From 95c6ab716213898a16cfc0e4b0399492757f3680 Mon Sep 17 00:00:00 2001 From: Nate McCurdy Date: Fri, 8 Mar 2019 11:08:13 -0800 Subject: [PATCH 1/4] Use parameter data types instead of validate functions --- manifests/init.pp | 63 +++++++++++++++++++---------------------------- 1 file changed, 26 insertions(+), 37 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 2cad72d..9bc4e66 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -2,45 +2,34 @@ # # This class manages the nslcd server and service. class nslcd ( - $package_ensure = $nslcd::params::package_ensure, - $package_name = $nslcd::params::package_name, - $package_manage = $nslcd::params::package_manage, - $service_ensure = $nslcd::params::service_ensure, - $service_enable = $nslcd::params::service_enable, - $service_name = $nslcd::params::service_name, - $service_manage = $nslcd::params::service_manage, - $uid = $nslcd::params::uid, - $gid = $nslcd::params::gid, - $config = $nslcd::params::config, - $config_user = $nslcd::params::config_user, - $config_group = $nslcd::params::config_group, - $config_mode = $nslcd::params::config_mode, - $ldap_uris = $nslcd::params::ldap_uris, - $ldap_version = $nslcd::params::ldap_version, - $ldap_binddn = $nslcd::params::ldap_binddn, - $ldap_bindpw = $nslcd::params::ldap_bindpw, - $ldap_search_base = $nslcd::params::ldap_search_base, - $ldap_group_base = $nslcd::params::ldap_group_base, - $ldap_search_scope = $nslcd::params::ldap_search_scope, - $config_options = $nslcd::params::config_options, - $ldap_filters = $nslcd::params::ldap_filters, - $ldap_maps = $nslcd::params::ldap_maps, - $ldap_ssl = $nslcd::params::ldap_ssl, - $ldap_tls_reqcert = $nslcd::params::ldap_tls_reqcert, - $ldap_tls_cacertfile = $nslcd::params::ldap_tls_cacertfile, + Variant[Boolean,String[1]] $package_ensure = $nslcd::params::package_ensure, + String[1] $package_name = $nslcd::params::package_name, + Boolean $package_manage = $nslcd::params::package_manage, + Variant[Boolean,Enum['stopped','running']] $service_ensure = $nslcd::params::service_ensure, + Boolean $service_enable = $nslcd::params::service_enable, + String[1] $service_name = $nslcd::params::service_name, + Boolean $service_manage = $nslcd::params::service_manage, + String[1] $uid = $nslcd::params::uid, + String[1] $gid = $nslcd::params::gid, + Stdlib::Unixpath $config = $nslcd::params::config, + String[1] $config_user = $nslcd::params::config_user, + String[1] $config_group = $nslcd::params::config_group, + Stdlib::Filemode $config_mode = $nslcd::params::config_mode, + Array[String[1]] $ldap_uris = $nslcd::params::ldap_uris, + Enum['2','3'] $ldap_version = $nslcd::params::ldap_version, + Optional[String[1]] $ldap_binddn = $nslcd::params::ldap_binddn, + Optional[String[1]] $ldap_bindpw = $nslcd::params::ldap_bindpw, + Optional[String[1]] $ldap_search_base = $nslcd::params::ldap_search_base, + Optional[String[1]] $ldap_group_base = $nslcd::params::ldap_group_base, + Enum['sub','subtree','one','onelevel','base'] $ldap_search_scope = $nslcd::params::ldap_search_scope, + Hash $config_options = $nslcd::params::config_options, + Hash $ldap_filters = $nslcd::params::ldap_filters, + Hash $ldap_maps = $nslcd::params::ldap_maps, + Enum['on','off','start_tls'] $ldap_ssl = $nslcd::params::ldap_ssl, + Enum['never','allow','try','demand','hard' ] $ldap_tls_reqcert = $nslcd::params::ldap_tls_reqcert, + Optional[String[1]] $ldap_tls_cacertfile = $nslcd::params::ldap_tls_cacertfile, ) inherits nslcd::params { - # Input validation - $valid_ldap_versions = [ '2', '3' ] - $valid_ldap_ssl = [ 'on', 'off', 'start_tls' ] - $valid_ldap_tls_reqcert = [ 'never', 'allow', 'try', 'demand', 'hard' ] - $valid_ldap_search_scope = [ 'sub', 'subtree', 'one', 'onelevel', 'base' ] - - validate_re($ldap_version, $valid_ldap_versions) - validate_re($ldap_ssl, $valid_ldap_ssl) - validate_re($ldap_tls_reqcert, $valid_ldap_tls_reqcert) - validate_re($ldap_search_scope, $valid_ldap_search_scope) - anchor { 'nslcd::begin': } -> class { 'nslcd::install': } -> class { 'nslcd::config': } From 256f47d759a46404bea10f915c6122299b1df9d4 Mon Sep 17 00:00:00 2001 From: Nate McCurdy Date: Fri, 8 Mar 2019 11:09:38 -0800 Subject: [PATCH 2/4] Move non-calculated parameter defaults to init.pp --- manifests/init.pp | 44 ++++++++++++++++++++++---------------------- manifests/params.pp | 34 +--------------------------------- 2 files changed, 23 insertions(+), 55 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 9bc4e66..edbf76a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -2,32 +2,32 @@ # # This class manages the nslcd server and service. class nslcd ( - Variant[Boolean,String[1]] $package_ensure = $nslcd::params::package_ensure, + Variant[Boolean,String[1]] $package_ensure = 'present', String[1] $package_name = $nslcd::params::package_name, - Boolean $package_manage = $nslcd::params::package_manage, - Variant[Boolean,Enum['stopped','running']] $service_ensure = $nslcd::params::service_ensure, - Boolean $service_enable = $nslcd::params::service_enable, - String[1] $service_name = $nslcd::params::service_name, - Boolean $service_manage = $nslcd::params::service_manage, - String[1] $uid = $nslcd::params::uid, + Boolean $package_manage = true, + Variant[Boolean,Enum['stopped','running']] $service_ensure = 'running', + Boolean $service_enable = true, + String[1] $service_name = 'nslcd', + Boolean $service_manage = true, + String[1] $uid = 'nslcd', String[1] $gid = $nslcd::params::gid, - Stdlib::Unixpath $config = $nslcd::params::config, - String[1] $config_user = $nslcd::params::config_user, + Stdlib::Unixpath $config = '/etc/nslcd.conf', + String[1] $config_user = 'root', String[1] $config_group = $nslcd::params::config_group, Stdlib::Filemode $config_mode = $nslcd::params::config_mode, - Array[String[1]] $ldap_uris = $nslcd::params::ldap_uris, - Enum['2','3'] $ldap_version = $nslcd::params::ldap_version, - Optional[String[1]] $ldap_binddn = $nslcd::params::ldap_binddn, - Optional[String[1]] $ldap_bindpw = $nslcd::params::ldap_bindpw, - Optional[String[1]] $ldap_search_base = $nslcd::params::ldap_search_base, - Optional[String[1]] $ldap_group_base = $nslcd::params::ldap_group_base, - Enum['sub','subtree','one','onelevel','base'] $ldap_search_scope = $nslcd::params::ldap_search_scope, - Hash $config_options = $nslcd::params::config_options, - Hash $ldap_filters = $nslcd::params::ldap_filters, - Hash $ldap_maps = $nslcd::params::ldap_maps, - Enum['on','off','start_tls'] $ldap_ssl = $nslcd::params::ldap_ssl, - Enum['never','allow','try','demand','hard' ] $ldap_tls_reqcert = $nslcd::params::ldap_tls_reqcert, - Optional[String[1]] $ldap_tls_cacertfile = $nslcd::params::ldap_tls_cacertfile, + Array[String[1]] $ldap_uris = ['ldap:///'], + Enum['2','3'] $ldap_version = '3', + Optional[String[1]] $ldap_binddn = undef, + Optional[String[1]] $ldap_bindpw = undef, + Optional[String[1]] $ldap_search_base = undef, + Optional[String[1]] $ldap_group_base = undef, + Enum['sub','subtree','one','onelevel','base'] $ldap_search_scope = 'subtree', + Hash $config_options = {}, + Hash $ldap_filters = {}, + Hash $ldap_maps = {}, + Enum['on','off','start_tls'] $ldap_ssl = 'off', + Enum['never','allow','try','demand','hard' ] $ldap_tls_reqcert = 'allow', + Optional[String[1]] $ldap_tls_cacertfile = undef, ) inherits nslcd::params { anchor { 'nslcd::begin': } diff --git a/manifests/params.pp b/manifests/params.pp index 54172b2..68bddf6 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -3,48 +3,16 @@ # Sets the default parameters for the nslcd class. class nslcd::params { - $package_ensure = present - $package_manage = true - $service_ensure = running - $service_enable = true - $service_manage = true - - $ldap_uris = ['ldap:///'] - $ldap_version = '3' - $ldap_binddn = undef - $ldap_bindpw = undef - $ldap_search_base = undef - $ldap_group_base = undef - $ldap_search_scope = 'subtree' - $config_options = {} - $ldap_filters = {} - $ldap_maps = {} - $ldap_ssl = 'off' - $ldap_tls_reqcert = 'allow' - $ldap_tls_cacertfile = undef - - $default_config = '/etc/nslcd.conf' - $default_package_name = 'nslcd' - $default_service_name = 'nslcd' - case $::osfamily { 'Debian': { - $config = $default_config - $package_name = $default_package_name - $service_name = $default_service_name - $uid = 'nslcd' + $package_name = 'nslcd' $gid = 'nslcd' - $config_user = 'root' $config_group = 'nslcd' $config_mode = '0640' } 'RedHat': { - $config = $default_config $package_name = 'nss-pam-ldapd' - $service_name = $default_service_name - $uid = 'nslcd' $gid = 'ldap' - $config_user = 'root' $config_group = 'root' $config_mode = '0600' } From 19f388222d719fdacbd17af7e88faec58d5c532c Mon Sep 17 00:00:00 2001 From: Nate McCurdy Date: Fri, 8 Mar 2019 11:11:21 -0800 Subject: [PATCH 3/4] Fix spacing and indentation in metadata.json --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 2cba409..fe3b7bb 100644 --- a/metadata.json +++ b/metadata.json @@ -26,7 +26,7 @@ "operatingsystemrelease": [ "14.04", "16.04", - "18.04" + "18.04" ] } ], From 390d5a40e4d044187104fdfcc67c324fbde7e5e7 Mon Sep 17 00:00:00 2001 From: Nate McCurdy Date: Fri, 8 Mar 2019 11:12:44 -0800 Subject: [PATCH 4/4] Use the contain function instead of anchors --- manifests/init.pp | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index edbf76a..a8911e5 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -30,10 +30,12 @@ class nslcd ( Optional[String[1]] $ldap_tls_cacertfile = undef, ) inherits nslcd::params { - anchor { 'nslcd::begin': } - -> class { 'nslcd::install': } - -> class { 'nslcd::config': } - ~> class { 'nslcd::service': } - -> anchor { 'nslcd::end': } + contain nslcd::install + contain nslcd::config + contain nslcd::service + + Class['nslcd::install'] + -> Class['nslcd::config'] + ~> Class['nslcd::service'] }