From 056c7c5400e7beeb15de800be6b62661998259ff Mon Sep 17 00:00:00 2001
From: Evilham <cvs@evilham.com>
Date: Sat, 25 Apr 2020 00:12:24 +0200
Subject: [PATCH] [__openldap_server] Support extra config parameter.

This allows the user to, e.g. manually define ACLs, while this type does not
support that.
---
 cdist/conf/type/__openldap_server/man.rst            | 3 +++
 cdist/conf/type/__openldap_server/manifest           | 3 +++
 cdist/conf/type/__openldap_server/parameter/optional | 3 ++-
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/cdist/conf/type/__openldap_server/man.rst b/cdist/conf/type/__openldap_server/man.rst
index d20101d1..fbad21d8 100644
--- a/cdist/conf/type/__openldap_server/man.rst
+++ b/cdist/conf/type/__openldap_server/man.rst
@@ -92,6 +92,9 @@ tls-ca
     Required if `tls-cert` is defined.
     Path in the remote hosts to the PEM-encoded CA certificate file.
 
+extra-config
+    Custom settings to be added in `slapd.conf(5)`.
+
 
 OPTIONAL MULTIPLE PARAMETERS
 ----------------------------
diff --git a/cdist/conf/type/__openldap_server/manifest b/cdist/conf/type/__openldap_server/manifest
index d35603c4..84ba176f 100644
--- a/cdist/conf/type/__openldap_server/manifest
+++ b/cdist/conf/type/__openldap_server/manifest
@@ -9,6 +9,7 @@ slapd_modules=$(cat "${__object}/parameter/module" 2>/dev/null || true)
 schemas=$(cat "${__object}/parameter/schema")
 slapd_urls=$(tr '\n' ' ' < "${__object}/parameter/slapd-url")
 tls_cipher_suite=$(cat "${__object}/parameter/tls-cipher-suite" 2>/dev/null || true)
+extra_config=$(cat "${__object}/parameter/extra-config" || true)
 
 
 os="$(cat "${__global}/explorer/os")"
@@ -231,6 +232,8 @@ index uid,memberUid eq,pres,sub
 index nisMapName,nisMapEntry eq,pres,sub
 index entryCSN,entryUUID eq
 
+${extra_config}
+
 serverid ${serverid}
 EOF
 
diff --git a/cdist/conf/type/__openldap_server/parameter/optional b/cdist/conf/type/__openldap_server/parameter/optional
index a92b9c6e..71c64659 100644
--- a/cdist/conf/type/__openldap_server/parameter/optional
+++ b/cdist/conf/type/__openldap_server/parameter/optional
@@ -5,4 +5,5 @@ admin-email
 tls-cipher-suite
 tls-cert
 tls-privkey
-tls-ca
\ No newline at end of file
+tls-ca
+extra-config