source: trunk/puppet/modules/puppet-openldap/manifests/classes/server-slave.pp @ 665

Last change on this file since 665 was 665, checked in by josx@…, 12 years ago

Ordenando el codigo

File size: 4.6 KB
Line 
1# copyright <sebas @ koumbit.org>
2# copyright <josx @ interorganic.com.ar >
3# Licence: GPL
4
5
6class openldap::server::slave::dev {
7
8    package { [
9       "slapd",
10       "ldap-utils"
11       ]: ensure => installed
12    }
13
14    service { "slapd":
15        enable    => true,
16        ensure    => running,
17        subscribe => [ Package["slapd"] ],
18    }
19
20    file {
21        "/etc/ldap/schema":
22         ensure => directory,
23         mode   => 644,
24         owner  => root,
25         group  => root,
26         source  => "puppet:///openldap/etc/ldap/schema/",
27         recurse => "true",
28         before  => Exec_ldap_files["/etc/ldap/schema"],
29         require => Package[slapd];
30        "/var/backups/ldap":
31         ensure  => directory,
32         owner   => root,
33         group   => root,
34         mode    => 750;
35    }
36
37    file {
38        "/etc/ldap/consumer-init.ldif":
39         content => template("openldap/consumer-init.ldif.erb"),
40         mode    => 0600,
41         owner   => root,
42         group   => root;
43        "/etc/ldap/consumer-sync.ldif":
44         content => template("openldap/consumer-sync.ldif.erb"),
45         mode    => 0600,
46         owner   => root,
47         group   => root;
48    }
49
50
51    define exec_ldap_files($archivos) {
52        exec_ldap_file { $archivos: archivo => $name }
53    }
54
55    define exec_ldap_file($archivo) {
56        $test = "/usr/bin/test"
57        $ldap_add = "/usr/bin/ldapadd -Y EXTERNAL -H ldapi:/// -f"
58        $slapd_path =  "/etc/ldap/slapd.d"
59        $unless = "$test -e $slapd_path/cn=config/cn=schema/cn={*}$name"
60
61        file { "${archivo}/$name" : ensure => present }
62        exec { "ejecuta$name":
63            command => "$ldap_add $archivo/$name",
64            unless => $unless,
65            returns => [0,80],
66       }
67    }
68
69    exec_ldap_files { "/etc/ldap/schema":
70        archivos => [ "cosine.ldif", "inetorgperson.ldif", "rfc2307bis.ldif", "evolutionperson.ldif", "mozillaabpersonalpha.ldif" ],
71    }
72
73    $test = "/usr/bin/test"
74    $ldap_add = "/usr/bin/ldapadd -Y EXTERNAL -H ldapi:/// -f"
75    $slapd_path =  "/etc/ldap/slapd.d"
76    exec { "ejecutaConsumerInit":
77        command => "$ldap_add /etc/ldap/consumer-init.ldif",
78        unless => "$test -e $slapd_path/cn=config/cn=module{0}.ldif",
79        returns => [0,80],
80    }
81    exec { "ejecutaConsumerSync":
82        command => "$ldap_add /etc/ldap/consumer-sync.ldif",
83        unless => "/bin/grep -q 'olcModuleLoad: {1}syncprov' $slapd_path/cn=config/cn=module{0}.ldif",
84        returns => [0,80],
85    }
86
87}
88
89class openldap::server::slave {
90
91  debug ("configuring openldap::server::slave with dn '$ldap_base'")
92
93  package {"slapd":
94    ensure        => installed,
95    responsefile  => "/var/cache/debconf/slapd.preseed",
96    require       => File["/var/cache/debconf/slapd.preseed"],
97  }
98#  if defined(Package["ldap-utils"]) { } else {
99#    package {"ldap-utils": ensure => present, }
100#  }
101 
102  service {"slapd":
103    ensure  => running,
104    require => Package[slapd],
105  }
106
107#  if ($ldap_ssl_only) {
108#    $line = 'SLAPD_SERVICES="ldaps:///"'
109#  } else {
110    $line = 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
111#  }
112  line {"listen_locally":
113#    line    => 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"',
114    line    => $line,
115    file    => "/etc/default/slapd",
116    ensure  => present,
117    require => Package[slapd],
118    notify  => Service[slapd],
119  }
120
121  file {
122    "/etc/ldap/slapd.conf":
123      content => template("openldap/slapd.conf_slave.erb"),
124      mode    => 0600,
125      owner   => root,
126      group   => root;
127    "/var/cache/debconf/slapd.preseed":
128      content => template("openldap/slapd.preseed.erb"),
129      mode    => 0600,
130      owner   => root,
131      group   => root;
132    "/var/backups/ldap":
133      ensure  => directory,
134      owner   => root,
135      group   => root,
136      mode    => 750;
137  }
138
139  exec{"slap_conf_update":
140      command => "/etc/init.d/slapd stop && /bin/rm -r /etc/ldap/slapd.d/ &&  /bin/mkdir /etc/ldap/slapd.d && /usr/sbin/slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ && /bin/chown -R openldap:openldap /etc/ldap/slapd.d/  && /bin/chmod -R o-rwx  /etc/ldap/slapd.d/ && /etc/init.d/slapd start",
141      refreshonly => true,
142      subscribe => File["/etc/ldap/slapd.conf"],
143      require => [Package[slapd], File["/etc/ldap/slapd.conf"]],
144  }
145
146 
147  file {
148    "/etc/ldap/schema":
149      ensure => directory,
150      mode   => 644,
151      owner  => root,
152      group  => root,
153      source  => "puppet:///openldap/etc/ldap/schema/",
154      recurse => "true",
155      require => Package[slapd];
156  }
157
158  cron {"ldap-backup":
159    command => "/usr/local/sbin/ldap-backup.sh",
160    user    => "root",
161    hour    => 2,
162    minute  => 0,
163    require => File["/var/backups/ldap"],
164  }
165}
Note: See TracBrowser for help on using the repository browser.