Puppet Class: profile::wmcs::services::ldap_disable_tool

Defined in:
modules/profile/manifests/wmcs/services/ldap_disable_tool.pp

Overview

This runs a timer on a single cloudcontrol node to clean up

ldap entries of deleted tools. It needs to run in the prod
realm to write to ldap.

Parameters:

  • maintain_dbusers_primary (String) (defaults to: lookup('wmcs_maintain_dbusers_primary')) 


6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'modules/profile/manifests/wmcs/services/ldap_disable_tool.pp', line 6

class profile::wmcs::services::ldap_disable_tool(
    String                    $maintain_dbusers_primary     = lookup('wmcs_maintain_dbusers_primary'),
) {
    require profile::toolforge::disable_tool

    # We only want this to run in one place, re-use the
    # maintain_dbusers host
    if ($facts['fqdn'] == $maintain_dbusers_primary) {
        $enable_service = present
    } else {
        $enable_service = absent
    }

    systemd::timer::job { 'disable-tool':
        ensure          => $enable_service,
        logging_enabled => false,
        user            => 'root',
        description     => 'Delete ldap records of deleted or disabled+expired tools',
        command         => '/srv/disable-tool/disable_tool.py deleteldap',
        interval        => {
        'start'    => 'OnCalendar',
        'interval' => '*:0/2', # every 2 minutes
        },
        require         => Class['::profile::toolforge::disable_tool'],
    }
}