diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2017-08-30 22:16:39 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2017-08-31 22:59:53 +0200 |
commit | 548061112d2e2627317f9379d2f501fcf3f6ea54 (patch) | |
tree | 19fb949ad1fb965b4705897650809b4ffb6e9f29 /modules/base_installation/templates | |
parent | 1508e956adaa97b7a82c27537f4b124266dacdf0 (diff) | |
download | Puppet-548061112d2e2627317f9379d2f501fcf3f6ea54.tar.gz Puppet-548061112d2e2627317f9379d2f501fcf3f6ea54.tar.zst Puppet-548061112d2e2627317f9379d2f501fcf3f6ea54.zip |
Add LDAP support
Diffstat (limited to 'modules/base_installation/templates')
3 files changed, 32 insertions, 0 deletions
diff --git a/modules/base_installation/templates/ldap/ldap.conf.erb b/modules/base_installation/templates/ldap/ldap.conf.erb new file mode 100644 index 0000000..626a986 --- /dev/null +++ b/modules/base_installation/templates/ldap/ldap.conf.erb | |||
@@ -0,0 +1,3 @@ | |||
1 | uri <%= @ldap_uri %> | ||
2 | base <%= @ldap_base %> | ||
3 | tls_cacert <%= @ldap_cert_path %> | ||
diff --git a/modules/base_installation/templates/puppet/host_ldap.info.erb b/modules/base_installation/templates/puppet/host_ldap.info.erb new file mode 100644 index 0000000..a350c37 --- /dev/null +++ b/modules/base_installation/templates/puppet/host_ldap.info.erb | |||
@@ -0,0 +1,17 @@ | |||
1 | #### Please add this node to LDAP: | ||
2 | ldapadd -D "cn=root,<%= @ldap_base %>" -W << 'EOF' | ||
3 | dn: <%= @ldap_dn %> | ||
4 | cn: <%= @ldap_cn %> | ||
5 | objectclass: device | ||
6 | objectclass: top | ||
7 | objectclass: simpleSecurityObject | ||
8 | objectclass: puppetClient | ||
9 | userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> | ||
10 | EOF | ||
11 | #### Or modify an existing entry: | ||
12 | ldapmodify -D "cn=root,<%= @ldap_base %>" -W << 'EOF' | ||
13 | dn: <%= @ldap_dn %> | ||
14 | changetype: modify | ||
15 | replace: userPassword | ||
16 | userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> | ||
17 | EOF | ||
diff --git a/modules/base_installation/templates/puppet/puppet.conf.erb b/modules/base_installation/templates/puppet/puppet.conf.erb new file mode 100644 index 0000000..99d9fc3 --- /dev/null +++ b/modules/base_installation/templates/puppet/puppet.conf.erb | |||
@@ -0,0 +1,12 @@ | |||
1 | [main] | ||
2 | ssldir = <%= @puppet_ssl_path %> | ||
3 | |||
4 | node_terminus = ldap | ||
5 | ldapserver = <%= @ldap_server %> | ||
6 | ldaptls = true | ||
7 | ldapbase = <%= @ldap_base %> | ||
8 | ldapuser = <%= @ldap_dn %> | ||
9 | ldappassword = <%= @ldap_password %> | ||
10 | ldapclassattrs = puppetClass | ||
11 | ldapparentattr = parentNode | ||
12 | ldapstackedattrs = puppetVar | ||