Puppet Class: yp::ldap

Inherits:
yp::params
Defined in:
manifests/ldap.pp

Overview

Class for installing and managing ypldap daemon.

This is for OpenBSD only and is the equivalent of PAM/LDAP on Linux.

Examples:

Declaring the class

include ::portmap

class { '::yp::ldap':
  domain      => 'example.com',
  directories => {
    'dc=example,dc=com' => {
      'server'  => '192.0.2.1',
      'bind_dn' => 'cn=ypldap,dc=example,dc=com',
      'bind_pw' => 'secret',
    },
  },
}

class { '::yp':
  domain => 'example.com',
}

class { '::yp::bind':
  domain => 'example.com',
}

Class['::portmap'] ~> Class['::yp::ldap'] ~> Class['::yp::bind'] <~ Class['::yp']

Parameters:

  • domain (String)

    The YP/NIS domain for which to provide maps fetched from LDAP.

  • conf_file (Stdlib::Absolutepath) (defaults to: $::yp::params::ldap_conf_file)

    The configuration file, usually /etc/ypldap.conf.

  • directories (Hash[String, Hash[String, Any]]) (defaults to: {})
  • interval (Integer[1]) (defaults to: 60)

    How often to refresh the maps from LDAP.

  • maps (Array[String, 1]) (defaults to: $::yp::params::ldap_maps)

    The list of YP maps to provide based on LDAP searches.

  • service_enable (Boolean) (defaults to: $::yp::params::ldap_service_enable)
  • service_ensure (Enum['running', 'stopped']) (defaults to: $::yp::params::ldap_service_ensure)
  • service_name (String) (defaults to: $::yp::params::ldap_service_name)

    The name of the service managing ypldap.

  • tls_cacert_file (Optional[Stdlib::Absolutepath]) (defaults to: undef)

See Also:



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'manifests/ldap.pp', line 43

class yp::ldap (
  String                          $domain,
  Hash[String, Hash[String, Any]] $directories     = {},
  Stdlib::Absolutepath            $conf_file       = $::yp::params::ldap_conf_file,
  Integer[1]                      $interval        = 60,
  Array[String, 1]                $maps            = $::yp::params::ldap_maps,
  Boolean                         $service_enable  = $::yp::params::ldap_service_enable,
  Enum['running', 'stopped']      $service_ensure  = $::yp::params::ldap_service_ensure,
  String                          $service_name    = $::yp::params::ldap_service_name,
  Optional[Stdlib::Absolutepath]  $tls_cacert_file = undef,
) inherits yp::params {

  if $facts['os']['family'] != 'OpenBSD' {
    fail("The yp::ldap class is not supported on ${facts['os']['family']} based systems.")
  }

  if defined(Class['yp::serv']) {
    fail('yp::serv and yp::ldap are mutually exclusive.')
  }

  contain yp::ldap::config
  contain yp::ldap::service

  Class['yp::ldap::config'] ~> Class['yp::ldap::service']
}