slave with dn '$ldap_base'")
91
92  package {"slapd":
93    ensure        => installed,
94    responsefile  => "/var/cache/debconf/slapd.preseed",
95    require       => File["/var/cache/debconf/slapd.preseed"],
96  }
97#  if defined(Package["ldap-utils"]) { } else {
98#    package {"ldap-utils": ensure => present, }
99#  }
100 
101  service {"slapd":
102    ensure  => running,
103    require => Package[slapd],
104  }
105
106#  if ($ldap_ssl_only) {
107#    $line = 'SLAPD_SERVICES="ldaps:///"'
108#  } else {
109    $line = 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
110#  }
111  line {"listen_locally":
112#    line    => 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"',
113    line    => $line,
114    file    => "/etc/default/slapd",
115    ensure  => present,
116    require => Package[slapd],
117    notify  => Service[slapd],
118  }
119
120  file {
121    "/etc/ldap/slapd.conf":
122      content => template("openldap/slapd.conf_slave.erb"),
123      mode    => 0600,
124      owner   => root,
125      group   => root;
126    "/var/cache/debconf/slapd.preseed":
127      content => template("openldap/slapd.preseed.erb"),
128      mode    => 0600,
129      owner   => root,
130      group   => root;
131    "/var/backups/ldap":
132      ensure  => directory,
133      owner   => root,
134      group   => root,
135      mode    => 750;
136  }
137
138  exec{"slap_conf_update":
139      command => "/etc/init.d/slapd stop && /bin/rm -r /etc/ldap/slapd.d/ &&  /bin/mkdir /etc/ldap/slapd.d && /usr/sbin/slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ && /bin/chown -R openldap:openldap /etc/ldap/slapd.d/  && /bin/chmod -R o-rwx  /etc/ldap/slapd.d/ && /etc/init.d/slapd start",
140      refreshonly => true,
141      subscribe => File["/etc/ldap/slapd.conf"],
142      require => [Package[slapd], File["/etc/ldap/slapd.conf"]],
143  }
144
145 
146  file {
147    "/etc/ldap/schema":
148      ensure => directory,
149      mode   => 644,
150      owner  => root,
151      group  => root,
152      source  => "puppet:///openldap/etc/ldap/schema/",
153      recurse => "true",
154      require => Package[slapd];
155  }
156
157  cron {"ldap-backup":
158    command => "/usr/local/sbin/ldap-backup.sh",
159    user    => "root",
160    hour    => 2,
161    minute  => 0,
162    require => File["/var/backups/ldap"],
163  }
164}
Note: See TracBrowser for help on using the repository browser.