3 # This sets up the web service as well as the LDAP backend for ftmg
5 # @param db_address hostname of the postgres server for this service
6 # @param db_port port of the postgres server for this service
14 ssl::service { 'sso.debian.org':
15 notify => Exec['service apache2 reload'],
18 ssl::service { 'ftmg.sso.debian.org':
19 notify => Exec['service apache2 reload'],
23 $ftmg_dsa_root_password = hkdf('/etc/puppet/secret', "roles::sso::slapd-ftmg::${::fqdn}")
28 ensure => 'installed',
33 file { '/etc/ldap/slapd.d':
36 notify => Service['slapd'],
38 file { '/etc/ldap/slapd.conf':
39 source => 'puppet:///modules/roles/sso/slapd.conf',
40 notify => Service['slapd'],
42 file { '/etc/ldap/slapd-ftmg.conf':
43 content => template('roles/sso/slapd-ftmg.conf.erb'),
44 notify => Service['slapd'],
48 file { '/etc/default/slapd':
49 source => 'puppet:///modules/roles/sso/default-slapd',
50 notify => Service['slapd'],
52 file { '/var/lib/ldap-ftmg':
57 notify => Service['slapd'],
60 file { '/etc/ldap/schema/openssh-ldap.schema':
61 source => 'puppet:///modules/roles/sso/openssh-ldap.schema',
62 notify => Service['slapd'],
65 @@postgres::cluster::hba_entry { "debsso-${::fqdn}":
66 tag => "postgres::cluster::${db_port}::hba::${db_address}",
69 user => ['debsso', 'debssoweb'],
70 address => $base::public_addresses,