modules/profile/manifests/postgresql/pam_ldap.pp

   1 class profile::postgresql::pam_ldap (
   2   String $pg_user = "postgres"
   3 ) {
   4   include "profile::pam_ldap"
   5
   6   $password_seed = lookup("base_installation::puppet_pass_seed")
   7   $ldap_server = lookup("base_installation::ldap_server")
   8   $ldap_base   = lookup("base_installation::ldap_base")
   9   $ldap_dn     = lookup("base_installation::ldap_dn")
  10   $ldap_password = generate_password(24, $password_seed, "ldap")
  11   $ldap_attribute = "cn"
  12
  13   file { "/etc/pam_ldap.d/postgresql.conf":
  14     ensure  => "present",
  15     mode    => "0400",
  16     owner   => $pg_user,
  17     group   => "root",
  18     content => template("profile/postgresql/pam_ldap_postgresql.conf.erb"),
  19     require => File["/etc/pam_ldap.d"],
  20   } ->
  21   file { "/etc/pam.d/postgresql":
  22     ensure => "present",
  23     mode   => "0644",
  24     owner  => "root",
  25     group  => "root",
  26     source => "puppet:///modules/profile/postgresql/pam_postgresql"
  27   }
  28 }