Cann add consumers now, but it still very basic
This commit is contained in:
parent
65aef8b924
commit
c774aeb47e
|
@ -6,3 +6,12 @@ Facter.add('ads_instances') do
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
Facter.add('ads_syncrepls') do
|
||||
setcode do
|
||||
Dir.glob('/opt/plnxtools/ads/*.syncrepl').map do |x|
|
||||
content = File.read(x)
|
||||
File.basename(x,File.extname(x))
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -148,8 +148,105 @@ define plnxtools::apacheds::instance(
|
|||
|
||||
define plnxtools::apacheds::syncrepl(
|
||||
$parition,
|
||||
$consumer_id,
|
||||
$consumerid,
|
||||
$ldap_password,
|
||||
$ldap_port = 389,
|
||||
|
||||
$provider_port = 10389
|
||||
)
|
||||
{
|
||||
$params = "\
|
||||
ads-replSearchTimeOut: 0
|
||||
ads-replSearchScope: sub
|
||||
ads-searchBaseDN: dc=example,dc=com
|
||||
ads-replProvHostName: localhost
|
||||
ads-replStrictCertValidation: FALSE
|
||||
ads-replRefreshNPersist: TRUE
|
||||
ads-replUseTls: FALSE
|
||||
ads-replUserDn: uid=admin,ou=system
|
||||
ads-replProvPort: $provider_port
|
||||
ads-replRefreshInterval: 60000
|
||||
ads-enabled: TRUE
|
||||
ads-replConsumerId: consumer1
|
||||
ads-replUserPassword: secret
|
||||
ads-replSearchSizeLimit: 0
|
||||
ads-replAttributes: *
|
||||
ads-replSearchFilter: (objectClass=*)
|
||||
ads-replAliasDerefMode: never
|
||||
objectClass: top
|
||||
objectClass: ads-base
|
||||
objectClass: ads-replConsumer
|
||||
|
||||
"
|
||||
$del_params = "\
|
||||
dn: ads-replConsumerId=${$title},ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
|
||||
changetype: delete
|
||||
|
||||
"
|
||||
$add_params = "\
|
||||
dn: ads-replConsumerId=${$title},ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
|
||||
changetype: add
|
||||
$params
|
||||
|
||||
"
|
||||
|
||||
|
||||
|
||||
file {"/tmp/$title-add":
|
||||
ensure => file,
|
||||
content => $add_params
|
||||
}
|
||||
file {"/tmp/$title-del":
|
||||
ensure => file,
|
||||
content => $del_params
|
||||
}
|
||||
|
||||
exec {"get_ldap$title":
|
||||
command => "\
|
||||
/usr/local/bin/ldapsearch -LLL -h localhost -p 389 -D uid=admin,ou=system -w $ldap_password \
|
||||
-b ou=replConsumers,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config ads-replConsumerId=$title > /tmp/syncrepl-$title"
|
||||
}
|
||||
|
||||
$dnp="\
|
||||
dn: ads-replConsumerId=$title,ou=replConsumers,ads-serverId=ldapServer,ou=s
|
||||
ervers,ads-directoryServiceId=default,ou=config
|
||||
"
|
||||
|
||||
file {"/tmp/syncrepl-$title":
|
||||
ensure => file,
|
||||
content => "$dnp$params",
|
||||
require => Exec["get_ldap$title"]
|
||||
}
|
||||
|
||||
|
||||
|
||||
$mps = $facts['ads_syncrepls']
|
||||
$ldapmodify = "/usr/local/bin/ldapmodify"
|
||||
|
||||
if $title in $mps {
|
||||
exec{"syscrepl_del_$title":
|
||||
command => "$ldapmodify -c -h localhost -p $ldap_port -D uid=admin,ou=system -w $ldap_password -f /tmp/$title-del",
|
||||
refreshonly=>true,
|
||||
subscribe => File["/tmp/syncrepl-$title"]
|
||||
} ->
|
||||
exec{"syscrepl_exec_$title":
|
||||
command => "$ldapmodify -c -h localhost -p $ldap_port -D uid=admin,ou=system -w $ldap_password -f /tmp/$title-add",
|
||||
refreshonly=>true,
|
||||
subscribe => File["/tmp/syncrepl-$title"]
|
||||
} ->
|
||||
file {"/opt/plnxtools/ads/$title.syncrepl":
|
||||
ensure => file
|
||||
}
|
||||
} else {
|
||||
|
||||
exec{"syscrepl_exec_$title":
|
||||
command => "$ldapmodify -c -h localhost -p $ldap_port -D uid=admin,ou=system -w $ldap_password -f /tmp/$title-add",
|
||||
refreshonly=>true,
|
||||
subscribe => File["/tmp/syncrepl-$title"]
|
||||
} ->
|
||||
file {"/opt/plnxtools/ads/$title.syncrepl":
|
||||
ensure => file
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue