Initial import

manifests/config.pp

@@ -0,0 +1,15 @@
+# == Class: nslcd::config
+#
+# Manages the nslcd server configuration file
+class nslcd::config inherits nslcd {
+
+  file { $nslcd::config:
+    ensure  => file,
+    owner   => $nslcd::config_user,
+    group   => $nslcd::config_group,
+    mode    => $nslcd::config_mode,
+    content => template('nslcd/nslcd.erb'),
+  }
+
+}
+

manifests/init.pp

@@ -0,0 +1,46 @@
+# == Class: nslcd
+#
+# This class manages the nslcd server and service.
+class nslcd (
+  $package_ensure      = $nslcd::params::package_ensure,
+  $package_name        = $nslcd::params::package_name,
+  $service_ensure      = $nslcd::params::service_ensure,
+  $service_enable      = $nslcd::params::service_enable,
+  $service_name        = $nslcd::params::service_name,
+  $uid                 = $nslcd::params::uid,
+  $gid                 = $nslcd::params::gid,
+  $config              = $nslcd::params::config,
+  $config_user         = $nslcd::params::config_user,
+  $config_group        = $nslcd::params::config_group,
+  $config_mode         = $nslcd::params::config_mode,
+  $ldap_uris           = $nslcd::params::ldap_uris,
+  $ldap_version        = $nslcd::params::ldap_version,
+  $ldap_binddn         = $nslcd::params::ldap_binddn,
+  $ldap_bindpw         = $nslcd::params::ldap_bindpw,
+  $ldap_search_base    = $nslcd::params::ldap_search_base,
+  $ldap_search_scope   = $nslcd::params::ldap_search_scope,
+  $ldap_filters        = $nslcd::params::ldap_filters,
+  $ldap_ssl            = $nslcd::params::ldap_ssl,
+  $ldap_tls_reqcert    = $nslcd::params::ldap_tls_reqcert,
+  $ldap_tls_cacertfile = $nslcd::params::ldap_tls_cacertfile,
+) inherits nslcd::params {
+
+  # Input validation
+  $valid_ldap_versions     = [ '2', '3' ]
+  $valid_ldap_ssl          = [ 'on', 'off', 'start_tls' ]
+  $valid_ldap_tls_reqcert  = [ 'never', 'allow', 'try', 'demand', 'hard' ]
+  $valid_ldap_search_scope = [ 'sub', 'subtree', 'one', 'onelevel', 'base' ]
+
+  validate_re($ldap_version, $valid_ldap_versions)
+  validate_re($ldap_ssl, $valid_ldap_ssl)
+  validate_re($ldap_tls_reqcert, $valid_ldap_tls_reqcert)
+  validate_re($ldap_search_scope, $valid_ldap_search_scope)
+
+  anchor { 'nslcd::begin': } ->
+  class { 'nslcd::install': } ->
+  class { 'nslcd::config': } ~>
+  class { 'nslcd::service': } ->
+  anchor { 'nslcd::end': }
+
+}
+

manifests/install.pp

@@ -0,0 +1,10 @@
+# == Class: nslcd::install
+#
+# Installs the nslcd package.
+class nslcd::install inherits nslcd {
+
+  package { $nslcd::package_name:
+    ensure => $nslcd::package_ensure,
+  }
+
+}

manifests/params.pp

@@ -0,0 +1,42 @@
+# == Class: nslcd::params
+#
+# Sets the default parameters for the nslcd class.
+class nslcd::params {
+
+  $package_ensure = present
+  $service_ensure = running
+  $service_enable = true
+
+  $ldap_uris           = ['ldap:///']
+  $ldap_version        = '3'
+  $ldap_binddn         = undef
+  $ldap_bindpw         = undef
+  $ldap_search_base    = ''
+  $ldap_search_scope   = 'subtree'
+  $ldap_filters        = {}
+  $ldap_ssl            = 'off'
+  $ldap_tls_reqcert    = 'allow'
+  $ldap_tls_cacertfile = undef
+
+  $default_config       = '/etc/nslcd.conf'
+  $default_package_name = 'nslcd'
+  $default_service_name = 'nslcd'
+
+  case $::osfamily {
+    Debian: {
+      $config        = $default_config
+      $package_name  = $default_package_name
+      $service_name  = $default_service_name
+      $uid          = 'nslcd'
+      $gid         = 'nslcd'
+      $config_user         = 'root'
+      $config_group        = 'nslcd'
+      $config_mode         = '0640'
+    }
+    default: {
+      fail("The ${module_name} module is not supported on an ${::osfamily} based system.")
+    }
+  }
+
+}
+

manifests/service.pp

@@ -0,0 +1,12 @@
+# == Class: nslcd::service
+#
+# Manages the nslcd service.
+class nslcd::service inherits nslcd {
+
+  service { 'nslcd':
+    ensure => $nslcd::service_ensure,
+    enable => $nslcd::service_enable,
+    name   => $nslcd::service_name,
+  }
+
+}