inrin/cdist
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

[new-type] __openldap_server: Add a "schema" optional parameter.

Browse source
This commit is contained in:
evilham 2019-12-09 19:39:43 +01:00
commit fd430eab62
4 changed files with 31 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

7
cdist/conf/type/__openldap_server/man.rst
View file

@ -74,6 +74,13 @@ module
LDAP module to load. See `slapd.conf(5)`. LDAP module to load. See `slapd.conf(5)`.
Default value is OS-dependent, see manifest. Default value is OS-dependent, see manifest.
schema
Name of LDAP schema to load. Must be the name without extension of a
`.schema` file in slapd's schema directory (usually `/etc/slapd/schema` or
`/usr/local/etc/openldap/schema`).
Example value: `inetorgperson`
The type user must ensure that the schema file is deployed.
This defaults to a sensible subset, for details see the type definition.
BOOLEAN PARAMETERS BOOLEAN PARAMETERS
------------------ ------------------

23
cdist/conf/type/__openldap_server/manifest
View file

@ -6,6 +6,7 @@ manager_password_hash=$(cat "${__object}/parameter/manager-password-hash")
serverid=$(cat "${__object}/parameter/serverid") serverid=$(cat "${__object}/parameter/serverid")
suffix=$(cat "${__object}/parameter/suffix") suffix=$(cat "${__object}/parameter/suffix")
slapd_modules=$(cat "${__object}/parameter/module" || true) slapd_modules=$(cat "${__object}/parameter/module" || true)
schemas=$(cat "${__object}/parameter/schema")
OS="$(cat "${__global}/explorer/os")" OS="$(cat "${__global}/explorer/os")"
@ -39,7 +40,6 @@ case "${OS}" in
esac esac
# Determine if __letsencrypt_cert is to be used and setup vars accordingly # Determine if __letsencrypt_cert is to be used and setup vars accordingly
if [ -f "${__object}/parameter/tls-cert" ]; then if [ -f "${__object}/parameter/tls-cert" ]; then
tls_cert=$(cat "${__object}/parameter/tls-cert") tls_cert=$(cat "${__object}/parameter/tls-cert")
@ -161,24 +161,15 @@ TLSCACertificateFile ${tls_ca}
disallow bind_anon disallow bind_anon
require bind require bind
security tls=1 security tls=1
include ${SLAPD_DIR}/schema/corba.schema
include ${SLAPD_DIR}/schema/core.schema
include ${SLAPD_DIR}/schema/cosine.schema
include ${SLAPD_DIR}/schema/duaconf.schema
include ${SLAPD_DIR}/schema/dyngroup.schema
include ${SLAPD_DIR}/schema/inetorgperson.schema
include ${SLAPD_DIR}/schema/java.schema
include ${SLAPD_DIR}/schema/misc.schema
include ${SLAPD_DIR}/schema/nis.schema
include ${SLAPD_DIR}/schema/openldap.schema
include ${SLAPD_DIR}/schema/ppolicy.schema
include ${SLAPD_DIR}/schema/collective.schema
modulepath ${SLAPD_MODULE_PATH}
EOF EOF
# Add specified schemas
for schema in ${schemas}; do
echo "include ${SLAPD_DIR}/schema/${schema}.schema" >> "${ldapconf}"
done
# Add specified modules # Add specified modules
echo "modulepath ${SLAPD_MODULE_PATH}" >> "${ldapconf}"
for module in ${slapd_modules}; do for module in ${slapd_modules}; do
echo "moduleload ${module}.la" >> "${ldapconf}" echo "moduleload ${module}.la" >> "${ldapconf}"
done done

12
cdist/conf/type/__openldap_server/parameter/default/schema Normal file
View file

@ -0,0 +1,12 @@
corba
core
cosine
duaconf
dyngroup
inetorgperson
java
misc
nis
openldap
ppolicy
collective

3
cdist/conf/type/__openldap_server/parameter/optional
View file

@ -1,4 +1,5 @@
description
syncrepl-credentials syncrepl-credentials
syncrepl-searchbase syncrepl-searchbase
tls-cert tls-cert
tls-privkey
tls-ca