1 | class openldap::server { |
---|
2 | |
---|
3 | debug ("configuring openldap::server with dn '$ldap_base'") |
---|
4 | |
---|
5 | package {"slapd": |
---|
6 | ensure => installed, |
---|
7 | responsefile => "/var/cache/debconf/slapd.preseed", |
---|
8 | require => File["/var/cache/debconf/slapd.preseed"], |
---|
9 | } |
---|
10 | if defined(Package["ldap-utils"]) { } else { |
---|
11 | package {"ldap-utils": ensure => present, } |
---|
12 | } |
---|
13 | |
---|
14 | service {"slapd": |
---|
15 | ensure => running, |
---|
16 | require => Package[slapd], |
---|
17 | } |
---|
18 | |
---|
19 | if ($ldap_ssl_only) { |
---|
20 | $line = 'SLAPD_SERVICES="ldaps:///"' |
---|
21 | } else { |
---|
22 | $line = 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"' |
---|
23 | } |
---|
24 | line {"listen_locally": |
---|
25 | # line => 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"', |
---|
26 | line => $line, |
---|
27 | file => "/etc/default/slapd", |
---|
28 | ensure => present, |
---|
29 | require => Package[slapd], |
---|
30 | notify => Service[slapd], |
---|
31 | } |
---|
32 | |
---|
33 | file { |
---|
34 | "/var/cache/debconf/slapd.preseed": |
---|
35 | content => template("openldap/slapd.preseed.erb"), |
---|
36 | mode => 0600, |
---|
37 | owner => root, |
---|
38 | group => root; |
---|
39 | "/usr/local/sbin/ldap-backup.sh": |
---|
40 | ensure => present, |
---|
41 | owner => root, |
---|
42 | group => root, |
---|
43 | mode => 755, |
---|
44 | source => "puppet:///openldap/usr/local/sbin/ldap-backup.sh"; |
---|
45 | "/var/backups/ldap": |
---|
46 | ensure => directory, |
---|
47 | owner => root, |
---|
48 | group => root, |
---|
49 | mode => 750; |
---|
50 | } |
---|
51 | |
---|
52 | file { |
---|
53 | "/etc/ldap/schema": |
---|
54 | ensure => directory, |
---|
55 | mode => 755, |
---|
56 | owner => root, |
---|
57 | group => root, |
---|
58 | require => Package[slapd]; |
---|
59 | "/etc/ldap/schema/authldap.schema": |
---|
60 | ensure => present, |
---|
61 | mode => 644, |
---|
62 | owner => root, |
---|
63 | group => root, |
---|
64 | source => "puppet:///openldap/etc/ldap/schema/authldap.schema", |
---|
65 | require => File["/etc/ldap/schema"]; |
---|
66 | } |
---|
67 | |
---|
68 | cron {"ldap-backup": |
---|
69 | command => "/usr/local/sbin/ldap-backup.sh", |
---|
70 | user => "root", |
---|
71 | hour => 2, |
---|
72 | minute => 0, |
---|
73 | require => File["/var/backups/ldap"], |
---|
74 | } |
---|
75 | } |
---|