fix ldap.conf for jessie hosts

[mirror/dsa-puppet.git] / modules / debian-org / templates / ldap.conf.erb

diff --git a/modules/debian-org/templates/ldap.conf.erb b/modules/debian-org/templates/ldap.conf.erb
new file mode 100644 (file)
index 0000000..1a6828d
--- /dev/null
+++ b/modules/debian-org/templates/ldap.conf.erb
@@ -0,0 +1,28 @@
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+##
+
+#
+# LDAP Defaults
+#
+
+# See ldap.conf(5) for details
+# This file should be world readable but not world writable.
+
+#BASE  dc=example,dc=com
+#URI   ldap://ldap.example.com ldap://ldap-master.example.com:666
+
+#SIZELIMIT     12
+#TIMELIMIT     15
+#DEREF         never
+
+URI             ldap://db.debian.org
+BASE            dc=debian,dc=org
+
+<% if @lsbmajdistrelease >= 8 -%>
+TLS_CACERT      /etc/ssl/ca-debian/ca-certificates.crt
+<% else -%>
+TLS_CACERT      /etc/ssl/servicecerts/db.debian.org.crt
+<% end -%>
+TLS_REQCERT     hard