From a2ed52e2527faae28b80b54c7f1b659a0f34b279 Mon Sep 17 00:00:00 2001 From: Steven Pritchard Date: Wed, 27 Nov 2024 09:57:34 -0600 Subject: [PATCH] Migrate ERB templates to EPP Fixes #152 --- CHANGELOG | 3 + manifests/domain.pp | 51 +++++++++++++- metadata.json | 2 +- templates/domain.epp | 155 +++++++++++++++++++++++++++++++++++++++++++ templates/domain.erb | 109 ------------------------------ 5 files changed, 208 insertions(+), 112 deletions(-) create mode 100644 templates/domain.epp delete mode 100644 templates/domain.erb diff --git a/CHANGELOG b/CHANGELOG index 63430bd..bec6afd 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,6 @@ +* Wed Nov 27 2024 Steven Pritchard - 7.12.1 +- Migrate ERB templates to EPP (#152) + * Mon Nov 18 2024 dpavlotzky - 7.12.0 - Add "ad" option to autofs_provider list (#147) diff --git a/manifests/domain.pp b/manifests/domain.pp index d5e8c4c..60aa569 100644 --- a/manifests/domain.pp +++ b/manifests/domain.pp @@ -114,8 +114,55 @@ Optional[String] $proxy_lib_name = undef, Optional[String] $ldap_user_search_filter = undef ) { - sssd::config::entry { "puppet_domain_${name}": - content => template('sssd/domain.erb') + content => epp( + 'sssd/domain.erb', + { + 'id_provider' => $id_provider, + 'debug_level' => $debug_level, + 'debug_timestamps' => $debug_timestamps, + 'debug_microseconds' => $debug_microseconds, + 'description' => $description, + 'min_id' => $min_id, + 'max_id' => $max_id, + 'enumerate' => $enumerate, + 'subdomain_enumerate' => $subdomain_enumerate, + 'force_timeout' => $force_timeout, + 'entry_cache_timeout' => $entry_cache_timeout, + 'entry_cache_user_timeout' => $entry_cache_user_timeout, + 'entry_cache_group_timeout' => $entry_cache_group_timeout, + 'entry_cache_netgroup_timeout' => $entry_cache_netgroup_timeout, + 'entry_cache_service_timeout' => $entry_cache_service_timeout, + 'entry_cache_sudo_timeout' => $entry_cache_sudo_timeout, + 'entry_cache_autofs_timeout' => $entry_cache_autofs_timeout, + 'entry_cache_ssh_host_timeout' => $entry_cache_ssh_host_timeout, + 'refresh_expired_interval' => $refresh_expired_interval, + 'cache_credentials' => $cache_credentials, + 'account_cache_expiration' => $account_cache_expiration, + 'pwd_expiration_warning' => $pwd_expiration_warning, + 'use_fully_qualified_names' => $use_fully_qualified_names, + 'ignore_group_members' => $ignore_group_members, + 'access_provider' => $access_provider, + 'auth_provider' => $auth_provider, + 'chpass_provider' => $chpass_provider, + 'sudo_provider' => $sudo_provider, + 'selinux_provider' => $selinux_provider, + 'subdomains_provider' => $subdomains_provider, + 'autofs_provider' => $autofs_provider, + 'hostid_provider' => $hostid_provider, + 're_expression' => $re_expression, + 'full_name_format' => $full_name_format, + 'lookup_family_order' => $lookup_family_order, + 'dns_resolver_timeout' => $dns_resolver_timeout, + 'dns_discovery_domain' => $dns_discovery_domain, + 'override_gid' => $override_gid, + 'case_sensitive' => $case_sensitive, + 'proxy_fast_alias' => $proxy_fast_alias, + 'realmd_tags' => $realmd_tags, + 'proxy_pam_target' => $proxy_pam_target, + 'proxy_lib_name' => $proxy_lib_name, + 'ldap_user_search_filter' => $ldap_user_search_filter, + }, + ) } } diff --git a/metadata.json b/metadata.json index bd031a3..9a4b8e7 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "simp-sssd", - "version": "7.12.0", + "version": "7.12.1", "author": "SIMP Team", "summary": "Manages SSSD", "license": "Apache-2.0", diff --git a/templates/domain.epp b/templates/domain.epp new file mode 100644 index 0000000..373bcc8 --- /dev/null +++ b/templates/domain.epp @@ -0,0 +1,155 @@ +<% | + Sssd::IdProvider $id_provider, + Optional[Sssd::DebugLevel] $debug_level = undef, + Boolean $debug_timestamps = true, + Boolean $debug_microseconds = false, + Optional[String] $description = undef, + Integer[0] $min_id = 1, + Integer[0] $max_id = 0, + Boolean $enumerate = false, + Boolean $subdomain_enumerate = false, + Optional[Integer] $force_timeout = undef, + Optional[Integer] $entry_cache_timeout = undef, + Optional[Integer] $entry_cache_user_timeout = undef, + Optional[Integer] $entry_cache_group_timeout = undef, + Optional[Integer] $entry_cache_netgroup_timeout = undef, + Optional[Integer] $entry_cache_service_timeout = undef, + Optional[Integer] $entry_cache_sudo_timeout = undef, + Optional[Integer] $entry_cache_autofs_timeout = undef, + Optional[Integer] $entry_cache_ssh_host_timeout = undef, + Optional[Integer] $refresh_expired_interval = undef, + Boolean $cache_credentials = false, + Integer[0] $account_cache_expiration = 0, + Optional[Integer[0]] $pwd_expiration_warning = undef, + Boolean $use_fully_qualified_names = false, + Boolean $ignore_group_members = true, + Optional[Sssd::AccessProvider] $access_provider = undef, + Optional[Sssd::AuthProvider] $auth_provider = undef, + Optional[Sssd::ChpassProvider] $chpass_provider = undef, + Optional[Enum['ldap', 'ipa','ad','none']] $sudo_provider = undef, + Optional[Enum['ipa', 'none']] $selinux_provider = undef, + Optional[Enum['ipa', 'ad','none']] $subdomains_provider = undef, + Optional[Enum['ad', 'ldap', 'ipa','none']] $autofs_provider = undef, + Optional[Enum['ipa', 'none']] $hostid_provider = undef, + Optional[String] $re_expression = undef, + Optional[String] $full_name_format = undef, + Optional[String] $lookup_family_order = undef, + Integer[0] $dns_resolver_timeout = 5, + Optional[String] $dns_discovery_domain = undef, + Optional[String] $override_gid = undef, + Variant[Boolean,Enum['preserving']] $case_sensitive = true, + Boolean $proxy_fast_alias = false, + Optional[String] $realmd_tags = undef, + Optional[String] $proxy_pam_target = undef, + Optional[String] $proxy_lib_name = undef, + Optional[String] $ldap_user_search_filter = undef +| -%> + +# sssd::domain <%= $name %> +[domain/<%= $name %>] +<% if $debug_level { -%> +debug_level = <%= $debug_level %> +<% } -%> +debug_timestamps = <%= $debug_timestamps %> +debug_microseconds = <%= $debug_microseconds %> +<% if $description { -%> +description = <%= $description %> +<% } -%> +min_id = <%= $min_id %> +max_id = <%= $max_id %> +enumerate = <%= $enumerate %> +<% if $subdomain_enumerate { -%> +subdomain_enumerate = <%= $subdomain_enumerate %> +<% } -%> +<% if $force_timeout { -%> +force_timeout = <%= $force_timeout %> +<% } -%> +<% if $entry_cache_timeout { -%> +entry_cache_timeout = <%= $entry_cache_timeout %> +<% } -%> +<% if $entry_cache_user_timeout { -%> +entry_cache_user_timeout = <%= $entry_cache_user_timeout %> +<% } -%> +<% if $entry_cache_group_timeout { -%> +entry_cache_group_timeout = <%= $entry_cache_group_timeout %> +<% } -%> +<% if $entry_cache_netgroup_timeout { -%> +entry_cache_netgroup_timeout = <%= $entry_cache_netgroup_timeout %> +<% } -%> +<% if $entry_cache_service_timeout { -%> +entry_cache_service_timeout = <%= $entry_cache_service_timeout %> +<% } -%> +<% if $entry_cache_sudo_timeout { -%> +entry_cache_sudo_timeout = <%= $entry_cache_sudo_timeout %> +<% } -%> +<% if $entry_cache_autofs_timeout { -%> +entry_cache_autofs_timeout = <%= $entry_cache_autofs_timeout %> +<% } -%> +<% if $entry_cache_ssh_host_timeout { -%> +entry_cache_ssh_host_timeout = <%= $entry_cache_ssh_host_timeout %> +<% } -%> +<% if $refresh_expired_interval { -%> +refresh_expired_interval = <%= $refresh_expired_interval %> +<% } -%> +cache_credentials = <%= $cache_credentials %> +account_cache_expiration = <%= $account_cache_expiration %> +<% if $pwd_expiration_warning { -%> +pwd_expiration_warning = <%= $pwd_expiration_warning %> +<% } -%> +use_fully_qualified_names = <%= $use_fully_qualified_names %> +ignore_group_members = <%= $ignore_group_members %> +id_provider = <%= $id_provider %> +<% if $auth_provider { -%> +auth_provider = <%= $auth_provider %> +<% } -%> +<% if $access_provider { -%> +access_provider = <%= $access_provider %> +<% } -%> +<% if $chpass_provider { -%> +chpass_provider = <%= $chpass_provider %> +<% } -%> +<% if $sudo_provider { -%> +sudo_provider = <%= $sudo_provider %> +<% } -%> +<% if $selinux_provider { -%> +selinux_provider = <%= $selinux_provider %> +<% } -%> +<% if $subdomains_provider { -%> +subdomains_provider = <%= $subdomains_provider %> +<% } -%> +<% if $autofs_provider { -%> +autofs_provider = <%= $autofs_provider %> +<% } -%> +<% if $hostid_provider { -%> +hostid_provider = <%= $hostid_provider %> +<% } -%> +<% if $re_expression { -%> +re_expression = <%= $re_expression %> +<% } -%> +<% if $full_name_format { -%> +full_name_format = <%= $full_name_format %> +<% } -%> +<% if $lookup_family_order { -%> +lookup_family_order = <%= $lookup_family_order %> +<% } -%> +dns_resolver_timeout = <%= $dns_resolver_timeout %> +<% if $dns_discovery_domain { -%> +dns_discovery_domain = <%= $dns_discovery_domain %> +<% } -%> +<% if $override_gid { -%> +override_gid = <%= $override_gid %> +<% } -%> +case_sensitive = <%= $case_sensitive %> +proxy_fast_alias = <%= $proxy_fast_alias %> +<% if $realmd_tags { -%> +realmd_tags = <%= $realmd_tags %> +<% } -%> +<% if $ldap_user_search_filter { -%> +ldap_user_search_filter = <%= $ldap_user_search_filter %> +<% } -%> +<% if $proxy_pam_target { -%> +proxy_pam_target = <%= $proxy_pam_target %> +<% } -%> +<% if $proxy_lib_name { -%> +proxy_lib_name = <%= $proxy_lib_name %> +<% } -%> diff --git a/templates/domain.erb b/templates/domain.erb deleted file mode 100644 index 6740a9b..0000000 --- a/templates/domain.erb +++ /dev/null @@ -1,109 +0,0 @@ - -# sssd::domain <%= @name %> -[domain/<%= @name %>] -<% if @debug_level -%> -debug_level = <%= @debug_level %> -<% end -%> -debug_timestamps = <%= @debug_timestamps.to_s %> -debug_microseconds = <%= @debug_microseconds.to_s %> -<% if @description -%> -description = <%= @description %> -<% end -%> -min_id = <%= @min_id.to_s %> -max_id = <%= @max_id.to_s %> -enumerate = <%= @enumerate.to_s %> -<% if @subdomain_enumerate -%> -subdomain_enumerate = <%= @subdomain_enumerate %> -<% end -%> -<% if @force_timeout -%> -force_timeout = <%= @force_timeout.to_s %> -<% end -%> -<% if @entry_cache_timeout -%> -entry_cache_timeout = <%= @entry_cache_timeout.to_s %> -<% end -%> -<% if @entry_cache_user_timeout -%> -entry_cache_user_timeout = <%= @entry_cache_user_timeout.to_s %> -<% end -%> -<% if @entry_cache_group_timeout -%> -entry_cache_group_timeout = <%= @entry_cache_group_timeout.to_s %> -<% end -%> -<% if @entry_cache_netgroup_timeout -%> -entry_cache_netgroup_timeout = <%= @entry_cache_netgroup_timeout.to_s %> -<% end -%> -<% if @entry_cache_service_timeout -%> -entry_cache_service_timeout = <%= @entry_cache_service_timeout.to_s %> -<% end -%> -<% if @entry_cache_sudo_timeout -%> -entry_cache_sudo_timeout = <%= @entry_cache_sudo_timeout.to_s %> -<% end -%> -<% if @entry_cache_autofs_timeout -%> -entry_cache_autofs_timeout = <%= @entry_cache_autofs_timeout.to_s %> -<% end -%> -<% if @entry_cache_ssh_host_timeout -%> -entry_cache_ssh_host_timeout = <%= @entry_cache_ssh_host_timeout.to_s %> -<% end -%> -<% if @refresh_expired_interval -%> -refresh_expired_interval = <%= @refresh_expired_interval.to_s %> -<% end -%> -cache_credentials = <%= @cache_credentials.to_s %> -account_cache_expiration = <%= @account_cache_expiration.to_s %> -<% if @pwd_expiration_warning -%> -pwd_expiration_warning = <%= @pwd_expiration_warning.to_s %> -<% end -%> -use_fully_qualified_names = <%= @use_fully_qualified_names.to_s %> -ignore_group_members = <%= @ignore_group_members.to_s %> -id_provider = <%= @id_provider %> -<% if @auth_provider -%> -auth_provider = <%= @auth_provider %> -<% end -%> -<% if @access_provider -%> -access_provider = <%= @access_provider %> -<% end -%> -<% if @chpass_provider -%> -chpass_provider = <%= @chpass_provider %> -<% end -%> -<% if @sudo_provider -%> -sudo_provider = <%= @sudo_provider %> -<% end -%> -<% if @selinux_provider -%> -selinux_provider = <%= @selinux_provider %> -<% end -%> -<% if @subdomains_provider -%> -subdomains_provider = <%= @subdomains_provider %> -<% end -%> -<% if @autofs_provider -%> -autofs_provider = <%= @autofs_provider %> -<% end -%> -<% if @hostid_provider -%> -hostid_provider = <%= @hostid_provider %> -<% end -%> -<% if @re_expression -%> -re_expression = <%= @re_expression %> -<% end -%> -<% if @full_name_format -%> -full_name_format = <%= @full_name_format %> -<% end -%> -<% if @lookup_family_order -%> -lookup_family_order = <%= @lookup_family_order %> -<% end -%> -dns_resolver_timeout = <%= @dns_resolver_timeout.to_s %> -<% if @dns_discovery_domain %> -dns_discovery_domain = <%= @dns_discovery_domain %> -<% end -%> -<% if @override_gid -%> -override_gid = <%= @override_gid %> -<% end -%> -case_sensitive = <%= @case_sensitive.to_s %> -proxy_fast_alias = <%= @proxy_fast_alias.to_s %> -<% if @realmd_tags -%> -realmd_tags = <%= @realmd_tags %> -<% end -%> -<% if @ldap_user_search_filter -%> -ldap_user_search_filter = <%= @ldap_user_search_filter %> -<% end -%> -<% if @proxy_pam_target %> -proxy_pam_target = <%= @proxy_pam_target %> -<% end -%> -<% if @proxy_lib_name %> -proxy_lib_name = <%= @proxy_lib_name %> -<% end -%>