projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'fordsa' of https://git.adam-barratt.org.uk/git/mirror/dsa-puppet
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
sso.pp
diff --git
a/modules/roles/manifests/sso.pp
b/modules/roles/manifests/sso.pp
index
052ddc1
..
4da64eb
100644
(file)
--- a/
modules/roles/manifests/sso.pp
+++ b/
modules/roles/manifests/sso.pp
@@
-1,3
+1,6
@@
+# Debian SSO class.
+#
+# This sets up the web service as well as the LDAP backend for ftmg
class roles::sso {
include apache2
include roles::sso_rp
class roles::sso {
include apache2
include roles::sso_rp
@@
-11,6
+14,8
@@
class roles::sso {
key => true,
}
key => true,
}
+ $ftmg_dsa_root_password = hkdf('/etc/puppet/secret', "roles::sso::slapd-ftmg::${::fqdn}")
+
ensure_packages ( [
'slapd',
], {
ensure_packages ( [
'slapd',
], {
@@
-29,13
+34,22
@@
class roles::sso {
notify => Service['slapd'],
}
file { '/etc/ldap/slapd-ftmg.conf':
notify => Service['slapd'],
}
file { '/etc/ldap/slapd-ftmg.conf':
- source => 'puppet:///modules/roles/sso/slapd-ftmg.conf',
- notify => Service['slapd'],
+ content => template('roles/sso/slapd-ftmg.conf.erb'),
+ notify => Service['slapd'],
+ group => 'openldap',
+ mode => '0440',
}
file { '/etc/default/slapd':
source => 'puppet:///modules/roles/sso/default-slapd',
notify => Service['slapd'],
}
}
file { '/etc/default/slapd':
source => 'puppet:///modules/roles/sso/default-slapd',
notify => Service['slapd'],
}
+ file { '/var/lib/ldap-ftmg':
+ ensure => directory,
+ mode => '0700',
+ owner => 'openldap',
+ group => 'openldap',
+ notify => Service['slapd'],
+ }
file { '/etc/ldap/schema/openssh-ldap.schema':
source => 'puppet:///modules/roles/sso/openssh-ldap.schema',
file { '/etc/ldap/schema/openssh-ldap.schema':
source => 'puppet:///modules/roles/sso/openssh-ldap.schema',