Puppet Class: profile::ldap::client::utils
- Defined in:
- modules/profile/manifests/ldap/client/utils.pp
Summary
provisions the ldap connection config file and utilities to interact with ldap (via the ldap-utils package)Overview
SPDX-License-Identifier: Apache-2.0
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
# File 'modules/profile/manifests/ldap/client/utils.pp', line 5
class profile::ldap::client::utils (
Hash[String[1], Any] $labsldapconfig = lookup('labsldapconfig'),
) {
$basedn = 'dc=wikimedia,dc=org'
# TODO: this is never used in production
$sudobasedn = $::realm ? {
'labs' => "ou=sudoers,cn=${::wmcs_project},ou=projects,${basedn}",
'production' => "ou=sudoers,${basedn}"
}
# This is directly used elsewhere, be careful when refactoring please.
$ldapconfig = {
'servernames' => [ $labsldapconfig['hostname'] ],
'basedn' => $basedn,
'groups_rdn' => 'ou=groups',
'users_rdn' => 'ou=people',
'domain' => 'wikimedia',
'proxyagent' => "cn=proxyagent,ou=profile,${basedn}",
'proxypass' => $labsldapconfig['proxypass'],
'script_user_dn' => "cn=scriptuser,ou=profile,${basedn}",
'script_user_pass' => $labsldapconfig['script_user_pass'],
'user_id_attribute' => 'uid',
'tenant_id_attribute' => 'cn',
'ca' => 'ca-certificates.crt',
'sudobasedn' => $sudobasedn,
'pagesize' => 2000,
'nss_min_uid' => '499',
}
class { 'ldap::client::config':
servers => $ldapconfig['servernames'],
base_dn => $ldapconfig['basedn'],
proxy_pass => $ldapconfig['proxypass'],
}
ensure_packages(['ldap-utils'])
}
|