From 85abd2fdbad83430df4824843764719064afb9b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Sat, 3 Mar 2018 22:24:19 +0100 Subject: Fetch node informations from LDAP environment, hostname --- modules/base_installation/manifests/init.pp | 1 + modules/base_installation/manifests/params.pp | 1 + .../base_installation/manifests/system_config.pp | 34 ++++++++++++---------- .../templates/puppet/host_ldap.info.erb | 4 ++- .../templates/puppet/puppet.conf.erb | 4 ++- 5 files changed, 27 insertions(+), 17 deletions(-) (limited to 'modules/base_installation') diff --git a/modules/base_installation/manifests/init.pp b/modules/base_installation/manifests/init.pp index f9fdcd4..998f8ff 100644 --- a/modules/base_installation/manifests/init.pp +++ b/modules/base_installation/manifests/init.pp @@ -10,6 +10,7 @@ class base_installation ( Optional[String] $puppet_conf_path = $base_installation::params::puppet_conf_path, Optional[String] $puppet_pass_seed = $base_installation::params::puppet_pass_seed, Optional[String] $puppet_ssl_path = $base_installation::params::puppet_ssl_path, + Optional[String] $real_hostname = $base_installation::params::real_hostname, Optional[String] $system_hostname = $base_installation::params::system_hostname, Optional[Array[String]] $system_locales = $base_installation::params::system_locales, Optional[String] $system_timezone = $base_installation::params::system_timezone, diff --git a/modules/base_installation/manifests/params.pp b/modules/base_installation/manifests/params.pp index c03eb1e..5ade838 100644 --- a/modules/base_installation/manifests/params.pp +++ b/modules/base_installation/manifests/params.pp @@ -10,6 +10,7 @@ class base_installation::params { $ldap_cert_path = "/etc/ssl/certs/ca-certificates.crt" $ldap_uri = "ldaps://ldap.example.com" $ldap_server = "ldap.example.com" + $real_hostname = "example.com" $system_hostname = "example.com" $system_locales = ["en_US.UTF-8"] $system_timezone = "UTC" diff --git a/modules/base_installation/manifests/system_config.pp b/modules/base_installation/manifests/system_config.pp index 25bfe0f..ccc5dcc 100644 --- a/modules/base_installation/manifests/system_config.pp +++ b/modules/base_installation/manifests/system_config.pp @@ -6,23 +6,27 @@ class base_installation::system_config inherits base_installation { } } - unless empty($base_installation::system_hostname) { - file { '/etc/hostname': - content => "$base_installation::system_hostname\n", - } + if empty($base_installation::system_hostname) { + $hostname = $base_installation::real_hostname + } else { + $hostname = $base_installation::system_hostname + } - exec { "set_hostname": - command => "/usr/bin/hostnamectl set-hostname $base_installation::system_hostname", - refreshonly => true, - subscribe => File["/etc/hostname"], - returns => [0, 1], - } + file { '/etc/hostname': + content => "$base_installation::system_hostname\n", + } - # TODO: find a way to ensure that /etc/hostname doesn't change - # exec { "set_hostname_firstboot": - # command => "/usr/bin/systemd-firstboot --hostname=$base_installation::system_hostname", - # creates => "/etc/hostname", - # } + exec { "set_hostname": + command => "/usr/bin/hostnamectl set-hostname $base_installation::system_hostname", + refreshonly => true, + subscribe => File["/etc/hostname"], + returns => [0, 1], } + # TODO: find a way to ensure that /etc/hostname doesn't change + # exec { "set_hostname_firstboot": + # command => "/usr/bin/systemd-firstboot --hostname=$base_installation::system_hostname", + # creates => "/etc/hostname", + # } + } diff --git a/modules/base_installation/templates/puppet/host_ldap.info.erb b/modules/base_installation/templates/puppet/host_ldap.info.erb index 525739b..a71c6f3 100644 --- a/modules/base_installation/templates/puppet/host_ldap.info.erb +++ b/modules/base_installation/templates/puppet/host_ldap.info.erb @@ -2,7 +2,6 @@ ldapadd -D "cn=root,<%= @ldap_base %>" -W << 'EOF' dn: <%= @ldap_dn %> cn: <%= @ldap_cn %> -cn: <%= @system_hostname %> objectclass: device objectclass: top objectclass: simpleSecurityObject @@ -12,6 +11,7 @@ objectclass: ipHost <% unless @ips["v4"].nil? -%>ipHostNumber: <%= @ips["v4"]["ipAddress"] %><%- end %> <% unless @ips["v6"].nil? -%>ipHostNumber: <%= @ips["v6"]["ipAddress"] %>/<%= @ips["v6"]["mask"] %><%- end %> <%- end -%> +environment: <%= @environment %> userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> EOF #### Or modify an existing entry: @@ -20,6 +20,8 @@ dn: <%= @ldap_dn %> changetype: modify replace: userPassword userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> +replace: environment +environment: <%= @environment %> <%- unless @ips.empty? -%> - delete: ipHostNumber diff --git a/modules/base_installation/templates/puppet/puppet.conf.erb b/modules/base_installation/templates/puppet/puppet.conf.erb index 3748039..24e67c8 100644 --- a/modules/base_installation/templates/puppet/puppet.conf.erb +++ b/modules/base_installation/templates/puppet/puppet.conf.erb @@ -1,8 +1,10 @@ [main] ssldir = <%= @puppet_ssl_path %> +environment = <%= @environment %> + node_terminus = ldap -certname = <%= @system_hostname %> +certname = <%= @real_hostname %> ldapserver = <%= @ldap_server %> ldaptls = true ldapbase = <%= @ldap_base %> -- cgit v1.2.3