From c774aeb47e239103793fbb558b855c7551ca3333 Mon Sep 17 00:00:00 2001
From: 7u83 <7u83@mail.ru>
Date: Sat, 25 Jul 2020 19:49:16 +0000
Subject: [PATCH] Cann add consumers now, but it still very basic

---
 lib/facter/plnxtools_ads_instances.rb |  9 +++
 manifests/apacheds.pp                 | 99 ++++++++++++++++++++++++++-
 2 files changed, 107 insertions(+), 1 deletion(-)

diff --git a/lib/facter/plnxtools_ads_instances.rb b/lib/facter/plnxtools_ads_instances.rb
index 3058d56..b774e8a 100644
--- a/lib/facter/plnxtools_ads_instances.rb
+++ b/lib/facter/plnxtools_ads_instances.rb
@@ -6,3 +6,12 @@ Facter.add('ads_instances') do
     end
   end
 end
+
+Facter.add('ads_syncrepls') do
+  setcode do 
+    Dir.glob('/opt/plnxtools/ads/*.syncrepl').map do |x|
+      content = File.read(x)
+      File.basename(x,File.extname(x))
+    end
+  end
+end
diff --git a/manifests/apacheds.pp b/manifests/apacheds.pp
index c71b766..c4d0270 100644
--- a/manifests/apacheds.pp
+++ b/manifests/apacheds.pp
@@ -148,8 +148,105 @@ define plnxtools::apacheds::instance(
 
 define plnxtools::apacheds::syncrepl(
 	$parition,
-	$consumer_id,
+	$consumerid,
+	$ldap_password,
+	$ldap_port = 389,
+
+	$provider_port = 10389
 )
 {
+	$params = "\
+ads-replSearchTimeOut: 0
+ads-replSearchScope: sub
+ads-searchBaseDN: dc=example,dc=com
+ads-replProvHostName: localhost
+ads-replStrictCertValidation: FALSE
+ads-replRefreshNPersist: TRUE
+ads-replUseTls: FALSE
+ads-replUserDn: uid=admin,ou=system
+ads-replProvPort: $provider_port
+ads-replRefreshInterval: 60000
+ads-enabled: TRUE
+ads-replConsumerId: consumer1
+ads-replUserPassword: secret
+ads-replSearchSizeLimit: 0
+ads-replAttributes: *
+ads-replSearchFilter: (objectClass=*)
+ads-replAliasDerefMode: never
+objectClass: top
+objectClass: ads-base
+objectClass: ads-replConsumer
+
+"
+	$del_params = "\
+dn: ads-replConsumerId=${$title},ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+changetype: delete
+
+"
+	$add_params = "\
+dn: ads-replConsumerId=${$title},ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
+changetype: add
+$params
+
+"
+
+
+
+	file {"/tmp/$title-add":
+		ensure => file,
+		content => $add_params
+	}
+	file {"/tmp/$title-del":
+		ensure => file,
+		content => $del_params
+	}
+
+	exec {"get_ldap$title":
+		command => "\
+/usr/local/bin/ldapsearch -LLL -h localhost -p 389 -D uid=admin,ou=system -w $ldap_password \
+-b ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config ads-replConsumerId=$title > /tmp/syncrepl-$title"
+	}
+
+$dnp="\
+dn: ads-replConsumerId=$title,ou=replConsumers,ads-serverId=ldapServer,ou=s
+ ervers,ads-directoryServiceId=default,ou=config
+"
+
+	file {"/tmp/syncrepl-$title":
+		ensure => file,
+		content => "$dnp$params",
+		require => Exec["get_ldap$title"]
+	} 
 	
+
+
+	$mps = $facts['ads_syncrepls']
+	$ldapmodify = "/usr/local/bin/ldapmodify"
+
+	if $title in $mps {
+		exec{"syscrepl_del_$title":
+			command => "$ldapmodify -c -h localhost -p $ldap_port -D uid=admin,ou=system -w $ldap_password -f /tmp/$title-del",
+			refreshonly=>true,
+			subscribe => File["/tmp/syncrepl-$title"]
+		} ->
+		exec{"syscrepl_exec_$title":
+			command => "$ldapmodify -c -h localhost -p $ldap_port -D uid=admin,ou=system -w $ldap_password -f /tmp/$title-add",
+			refreshonly=>true,
+			subscribe => File["/tmp/syncrepl-$title"]
+		} -> 
+		file {"/opt/plnxtools/ads/$title.syncrepl":
+			ensure => file
+		}
+	} else {
+
+		exec{"syscrepl_exec_$title":
+			command => "$ldapmodify -c -h localhost -p $ldap_port -D uid=admin,ou=system -w $ldap_password -f /tmp/$title-add",
+			refreshonly=>true,
+			subscribe => File["/tmp/syncrepl-$title"]
+		} -> 
+		file {"/opt/plnxtools/ads/$title.syncrepl":
+			ensure => file
+		}
+		
+	}		
 }