-
-
Notifications
You must be signed in to change notification settings - Fork 132
/
database.pp
102 lines (97 loc) · 3.86 KB
/
database.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# See README.md for details.
define openldap::server::database (
Enum['present', 'absent'] $ensure = present,
Optional[Stdlib::Absolutepath] $directory = undef,
String[1] $suffix = $title,
Optional[String[1]] $relay = undef,
Optional[String[1]] $backend = undef,
Optional[String[1]] $rootdn = undef,
Optional[String[1]] $rootpw = undef,
Optional[Boolean] $initdb = undef,
Boolean $readonly = false,
Optional[String[1]] $sizelimit = undef,
Optional[String[1]] $dbmaxsize = undef,
Optional[String[1]] $timelimit = undef,
Optional[String[1]] $updateref = undef,
Openldap::Limits $limits = {},
# BDB/HDB options
Hash[String[1],Variant[String[1],Array[String[1]]]] $dboptions = {},
Optional[String[1]] $synctype = undef,
# Synchronization options
Optional[Boolean] $mirrormode = undef,
Optional[Boolean] $multiprovider = undef,
Optional[String[1]] $syncusesubentry = undef,
Array[Openldap::Syncrepl] $syncrepl = [],
Hash[
Enum[
'transport',
'sasl',
'simple_bind',
'ssf',
'tls',
'update_sasl',
'update_ssf',
'update_tls',
'update_transport',
],
Integer[0]
] $security = {},
) {
include openldap::server
if $mirrormode != undef and $multiprovider != undef {
warning('multiprovider is an openldap2.5+ replacement for mirrormode.')
}
$manage_directory = $backend ? {
'monitor' => undef,
'config' => undef,
'relay' => undef,
'ldap' => undef,
default => $directory.lest || { $openldap::server::default_directory },
}
Class['openldap::server::service']
-> Openldap::Server::Database[$title]
-> Class['openldap::server']
if $title != 'dc=my-domain,dc=com' and fact('os.family') == 'RedHat' {
Openldap::Server::Database['dc=my-domain,dc=com'] -> Openldap::Server::Database[$title]
}
if $ensure == present and $backend != 'monitor' and $backend != 'config' and $backend != 'relay' and $backend != 'ldap' {
file { $manage_directory:
ensure => directory,
owner => $openldap::server::owner,
group => $openldap::server::group,
before => Openldap_database[$title],
}
}
openldap_database { $title:
ensure => $ensure,
suffix => $suffix,
relay => $relay,
target => $openldap::server::conffile,
backend => $backend,
directory => $manage_directory,
rootdn => $rootdn,
rootpw => $rootpw,
initdb => $initdb,
readonly => $readonly,
sizelimit => $sizelimit,
timelimit => $timelimit,
dbmaxsize => $dbmaxsize,
updateref => $updateref,
dboptions => $dboptions,
synctype => $synctype,
mirrormode => $mirrormode,
multiprovider => $multiprovider,
syncusesubentry => $syncusesubentry,
syncrepl => $syncrepl.map |$item| {
$item.map |$k, $v| {
$v ? {
true => $k,
false => undef,
default => "${k}=${String($v, '%#p')}",
}
}.flatten.join(' ')
},
limits => $limits.map |$selector, $limits| { "${selector} ${limits.map |$k, $v| { "${k}=${v}" }.join(' ')}" },
security => $security,
}
}