Cann add consumers now, but it still very basic
This commit is contained in:
parent
65aef8b924
commit
c774aeb47e
|
@ -6,3 +6,12 @@ Facter.add('ads_instances') do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
Facter.add('ads_syncrepls') do
|
||||||
|
setcode do
|
||||||
|
Dir.glob('/opt/plnxtools/ads/*.syncrepl').map do |x|
|
||||||
|
content = File.read(x)
|
||||||
|
File.basename(x,File.extname(x))
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
|
@ -148,8 +148,105 @@ define plnxtools::apacheds::instance(
|
||||||
|
|
||||||
define plnxtools::apacheds::syncrepl(
|
define plnxtools::apacheds::syncrepl(
|
||||||
$parition,
|
$parition,
|
||||||
$consumer_id,
|
$consumerid,
|
||||||
|
$ldap_password,
|
||||||
|
$ldap_port = 389,
|
||||||
|
|
||||||
|
$provider_port = 10389
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
|
$params = "\
|
||||||
|
ads-replSearchTimeOut: 0
|
||||||
|
ads-replSearchScope: sub
|
||||||
|
ads-searchBaseDN: dc=example,dc=com
|
||||||
|
ads-replProvHostName: localhost
|
||||||
|
ads-replStrictCertValidation: FALSE
|
||||||
|
ads-replRefreshNPersist: TRUE
|
||||||
|
ads-replUseTls: FALSE
|
||||||
|
ads-replUserDn: uid=admin,ou=system
|
||||||
|
ads-replProvPort: $provider_port
|
||||||
|
ads-replRefreshInterval: 60000
|
||||||
|
ads-enabled: TRUE
|
||||||
|
ads-replConsumerId: consumer1
|
||||||
|
ads-replUserPassword: secret
|
||||||
|
ads-replSearchSizeLimit: 0
|
||||||
|
ads-replAttributes: *
|
||||||
|
ads-replSearchFilter: (objectClass=*)
|
||||||
|
ads-replAliasDerefMode: never
|
||||||
|
objectClass: top
|
||||||
|
objectClass: ads-base
|
||||||
|
objectClass: ads-replConsumer
|
||||||
|
|
||||||
|
"
|
||||||
|
$del_params = "\
|
||||||
|
dn: ads-replConsumerId=${$title},ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
|
||||||
|
changetype: delete
|
||||||
|
|
||||||
|
"
|
||||||
|
$add_params = "\
|
||||||
|
dn: ads-replConsumerId=${$title},ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
|
||||||
|
changetype: add
|
||||||
|
$params
|
||||||
|
|
||||||
|
"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
file {"/tmp/$title-add":
|
||||||
|
ensure => file,
|
||||||
|
content => $add_params
|
||||||
|
}
|
||||||
|
file {"/tmp/$title-del":
|
||||||
|
ensure => file,
|
||||||
|
content => $del_params
|
||||||
|
}
|
||||||
|
|
||||||
|
exec {"get_ldap$title":
|
||||||
|
command => "\
|
||||||
|
/usr/local/bin/ldapsearch -LLL -h localhost -p 389 -D uid=admin,ou=system -w $ldap_password \
|
||||||
|
-b ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config ads-replConsumerId=$title > /tmp/syncrepl-$title"
|
||||||
|
}
|
||||||
|
|
||||||
|
$dnp="\
|
||||||
|
dn: ads-replConsumerId=$title,ou=replConsumers,ads-serverId=ldapServer,ou=s
|
||||||
|
ervers,ads-directoryServiceId=default,ou=config
|
||||||
|
"
|
||||||
|
|
||||||
|
file {"/tmp/syncrepl-$title":
|
||||||
|
ensure => file,
|
||||||
|
content => "$dnp$params",
|
||||||
|
require => Exec["get_ldap$title"]
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
$mps = $facts['ads_syncrepls']
|
||||||
|
$ldapmodify = "/usr/local/bin/ldapmodify"
|
||||||
|
|
||||||
|
if $title in $mps {
|
||||||
|
exec{"syscrepl_del_$title":
|
||||||
|
command => "$ldapmodify -c -h localhost -p $ldap_port -D uid=admin,ou=system -w $ldap_password -f /tmp/$title-del",
|
||||||
|
refreshonly=>true,
|
||||||
|
subscribe => File["/tmp/syncrepl-$title"]
|
||||||
|
} ->
|
||||||
|
exec{"syscrepl_exec_$title":
|
||||||
|
command => "$ldapmodify -c -h localhost -p $ldap_port -D uid=admin,ou=system -w $ldap_password -f /tmp/$title-add",
|
||||||
|
refreshonly=>true,
|
||||||
|
subscribe => File["/tmp/syncrepl-$title"]
|
||||||
|
} ->
|
||||||
|
file {"/opt/plnxtools/ads/$title.syncrepl":
|
||||||
|
ensure => file
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
|
||||||
|
exec{"syscrepl_exec_$title":
|
||||||
|
command => "$ldapmodify -c -h localhost -p $ldap_port -D uid=admin,ou=system -w $ldap_password -f /tmp/$title-add",
|
||||||
|
refreshonly=>true,
|
||||||
|
subscribe => File["/tmp/syncrepl-$title"]
|
||||||
|
} ->
|
||||||
|
file {"/opt/plnxtools/ads/$title.syncrepl":
|
||||||
|
ensure => file
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue