-
-
Notifications
You must be signed in to change notification settings - Fork 133
/
slapdconf.pp
60 lines (54 loc) · 1.67 KB
/
slapdconf.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# See README.md for details.
class openldap::server::slapdconf {
if ! defined(Class['openldap::server']) {
fail 'class ::openldap::server has not been evaluated'
}
case $::openldap::server::provider {
'augeas': {
file { $::openldap::server::conffile:
ensure => file,
owner => $::openldap::server::owner,
group => $::openldap::server::group,
mode => '0640',
}
}
'olc': {
file { $::openldap::server::confdir:
ensure => directory,
owner => $::openldap::server::owner,
group => $::openldap::server::group,
mode => '0750',
force => true,
}
}
default: {
fail 'provider must be one of "olc" or "augeas"'
}
}
if $::openldap::server::ssl_cert {
if $::openldap::server::ssl_key {
validate_absolute_path($::openldap::server::ssl_cert)
validate_absolute_path($::openldap::server::ssl_key)
openldap::server::globalconf { 'TLSCertificate':
value => {
'TLSCertificateFile' => $::openldap::server::ssl_cert,
'TLSCertificateKeyFile' => $::openldap::server::ssl_key,
},
}
if $::openldap::server::ssl_ca {
validate_absolute_path($::openldap::server::ssl_ca)
openldap::server::globalconf { 'TLSCACertificateFile':
value => $::openldap::server::ssl_ca,
}
}
} else {
fail 'You must specify a ssl_key'
}
} elsif $::openldap::server::ssl_key {
fail 'You must specify a ssl_cert'
}
openldap::server::database { 'dc=my-domain,dc=com':
ensure => absent,
}
create_resources('openldap::server::database', $::openldap::server::databases)
}