From 35fd70e43624b8c44d80f58b044f1b5be7c731ba Mon Sep 17 00:00:00 2001
From: Stanislav Voroniy <voroniys@users.noreply.github.com>
Date: Fri, 6 Feb 2015 19:02:57 +0100
Subject: [PATCH] Make LDAP section more configurable

---
 manifests/init.pp             | 4 ++++
 manifests/params.pp           | 2 ++
 templates/rabbitmq.config.erb | 7 ++++++-
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index 1ac3f6d61..48f1a5090 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -44,9 +44,11 @@
   $ldap_auth                  = $rabbitmq::params::ldap_auth,
   $ldap_server                = $rabbitmq::params::ldap_server,
   $ldap_user_dn_pattern       = $rabbitmq::params::ldap_user_dn_pattern,
+  $ldap_other_bind            = $rabbitmq::params::ldap_other_bind,
   $ldap_use_ssl               = $rabbitmq::params::ldap_use_ssl,
   $ldap_port                  = $rabbitmq::params::ldap_port,
   $ldap_log                   = $rabbitmq::params::ldap_log,
+  $ldap_config_variables      = $rabbitmq::params::ldap_config_variables,
   $stomp_port                 = $rabbitmq::params::stomp_port,
   $version                    = $rabbitmq::params::version,
   $wipe_db_on_cookie_change   = $rabbitmq::params::wipe_db_on_cookie_change,
@@ -103,6 +105,8 @@
   validate_bool($ldap_auth)
   validate_string($ldap_server)
   validate_string($ldap_user_dn_pattern)
+  validate_string($ldap_other_bind)
+  validate_hash($ldap_config_variables)
   validate_bool($ldap_use_ssl)
   validate_re($ldap_port, '\d+')
   validate_bool($ldap_log)
diff --git a/manifests/params.pp b/manifests/params.pp
index 4e4ba3221..2280038c3 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -78,9 +78,11 @@
   $ldap_auth                  = false
   $ldap_server                = 'ldap'
   $ldap_user_dn_pattern       = 'cn=username,ou=People,dc=example,dc=com'
+  $ldap_other_bind            = 'anon'
   $ldap_use_ssl               = false
   $ldap_port                  = '389'
   $ldap_log                   = false
+  $ldap_config_variables      = {}
   $stomp_port                 = '6163'
   $wipe_db_on_cookie_change   = false
   $cluster_partition_handling = 'ignore'
diff --git a/templates/rabbitmq.config.erb b/templates/rabbitmq.config.erb
index 591a1cb17..008a0d4e6 100644
--- a/templates/rabbitmq.config.erb
+++ b/templates/rabbitmq.config.erb
@@ -71,11 +71,16 @@
 <%- if @ldap_auth -%>,
 % Configure the LDAP authentication plugin
   {rabbitmq_auth_backend_ldap, [
-    {other_bind, anon},
+    {other_bind, <%= @ldap_other_bind %>},
     {servers, ["<%= @ldap_server %>"]},
     {user_dn_pattern, "<%= @ldap_user_dn_pattern %>"},
     {use_ssl, <%= @ldap_use_ssl %>},
     {port, <%= @ldap_port %>},
+<% if @ldap_config_variables -%>
+<%- @ldap_config_variables.keys.sort.each do |key| -%>
+    {<%= key %>, <%= @ldap_config_variables[key] %>},
+<%- end -%>
+<%- end -%>
     {log, <%= @ldap_log %>}
   ]}
 <%- end -%>