Upgrade module to version 0.4.2 (see changelog)
This commit is contained in:
parent
c63004c8fe
commit
8b46443435
6
.devcontainer/Dockerfile
Normal file
6
.devcontainer/Dockerfile
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
FROM puppet/pdk:latest
|
||||||
|
|
||||||
|
# [Optional] Uncomment this section to install additional packages.
|
||||||
|
# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
|
||||||
|
# && apt-get -y install --no-install-recommends <your-package-list-here>
|
||||||
|
|
34
.devcontainer/README.md
Normal file
34
.devcontainer/README.md
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
# devcontainer
|
||||||
|
|
||||||
|
|
||||||
|
For format details, see https://aka.ms/devcontainer.json.
|
||||||
|
|
||||||
|
For config options, see the README at:
|
||||||
|
https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet
|
||||||
|
|
||||||
|
``` json
|
||||||
|
{
|
||||||
|
"name": "Puppet Development Kit (Community)",
|
||||||
|
"dockerFile": "Dockerfile",
|
||||||
|
|
||||||
|
// Set *default* container specific settings.json values on container create.
|
||||||
|
"settings": {
|
||||||
|
"terminal.integrated.shell.linux": "/bin/bash"
|
||||||
|
},
|
||||||
|
|
||||||
|
// Add the IDs of extensions you want installed when the container is created.
|
||||||
|
"extensions": [
|
||||||
|
"puppet.puppet-vscode",
|
||||||
|
"rebornix.Ruby"
|
||||||
|
]
|
||||||
|
|
||||||
|
// Use 'forwardPorts' to make a list of ports inside the container available locally.
|
||||||
|
"forwardPorts": [],
|
||||||
|
|
||||||
|
// Use 'postCreateCommand' to run commands after the container is created.
|
||||||
|
"postCreateCommand": "pdk --version",
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
17
.devcontainer/devcontainer.json
Normal file
17
.devcontainer/devcontainer.json
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
{
|
||||||
|
"name": "Puppet Development Kit (Community)",
|
||||||
|
"dockerFile": "Dockerfile",
|
||||||
|
|
||||||
|
"settings": {
|
||||||
|
"terminal.integrated.profiles.linux": {
|
||||||
|
"bash": {
|
||||||
|
"path": "bash",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
|
||||||
|
"extensions": [
|
||||||
|
"puppet.puppet-vscode",
|
||||||
|
"rebornix.Ruby"
|
||||||
|
]
|
||||||
|
}
|
@ -1,5 +1,6 @@
|
|||||||
|
# This file can be used to install module dependencies for unit testing
|
||||||
|
# See https://github.com/puppetlabs/puppetlabs_spec_helper#using-fixtures for details
|
||||||
|
---
|
||||||
fixtures:
|
fixtures:
|
||||||
repositories:
|
forge_modules:
|
||||||
"stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git"
|
# stdlib: "puppetlabs/stdlib"
|
||||||
symlinks:
|
|
||||||
"nslcd": "#{source_dir}"
|
|
||||||
|
5
.gitattributes
vendored
Normal file
5
.gitattributes
vendored
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
*.rb eol=lf
|
||||||
|
*.erb eol=lf
|
||||||
|
*.pp eol=lf
|
||||||
|
*.sh eol=lf
|
||||||
|
*.epp eol=lf
|
4
.gitignore
vendored
4
.gitignore
vendored
@ -22,3 +22,7 @@
|
|||||||
/convert_report.txt
|
/convert_report.txt
|
||||||
/update_report.txt
|
/update_report.txt
|
||||||
.DS_Store
|
.DS_Store
|
||||||
|
.project
|
||||||
|
.envrc
|
||||||
|
/inventory.yaml
|
||||||
|
/spec/fixtures/litmus_inventory.yaml
|
||||||
|
@ -3,39 +3,51 @@ stages:
|
|||||||
- syntax
|
- syntax
|
||||||
- unit
|
- unit
|
||||||
|
|
||||||
cache:
|
default:
|
||||||
|
cache:
|
||||||
paths:
|
paths:
|
||||||
- vendor/bundle
|
- vendor/bundle
|
||||||
|
|
||||||
before_script:
|
before_script: &before_script
|
||||||
- bundle -v
|
- bundle -v
|
||||||
- rm Gemfile.lock || true
|
- rm Gemfile.lock || true
|
||||||
- gem update --system
|
- "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner"
|
||||||
|
- "# Set `rubygems_version` in the .sync.yml to set a value"
|
||||||
|
- "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set"
|
||||||
|
- '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION'
|
||||||
- gem --version
|
- gem --version
|
||||||
- bundle -v
|
- bundle -v
|
||||||
- bundle install --without system_tests --path vendor/bundle --jobs $(nproc)
|
- bundle install --without system_tests --path vendor/bundle --jobs $(nproc)
|
||||||
|
|
||||||
parallel_spec-Ruby 2.1.9-Puppet ~> 4.0:
|
validate lint check rubocop-Ruby 2.5.7-Puppet ~> 6:
|
||||||
stage: unit
|
|
||||||
image: ruby:2.1.9
|
|
||||||
script:
|
|
||||||
- bundle exec rake parallel_spec
|
|
||||||
variables:
|
|
||||||
PUPPET_GEM_VERSION: '~> 4.0'
|
|
||||||
|
|
||||||
syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop-Ruby 2.4.4-Puppet ~> 5.5:
|
|
||||||
stage: syntax
|
stage: syntax
|
||||||
image: ruby:2.4.4
|
image: ruby:2.5.7
|
||||||
script:
|
script:
|
||||||
- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop
|
- bundle exec rake validate lint check rubocop
|
||||||
variables:
|
variables:
|
||||||
PUPPET_GEM_VERSION: '~> 5.5'
|
PUPPET_GEM_VERSION: '~> 6'
|
||||||
|
|
||||||
parallel_spec-Ruby 2.4.4-Puppet ~> 5.5:
|
parallel_spec-Ruby 2.5.7-Puppet ~> 6:
|
||||||
stage: unit
|
stage: unit
|
||||||
image: ruby:2.4.4
|
image: ruby:2.5.7
|
||||||
script:
|
script:
|
||||||
- bundle exec rake parallel_spec
|
- bundle exec rake parallel_spec
|
||||||
variables:
|
variables:
|
||||||
PUPPET_GEM_VERSION: '~> 5.5'
|
PUPPET_GEM_VERSION: '~> 6'
|
||||||
|
|
||||||
|
validate lint check rubocop-Ruby 2.7.2-Puppet ~> 7:
|
||||||
|
stage: syntax
|
||||||
|
image: ruby:2.7.2
|
||||||
|
script:
|
||||||
|
- bundle exec rake validate lint check rubocop
|
||||||
|
variables:
|
||||||
|
PUPPET_GEM_VERSION: '~> 7'
|
||||||
|
|
||||||
|
parallel_spec-Ruby 2.7.2-Puppet ~> 7:
|
||||||
|
stage: unit
|
||||||
|
image: ruby:2.7.2
|
||||||
|
script:
|
||||||
|
- bundle exec rake parallel_spec
|
||||||
|
variables:
|
||||||
|
PUPPET_GEM_VERSION: '~> 7'
|
||||||
|
|
||||||
|
23
.pdkignore
23
.pdkignore
@ -22,3 +22,26 @@
|
|||||||
/convert_report.txt
|
/convert_report.txt
|
||||||
/update_report.txt
|
/update_report.txt
|
||||||
.DS_Store
|
.DS_Store
|
||||||
|
.project
|
||||||
|
.envrc
|
||||||
|
/inventory.yaml
|
||||||
|
/spec/fixtures/litmus_inventory.yaml
|
||||||
|
/appveyor.yml
|
||||||
|
/.editorconfig
|
||||||
|
/.fixtures.yml
|
||||||
|
/Gemfile
|
||||||
|
/.gitattributes
|
||||||
|
/.gitignore
|
||||||
|
/.gitlab-ci.yml
|
||||||
|
/.pdkignore
|
||||||
|
/.puppet-lint.rc
|
||||||
|
/Rakefile
|
||||||
|
/rakelib/
|
||||||
|
/.rspec
|
||||||
|
/.rubocop.yml
|
||||||
|
/.travis.yml
|
||||||
|
/.yardopts
|
||||||
|
/spec/
|
||||||
|
/.vscode/
|
||||||
|
/.sync.yml
|
||||||
|
/.devcontainer/
|
||||||
|
1
.puppet-lint.rc
Normal file
1
.puppet-lint.rc
Normal file
@ -0,0 +1 @@
|
|||||||
|
--relative
|
413
.rubocop.yml
413
.rubocop.yml
@ -1,10 +1,12 @@
|
|||||||
---
|
---
|
||||||
require: rubocop-rspec
|
require:
|
||||||
|
- rubocop-performance
|
||||||
|
- rubocop-rspec
|
||||||
AllCops:
|
AllCops:
|
||||||
DisplayCopNames: true
|
DisplayCopNames: true
|
||||||
TargetRubyVersion: '2.1'
|
TargetRubyVersion: '2.4'
|
||||||
Include:
|
Include:
|
||||||
- "./**/*.rb"
|
- "**/*.rb"
|
||||||
Exclude:
|
Exclude:
|
||||||
- bin/*
|
- bin/*
|
||||||
- ".vendor/**/*"
|
- ".vendor/**/*"
|
||||||
@ -16,7 +18,7 @@ AllCops:
|
|||||||
- "**/Puppetfile"
|
- "**/Puppetfile"
|
||||||
- "**/Vagrantfile"
|
- "**/Vagrantfile"
|
||||||
- "**/Guardfile"
|
- "**/Guardfile"
|
||||||
Metrics/LineLength:
|
Layout/LineLength:
|
||||||
Description: People have wide screens, use them.
|
Description: People have wide screens, use them.
|
||||||
Max: 200
|
Max: 200
|
||||||
RSpec/BeforeAfterAll:
|
RSpec/BeforeAfterAll:
|
||||||
@ -27,6 +29,9 @@ RSpec/BeforeAfterAll:
|
|||||||
RSpec/HookArgument:
|
RSpec/HookArgument:
|
||||||
Description: Prefer explicit :each argument, matching existing module's style
|
Description: Prefer explicit :each argument, matching existing module's style
|
||||||
EnforcedStyle: each
|
EnforcedStyle: each
|
||||||
|
RSpec/DescribeSymbol:
|
||||||
|
Exclude:
|
||||||
|
- spec/unit/facter/**/*.rb
|
||||||
Style/BlockDelimiters:
|
Style/BlockDelimiters:
|
||||||
Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to
|
Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to
|
||||||
be consistent then.
|
be consistent then.
|
||||||
@ -59,7 +64,7 @@ Style/TrailingCommaInArguments:
|
|||||||
Description: Prefer always trailing comma on multiline argument lists. This makes
|
Description: Prefer always trailing comma on multiline argument lists. This makes
|
||||||
diffs, and re-ordering nicer.
|
diffs, and re-ordering nicer.
|
||||||
EnforcedStyleForMultiline: comma
|
EnforcedStyleForMultiline: comma
|
||||||
Style/TrailingCommaInLiteral:
|
Style/TrailingCommaInArrayLiteral:
|
||||||
Description: Prefer always trailing comma on multiline literals. This makes diffs,
|
Description: Prefer always trailing comma on multiline literals. This makes diffs,
|
||||||
and re-ordering nicer.
|
and re-ordering nicer.
|
||||||
EnforcedStyleForMultiline: comma
|
EnforcedStyleForMultiline: comma
|
||||||
@ -74,20 +79,170 @@ Style/Documentation:
|
|||||||
- spec/**/*
|
- spec/**/*
|
||||||
Style/WordArray:
|
Style/WordArray:
|
||||||
EnforcedStyle: brackets
|
EnforcedStyle: brackets
|
||||||
|
Performance/AncestorsInclude:
|
||||||
|
Enabled: true
|
||||||
|
Performance/BigDecimalWithNumericArgument:
|
||||||
|
Enabled: true
|
||||||
|
Performance/BlockGivenWithExplicitBlock:
|
||||||
|
Enabled: true
|
||||||
|
Performance/CaseWhenSplat:
|
||||||
|
Enabled: true
|
||||||
|
Performance/ConstantRegexp:
|
||||||
|
Enabled: true
|
||||||
|
Performance/MethodObjectAsBlock:
|
||||||
|
Enabled: true
|
||||||
|
Performance/RedundantSortBlock:
|
||||||
|
Enabled: true
|
||||||
|
Performance/RedundantStringChars:
|
||||||
|
Enabled: true
|
||||||
|
Performance/ReverseFirst:
|
||||||
|
Enabled: true
|
||||||
|
Performance/SortReverse:
|
||||||
|
Enabled: true
|
||||||
|
Performance/Squeeze:
|
||||||
|
Enabled: true
|
||||||
|
Performance/StringInclude:
|
||||||
|
Enabled: true
|
||||||
|
Performance/Sum:
|
||||||
|
Enabled: true
|
||||||
Style/CollectionMethods:
|
Style/CollectionMethods:
|
||||||
Enabled: true
|
Enabled: true
|
||||||
Style/MethodCalledOnDoEndBlock:
|
Style/MethodCalledOnDoEndBlock:
|
||||||
Enabled: true
|
Enabled: true
|
||||||
Style/StringMethods:
|
Style/StringMethods:
|
||||||
Enabled: true
|
Enabled: true
|
||||||
|
Bundler/InsecureProtocolSource:
|
||||||
|
Enabled: false
|
||||||
|
Gemspec/DuplicatedAssignment:
|
||||||
|
Enabled: false
|
||||||
|
Gemspec/OrderedDependencies:
|
||||||
|
Enabled: false
|
||||||
|
Gemspec/RequiredRubyVersion:
|
||||||
|
Enabled: false
|
||||||
|
Gemspec/RubyVersionGlobalsUsage:
|
||||||
|
Enabled: false
|
||||||
|
Layout/ArgumentAlignment:
|
||||||
|
Enabled: false
|
||||||
|
Layout/BeginEndAlignment:
|
||||||
|
Enabled: false
|
||||||
|
Layout/ClosingHeredocIndentation:
|
||||||
|
Enabled: false
|
||||||
|
Layout/EmptyComment:
|
||||||
|
Enabled: false
|
||||||
|
Layout/EmptyLineAfterGuardClause:
|
||||||
|
Enabled: false
|
||||||
|
Layout/EmptyLinesAroundArguments:
|
||||||
|
Enabled: false
|
||||||
|
Layout/EmptyLinesAroundAttributeAccessor:
|
||||||
|
Enabled: false
|
||||||
Layout/EndOfLine:
|
Layout/EndOfLine:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
Layout/FirstArgumentIndentation:
|
||||||
|
Enabled: false
|
||||||
|
Layout/HashAlignment:
|
||||||
|
Enabled: false
|
||||||
Layout/HeredocIndentation:
|
Layout/HeredocIndentation:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
Layout/LeadingEmptyLines:
|
||||||
|
Enabled: false
|
||||||
|
Layout/SpaceAroundMethodCallOperator:
|
||||||
|
Enabled: false
|
||||||
|
Layout/SpaceInsideArrayLiteralBrackets:
|
||||||
|
Enabled: false
|
||||||
|
Layout/SpaceInsideReferenceBrackets:
|
||||||
|
Enabled: false
|
||||||
|
Lint/BigDecimalNew:
|
||||||
|
Enabled: false
|
||||||
|
Lint/BooleanSymbol:
|
||||||
|
Enabled: false
|
||||||
|
Lint/ConstantDefinitionInBlock:
|
||||||
|
Enabled: false
|
||||||
|
Lint/DeprecatedOpenSSLConstant:
|
||||||
|
Enabled: false
|
||||||
|
Lint/DisjunctiveAssignmentInConstructor:
|
||||||
|
Enabled: false
|
||||||
|
Lint/DuplicateElsifCondition:
|
||||||
|
Enabled: false
|
||||||
|
Lint/DuplicateRequire:
|
||||||
|
Enabled: false
|
||||||
|
Lint/DuplicateRescueException:
|
||||||
|
Enabled: false
|
||||||
|
Lint/EmptyConditionalBody:
|
||||||
|
Enabled: false
|
||||||
|
Lint/EmptyFile:
|
||||||
|
Enabled: false
|
||||||
|
Lint/ErbNewArguments:
|
||||||
|
Enabled: false
|
||||||
|
Lint/FloatComparison:
|
||||||
|
Enabled: false
|
||||||
|
Lint/HashCompareByIdentity:
|
||||||
|
Enabled: false
|
||||||
|
Lint/IdentityComparison:
|
||||||
|
Enabled: false
|
||||||
|
Lint/InterpolationCheck:
|
||||||
|
Enabled: false
|
||||||
|
Lint/MissingCopEnableDirective:
|
||||||
|
Enabled: false
|
||||||
|
Lint/MixedRegexpCaptureTypes:
|
||||||
|
Enabled: false
|
||||||
|
Lint/NestedPercentLiteral:
|
||||||
|
Enabled: false
|
||||||
|
Lint/NonDeterministicRequireOrder:
|
||||||
|
Enabled: false
|
||||||
|
Lint/OrderedMagicComments:
|
||||||
|
Enabled: false
|
||||||
|
Lint/OutOfRangeRegexpRef:
|
||||||
|
Enabled: false
|
||||||
|
Lint/RaiseException:
|
||||||
|
Enabled: false
|
||||||
|
Lint/RedundantCopEnableDirective:
|
||||||
|
Enabled: false
|
||||||
|
Lint/RedundantRequireStatement:
|
||||||
|
Enabled: false
|
||||||
|
Lint/RedundantSafeNavigation:
|
||||||
|
Enabled: false
|
||||||
|
Lint/RedundantWithIndex:
|
||||||
|
Enabled: false
|
||||||
|
Lint/RedundantWithObject:
|
||||||
|
Enabled: false
|
||||||
|
Lint/RegexpAsCondition:
|
||||||
|
Enabled: false
|
||||||
|
Lint/ReturnInVoidContext:
|
||||||
|
Enabled: false
|
||||||
|
Lint/SafeNavigationConsistency:
|
||||||
|
Enabled: false
|
||||||
|
Lint/SafeNavigationWithEmpty:
|
||||||
|
Enabled: false
|
||||||
|
Lint/SelfAssignment:
|
||||||
|
Enabled: false
|
||||||
|
Lint/SendWithMixinArgument:
|
||||||
|
Enabled: false
|
||||||
|
Lint/ShadowedArgument:
|
||||||
|
Enabled: false
|
||||||
|
Lint/StructNewOverride:
|
||||||
|
Enabled: false
|
||||||
|
Lint/ToJSON:
|
||||||
|
Enabled: false
|
||||||
|
Lint/TopLevelReturnWithArgument:
|
||||||
|
Enabled: false
|
||||||
|
Lint/TrailingCommaInAttributeDeclaration:
|
||||||
|
Enabled: false
|
||||||
|
Lint/UnreachableLoop:
|
||||||
|
Enabled: false
|
||||||
|
Lint/UriEscapeUnescape:
|
||||||
|
Enabled: false
|
||||||
|
Lint/UriRegexp:
|
||||||
|
Enabled: false
|
||||||
|
Lint/UselessMethodDefinition:
|
||||||
|
Enabled: false
|
||||||
|
Lint/UselessTimes:
|
||||||
|
Enabled: false
|
||||||
Metrics/AbcSize:
|
Metrics/AbcSize:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
Metrics/BlockLength:
|
Metrics/BlockLength:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
Metrics/BlockNesting:
|
||||||
|
Enabled: false
|
||||||
Metrics/ClassLength:
|
Metrics/ClassLength:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
Metrics/CyclomaticComplexity:
|
Metrics/CyclomaticComplexity:
|
||||||
@ -100,19 +255,265 @@ Metrics/ParameterLists:
|
|||||||
Enabled: false
|
Enabled: false
|
||||||
Metrics/PerceivedComplexity:
|
Metrics/PerceivedComplexity:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
Migration/DepartmentName:
|
||||||
|
Enabled: false
|
||||||
|
Naming/AccessorMethodName:
|
||||||
|
Enabled: false
|
||||||
|
Naming/BlockParameterName:
|
||||||
|
Enabled: false
|
||||||
|
Naming/HeredocDelimiterCase:
|
||||||
|
Enabled: false
|
||||||
|
Naming/HeredocDelimiterNaming:
|
||||||
|
Enabled: false
|
||||||
|
Naming/MemoizedInstanceVariableName:
|
||||||
|
Enabled: false
|
||||||
|
Naming/MethodParameterName:
|
||||||
|
Enabled: false
|
||||||
|
Naming/RescuedExceptionsVariableName:
|
||||||
|
Enabled: false
|
||||||
|
Naming/VariableNumber:
|
||||||
|
Enabled: false
|
||||||
|
Performance/BindCall:
|
||||||
|
Enabled: false
|
||||||
|
Performance/DeletePrefix:
|
||||||
|
Enabled: false
|
||||||
|
Performance/DeleteSuffix:
|
||||||
|
Enabled: false
|
||||||
|
Performance/InefficientHashSearch:
|
||||||
|
Enabled: false
|
||||||
|
Performance/UnfreezeString:
|
||||||
|
Enabled: false
|
||||||
|
Performance/UriDefaultParser:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/Be:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/Capybara/CurrentPathExpectation:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/Capybara/FeatureMethods:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/Capybara/VisibilityMatcher:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/ContextMethod:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/ContextWording:
|
||||||
|
Enabled: false
|
||||||
RSpec/DescribeClass:
|
RSpec/DescribeClass:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
RSpec/EmptyHook:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/EmptyLineAfterExample:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/EmptyLineAfterExampleGroup:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/EmptyLineAfterHook:
|
||||||
|
Enabled: false
|
||||||
RSpec/ExampleLength:
|
RSpec/ExampleLength:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
RSpec/MessageExpectation:
|
RSpec/ExampleWithoutDescription:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/ExpectChange:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/ExpectInHook:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/FactoryBot/AttributeDefinedStatically:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/FactoryBot/CreateList:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/FactoryBot/FactoryClassName:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/HooksBeforeExamples:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/ImplicitBlockExpectation:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/ImplicitSubject:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/LeakyConstantDeclaration:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/LetBeforeExamples:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/MissingExampleGroupArgument:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
RSpec/MultipleExpectations:
|
RSpec/MultipleExpectations:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
RSpec/MultipleMemoizedHelpers:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/MultipleSubjects:
|
||||||
|
Enabled: false
|
||||||
RSpec/NestedGroups:
|
RSpec/NestedGroups:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
RSpec/PredicateMatcher:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/ReceiveCounts:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/ReceiveNever:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/RepeatedExampleGroupBody:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/RepeatedExampleGroupDescription:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/RepeatedIncludeExample:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/ReturnFromStub:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/SharedExamples:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/StubbedMock:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/UnspecifiedException:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/VariableDefinition:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/VoidExpect:
|
||||||
|
Enabled: false
|
||||||
|
RSpec/Yield:
|
||||||
|
Enabled: false
|
||||||
|
Security/Open:
|
||||||
|
Enabled: false
|
||||||
|
Style/AccessModifierDeclarations:
|
||||||
|
Enabled: false
|
||||||
|
Style/AccessorGrouping:
|
||||||
|
Enabled: false
|
||||||
Style/AsciiComments:
|
Style/AsciiComments:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
Style/BisectedAttrAccessor:
|
||||||
|
Enabled: false
|
||||||
|
Style/CaseLikeIf:
|
||||||
|
Enabled: false
|
||||||
|
Style/ClassEqualityComparison:
|
||||||
|
Enabled: false
|
||||||
|
Style/ColonMethodDefinition:
|
||||||
|
Enabled: false
|
||||||
|
Style/CombinableLoops:
|
||||||
|
Enabled: false
|
||||||
|
Style/CommentedKeyword:
|
||||||
|
Enabled: false
|
||||||
|
Style/Dir:
|
||||||
|
Enabled: false
|
||||||
|
Style/DoubleCopDisableDirective:
|
||||||
|
Enabled: false
|
||||||
|
Style/EmptyBlockParameter:
|
||||||
|
Enabled: false
|
||||||
|
Style/EmptyLambdaParameter:
|
||||||
|
Enabled: false
|
||||||
|
Style/Encoding:
|
||||||
|
Enabled: false
|
||||||
|
Style/EvalWithLocation:
|
||||||
|
Enabled: false
|
||||||
|
Style/ExpandPathArguments:
|
||||||
|
Enabled: false
|
||||||
|
Style/ExplicitBlockArgument:
|
||||||
|
Enabled: false
|
||||||
|
Style/ExponentialNotation:
|
||||||
|
Enabled: false
|
||||||
|
Style/FloatDivision:
|
||||||
|
Enabled: false
|
||||||
|
Style/FrozenStringLiteralComment:
|
||||||
|
Enabled: false
|
||||||
|
Style/GlobalStdStream:
|
||||||
|
Enabled: false
|
||||||
|
Style/HashAsLastArrayItem:
|
||||||
|
Enabled: false
|
||||||
|
Style/HashLikeCase:
|
||||||
|
Enabled: false
|
||||||
|
Style/HashTransformKeys:
|
||||||
|
Enabled: false
|
||||||
|
Style/HashTransformValues:
|
||||||
|
Enabled: false
|
||||||
Style/IfUnlessModifier:
|
Style/IfUnlessModifier:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
Style/KeywordParametersOrder:
|
||||||
|
Enabled: false
|
||||||
|
Style/MinMax:
|
||||||
|
Enabled: false
|
||||||
|
Style/MixinUsage:
|
||||||
|
Enabled: false
|
||||||
|
Style/MultilineWhenThen:
|
||||||
|
Enabled: false
|
||||||
|
Style/NegatedUnless:
|
||||||
|
Enabled: false
|
||||||
|
Style/NumericPredicate:
|
||||||
|
Enabled: false
|
||||||
|
Style/OptionalBooleanParameter:
|
||||||
|
Enabled: false
|
||||||
|
Style/OrAssignment:
|
||||||
|
Enabled: false
|
||||||
|
Style/RandomWithOffset:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantAssignment:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantCondition:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantConditional:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantFetchBlock:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantFileExtensionInRequire:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantRegexpCharacterClass:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantRegexpEscape:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantSelfAssignment:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantSort:
|
||||||
|
Enabled: false
|
||||||
|
Style/RescueStandardError:
|
||||||
|
Enabled: false
|
||||||
|
Style/SingleArgumentDig:
|
||||||
|
Enabled: false
|
||||||
|
Style/SlicingWithRange:
|
||||||
|
Enabled: false
|
||||||
|
Style/SoleNestedConditional:
|
||||||
|
Enabled: false
|
||||||
|
Style/StderrPuts:
|
||||||
|
Enabled: false
|
||||||
|
Style/StringConcatenation:
|
||||||
|
Enabled: false
|
||||||
|
Style/Strip:
|
||||||
|
Enabled: false
|
||||||
Style/SymbolProc:
|
Style/SymbolProc:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
Style/TrailingBodyOnClass:
|
||||||
|
Enabled: false
|
||||||
|
Style/TrailingBodyOnMethodDefinition:
|
||||||
|
Enabled: false
|
||||||
|
Style/TrailingBodyOnModule:
|
||||||
|
Enabled: false
|
||||||
|
Style/TrailingCommaInHashLiteral:
|
||||||
|
Enabled: false
|
||||||
|
Style/TrailingMethodEndStatement:
|
||||||
|
Enabled: false
|
||||||
|
Style/UnpackFirst:
|
||||||
|
Enabled: false
|
||||||
|
Lint/DuplicateBranch:
|
||||||
|
Enabled: false
|
||||||
|
Lint/DuplicateRegexpCharacterClassElement:
|
||||||
|
Enabled: false
|
||||||
|
Lint/EmptyBlock:
|
||||||
|
Enabled: false
|
||||||
|
Lint/EmptyClass:
|
||||||
|
Enabled: false
|
||||||
|
Lint/NoReturnInBeginEndBlocks:
|
||||||
|
Enabled: false
|
||||||
|
Lint/ToEnumArguments:
|
||||||
|
Enabled: false
|
||||||
|
Lint/UnexpectedBlockArity:
|
||||||
|
Enabled: false
|
||||||
|
Lint/UnmodifiedReduceAccumulator:
|
||||||
|
Enabled: false
|
||||||
|
Performance/CollectionLiteralInLoop:
|
||||||
|
Enabled: false
|
||||||
|
Style/ArgumentsForwarding:
|
||||||
|
Enabled: false
|
||||||
|
Style/CollectionCompact:
|
||||||
|
Enabled: false
|
||||||
|
Style/DocumentDynamicEvalDefinition:
|
||||||
|
Enabled: false
|
||||||
|
Style/NegatedIfElseCondition:
|
||||||
|
Enabled: false
|
||||||
|
Style/NilLambda:
|
||||||
|
Enabled: false
|
||||||
|
Style/RedundantArgument:
|
||||||
|
Enabled: false
|
||||||
|
Style/SwapValues:
|
||||||
|
Enabled: false
|
||||||
|
8
.sync.yml
Normal file
8
.sync.yml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
# This file can be used to customize the files managed by PDK.
|
||||||
|
#
|
||||||
|
# See https://github.com/puppetlabs/pdk-templates/blob/main/README.md
|
||||||
|
# for more information.
|
||||||
|
#
|
||||||
|
# See https://github.com/puppetlabs/pdk-templates/blob/main/config_defaults.yml
|
||||||
|
# for the default values.
|
||||||
|
--- {}
|
45
.travis.yml
45
.travis.yml
@ -1,44 +1,45 @@
|
|||||||
---
|
---
|
||||||
sudo: false
|
os: linux
|
||||||
dist: trusty
|
dist: xenial
|
||||||
language: ruby
|
language: ruby
|
||||||
cache: bundler
|
cache: bundler
|
||||||
before_install:
|
before_install:
|
||||||
- bundle -v
|
- bundle -v
|
||||||
- rm -f Gemfile.lock
|
- rm -f Gemfile.lock
|
||||||
- gem update --system
|
- "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner"
|
||||||
|
- "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used"
|
||||||
|
- "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set"
|
||||||
|
- '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION'
|
||||||
- gem --version
|
- gem --version
|
||||||
- bundle -v
|
- bundle -v
|
||||||
script:
|
script:
|
||||||
- 'bundle exec rake $CHECK'
|
- 'bundle exec rake $CHECK'
|
||||||
bundler_args: --without system_tests
|
bundler_args: --without system_tests
|
||||||
rvm:
|
rvm:
|
||||||
- 2.4.4
|
- 2.5.7
|
||||||
env:
|
stages:
|
||||||
global:
|
- static
|
||||||
- BEAKER_PUPPET_COLLECTION=puppet5 PUPPET_GEM_VERSION="~> 5.0"
|
- spec
|
||||||
matrix:
|
- acceptance
|
||||||
|
-
|
||||||
|
if: tag =~ ^v\d
|
||||||
|
name: deploy
|
||||||
|
jobs:
|
||||||
fast_finish: true
|
fast_finish: true
|
||||||
include:
|
include:
|
||||||
-
|
-
|
||||||
env: CHECK="syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop"
|
env: CHECK="validate lint check rubocop"
|
||||||
|
stage: static
|
||||||
-
|
-
|
||||||
env: CHECK=parallel_spec
|
env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec
|
||||||
|
rvm: 2.5.7
|
||||||
|
stage: spec
|
||||||
-
|
-
|
||||||
env: PUPPET_GEM_VERSION="~> 4.0" CHECK=parallel_spec
|
env: DEPLOY_TO_FORGE=yes
|
||||||
rvm: 2.1.9
|
stage: deploy
|
||||||
branches:
|
branches:
|
||||||
only:
|
only:
|
||||||
- master
|
- main
|
||||||
- /^v\d/
|
- /^v\d/
|
||||||
notifications:
|
notifications:
|
||||||
email: false
|
email: false
|
||||||
deploy:
|
|
||||||
provider: puppetforge
|
|
||||||
user: puppet
|
|
||||||
password:
|
|
||||||
secure: ""
|
|
||||||
on:
|
|
||||||
tags: true
|
|
||||||
all_branches: true
|
|
||||||
condition: "$DEPLOY_TO_FORGE = yes"
|
|
||||||
|
6
.vscode/extensions.json
vendored
Normal file
6
.vscode/extensions.json
vendored
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
{
|
||||||
|
"recommendations": [
|
||||||
|
"puppet.puppet-vscode",
|
||||||
|
"rebornix.Ruby"
|
||||||
|
]
|
||||||
|
}
|
13
CHANGELOG.md
13
CHANGELOG.md
@ -2,6 +2,19 @@
|
|||||||
|
|
||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
|
|
||||||
|
## 0.4.2 (2021-05-11)
|
||||||
|
|
||||||
|
### Addition
|
||||||
|
|
||||||
|
- New parameters (bind_timelimit, timelimit, idle_timelimit, reconnect_sleeptime, reconnect_retrytime)
|
||||||
|
- New Hiera example files
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
- Documentation reviewed and improved
|
||||||
|
- ldap_search_base parameter is now optional
|
||||||
|
- Module converted to the latest version of PDK (2.2.0)
|
||||||
|
|
||||||
## 0.4.1 (2019-03-11)
|
## 0.4.1 (2019-03-11)
|
||||||
|
|
||||||
### [Related PR : https://github.com/geekix/puppet-nslcd/pull/18]
|
### [Related PR : https://github.com/geekix/puppet-nslcd/pull/18]
|
||||||
|
52
Gemfile
52
Gemfile
@ -1,42 +1,36 @@
|
|||||||
source ENV['GEM_SOURCE'] || 'https://rubygems.org'
|
source ENV['GEM_SOURCE'] || 'https://rubygems.org'
|
||||||
|
|
||||||
def location_for(place_or_version, fake_version = nil)
|
def location_for(place_or_version, fake_version = nil)
|
||||||
if place_or_version =~ %r{\A(git[:@][^#]*)#(.*)}
|
git_url_regex = %r{\A(?<url>(https?|git)[:@][^#]*)(#(?<branch>.*))?}
|
||||||
[fake_version, { git: Regexp.last_match(1), branch: Regexp.last_match(2), require: false }].compact
|
file_url_regex = %r{\Afile:\/\/(?<path>.*)}
|
||||||
elsif place_or_version =~ %r{\Afile:\/\/(.*)}
|
|
||||||
['>= 0', { path: File.expand_path(Regexp.last_match(1)), require: false }]
|
if place_or_version && (git_url = place_or_version.match(git_url_regex))
|
||||||
|
[fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact
|
||||||
|
elsif place_or_version && (file_url = place_or_version.match(file_url_regex))
|
||||||
|
['>= 0', { path: File.expand_path(file_url[:path]), require: false }]
|
||||||
else
|
else
|
||||||
[place_or_version, { require: false }]
|
[place_or_version, { require: false }]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def gem_type(place_or_version)
|
|
||||||
if place_or_version =~ %r{\Agit[:@]}
|
|
||||||
:git
|
|
||||||
elsif !place_or_version.nil? && place_or_version.start_with?('file:')
|
|
||||||
:file
|
|
||||||
else
|
|
||||||
:gem
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
|
ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
|
||||||
minor_version = ruby_version_segments[0..1].join('.')
|
minor_version = ruby_version_segments[0..1].join('.')
|
||||||
|
|
||||||
group :development do
|
group :development do
|
||||||
gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0')
|
gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
|
||||||
gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0')
|
gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
|
||||||
gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0')
|
gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
|
||||||
gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9')
|
gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
|
||||||
gem "json", '<= 2.0.4', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.4.4')
|
gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
|
||||||
gem "puppet-module-posix-default-r#{minor_version}", require: false, platforms: [:ruby]
|
gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
|
||||||
gem "puppet-module-posix-dev-r#{minor_version}", require: false, platforms: [:ruby]
|
gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
|
||||||
gem "puppet-module-win-default-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw]
|
end
|
||||||
gem "puppet-module-win-dev-r#{minor_version}", require: false, platforms: [:mswin, :mingw, :x64_mingw]
|
group :system_tests do
|
||||||
|
gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
|
||||||
|
gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
|
||||||
end
|
end
|
||||||
|
|
||||||
puppet_version = ENV['PUPPET_GEM_VERSION']
|
puppet_version = ENV['PUPPET_GEM_VERSION']
|
||||||
puppet_type = gem_type(puppet_version)
|
|
||||||
facter_version = ENV['FACTER_GEM_VERSION']
|
facter_version = ENV['FACTER_GEM_VERSION']
|
||||||
hiera_version = ENV['HIERA_GEM_VERSION']
|
hiera_version = ENV['HIERA_GEM_VERSION']
|
||||||
|
|
||||||
@ -50,16 +44,6 @@ gems['puppet'] = location_for(puppet_version)
|
|||||||
gems['facter'] = location_for(facter_version) if facter_version
|
gems['facter'] = location_for(facter_version) if facter_version
|
||||||
gems['hiera'] = location_for(hiera_version) if hiera_version
|
gems['hiera'] = location_for(hiera_version) if hiera_version
|
||||||
|
|
||||||
if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)}
|
|
||||||
# If we're using a Puppet gem on Windows which handles its own win32-xxx gem
|
|
||||||
# dependencies (>= 3.5.0), set the maximum versions (see PUP-6445).
|
|
||||||
gems['win32-dir'] = ['<= 0.4.9', require: false]
|
|
||||||
gems['win32-eventlog'] = ['<= 0.6.5', require: false]
|
|
||||||
gems['win32-process'] = ['<= 0.7.5', require: false]
|
|
||||||
gems['win32-security'] = ['<= 0.2.5', require: false]
|
|
||||||
gems['win32-service'] = ['0.8.8', require: false]
|
|
||||||
end
|
|
||||||
|
|
||||||
gems.each do |gem_name, gem_params|
|
gems.each do |gem_name, gem_params|
|
||||||
gem gem_name, *gem_params
|
gem gem_name, *gem_params
|
||||||
end
|
end
|
||||||
|
131
README.md
131
README.md
@ -3,46 +3,40 @@
|
|||||||
#### Table of Contents
|
#### Table of Contents
|
||||||
|
|
||||||
1. [Overview](#overview)
|
1. [Overview](#overview)
|
||||||
2. [Module Description - What the module does and why it is useful](#module-description)
|
2. [Dependencies](#dependencies)
|
||||||
3. [Setup - The basics of getting started with nslcd](#setup)
|
3. [Usage](#usage)
|
||||||
* [What nslcd affects](#what-nslcd-affects)
|
4. [What the module affects](#what-the-module-affects)
|
||||||
4. [Usage - Configuration options and additional functionality](#usage)
|
5. [Parameters](#parameters)
|
||||||
5. [Reference - An under-the-hood peek at what the module is doing and how](#reference)
|
6. [Extend the configuration](#extend-the-configuration)
|
||||||
5. [Limitations - OS compatibility, etc.](#limitations)
|
7. [Limitations](#limitations)
|
||||||
6. [Development - Guide for contributing to the module](#development)
|
8. [Development](#development)
|
||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
This module installs and configured nslcd to get pam/nss data from ldap.
|
This module installs and configured a local NSLCD daemon.
|
||||||
|
NSLCD is used to provide LDAP authentication through PAM/NSS.
|
||||||
|
|
||||||
## Module Description
|
## Dependencies
|
||||||
|
|
||||||
This module allows you to install and configure the nslcd daemon (and its dependencies), to provide ldap support for
|
[Stdlib - https://forge.puppet.com/modules/puppetlabs/stdlib](https://forge.puppet.com/modules/puppetlabs/stdlib)
|
||||||
PAM and NSS.
|
|
||||||
|
|
||||||
## Setup
|
|
||||||
|
|
||||||
### What nslcd affects
|
|
||||||
|
|
||||||
* `nslcd` package and service
|
|
||||||
* `/etc/nslcd.conf`
|
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
Simply include/contain/required/declare the nslcd class.
|
The module includes a few sane defaults, so it should work out of the box.
|
||||||
It includes a few sane defaults, so it should work out of the box.
|
Just fill in these parameters :
|
||||||
However, we recommend that you declare the class and override a few parameters:
|
|
||||||
|
|
||||||
* In the module
|
* Example
|
||||||
|
|
||||||
```
|
```
|
||||||
class { 'nslcd':
|
class
|
||||||
|
{
|
||||||
|
'nslcd':
|
||||||
ldap_uris => ['ldap://ldap01.mycompany.com:389','ldap://ldap02.mycompany.com:389'],
|
ldap_uris => ['ldap://ldap01.mycompany.com:389','ldap://ldap02.mycompany.com:389'],
|
||||||
ldap_search_base => 'dc=company,dc=com'
|
ldap_search_base => 'dc=company,dc=com'
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
* In hieradata
|
* The same in Hiera
|
||||||
|
|
||||||
```
|
```
|
||||||
nslcd::ldap_uris:
|
nslcd::ldap_uris:
|
||||||
@ -51,20 +45,91 @@ nslcd::ldap_uris:
|
|||||||
nslcd::ldap_search_base: 'dc=company,dc=com'
|
nslcd::ldap_search_base: 'dc=company,dc=com'
|
||||||
```
|
```
|
||||||
|
|
||||||
## Reference
|
* Will give this in the config file
|
||||||
|
|
||||||
*todo*
|
```
|
||||||
|
uri ldap://ldap01.company.com:389 ldap://ldap02.company.com:389
|
||||||
|
base dc=company,dc=com
|
||||||
|
```
|
||||||
|
|
||||||
|
## What the module affects
|
||||||
|
|
||||||
|
* `nslcd` package and service
|
||||||
|
* `/etc/nslcd.conf`
|
||||||
|
|
||||||
|
## Parameters
|
||||||
|
|
||||||
|
Parameter | Parameter type | Default value | Description
|
||||||
|
--------- | ---------- | ------------- | -----------
|
||||||
|
package_ensure | Variant[Boolean,String] | present | Sets if the package should be present or absent.
|
||||||
|
package_name | String | Depends on the Linux distrib | Name of the package to install. Set if your platform is not supported.
|
||||||
|
package_manage | Boolean | true | Sets if the module should manage or not the package installation.
|
||||||
|
service_ensure | Variant[Boolean,Enum['stopped','running']] | running | Sets if the service should be running or stopped.
|
||||||
|
service_enable | Boolean | true | Sets if the service should be started on system boot.
|
||||||
|
service_name | String | nslcd | Sets the name of the service. Set if your platform is not supported.
|
||||||
|
service_manage | Boolean | true | Sets if the module should manage or not the service.
|
||||||
|
uid | String | nslcd | Sets the user to start the daemon.
|
||||||
|
gid | String | Depends on the Linux distrib | Sets the group to start the daemon.
|
||||||
|
config | Stdlib::Unixpath | /etc/nslcd.conf | Sets the path of the config file.
|
||||||
|
config_user | String | root | Sets the owner of the config file.
|
||||||
|
config_group | String | Depends on the Linux distrib | Sets the group of the config file.
|
||||||
|
config_mode | Stdlib::Filemode | Depends on the Linux distrib | Permission of the config file.
|
||||||
|
ldap_uris | Array[String] | ldap:/// | Array of LDAP servers.
|
||||||
|
ldap_version | Enum['2','3'] | 3 | Sets the LDAP version to use.
|
||||||
|
ldap_binddn | String | undef | Sets the DN (distinguished name) to bind to the LDAP servers.
|
||||||
|
ldap_bindpw | String | undef | Sets the password to bind to the LDAP servers. Only used if the parameter ldap_binddn is set.
|
||||||
|
ldap_search_base | String | undef | Sets the base DN (distinguished name) to use as the search base.
|
||||||
|
ldap_group_base | String | undef | Sets the base DN (distinguished name) to use as the group search base.
|
||||||
|
ldap_search_scope | Enum['sub','subtree','one','onelevel','base'] | subtree | Sets the search scope depth.
|
||||||
|
config_options | Hash | {} | Key/Value hash to extend the configuration.
|
||||||
|
ldap_filters | Hash | {} | Sets the LDAP search filter for specific mapping.
|
||||||
|
ldap_maps | Hash | {} | Allows for custom attributes to be looked up.
|
||||||
|
ldap_ssl | Enum['on','off','start_tls'] | off | Whether to use SSL/TLS for the connexion to the LDAP servers.
|
||||||
|
ldap_tls_reqcert | Enum['never','allow','try','demand','hard'] | allow | Sets what checks to perform on a server-supplied certificate.
|
||||||
|
ldap_tls_cacertfile | String | undef | Sets the path of the PEM-format file containing certificates for the CA's that will be trusted.
|
||||||
|
bind_timelimit | Integer | undef | Sets the time limit (in seconds) to setup a connexion with the LDAP server.
|
||||||
|
timelimit | Integer | undef | Sets the time limit (in seconds) to wait for a response from the LDAP server.
|
||||||
|
idle_timelimit | Integer | undef | Sets the period if inactivity (in seconds) after which the connection to the LDAP server will be closed.
|
||||||
|
reconnect_sleeptime | Integer | 1 | Sets the number of seconds to sleep when connecting to all LDAP servers fails.
|
||||||
|
reconnect_retrytime | Integer | 10 | Sets the time after which the LDAP server is considered to be permanently unavailable. Once this time is reached retries will be done only once per this time period.
|
||||||
|
|
||||||
|
## Extend the configuration
|
||||||
|
|
||||||
|
The module exposes the most commonly used paramaters. However, to extend the configuration use the **config_options** parameter.
|
||||||
|
It allows you to set any parameter not listed above.
|
||||||
|
|
||||||
|
* Example configuration
|
||||||
|
|
||||||
|
```
|
||||||
|
class
|
||||||
|
{
|
||||||
|
'nslcd':
|
||||||
|
config_options:
|
||||||
|
threads: '10'
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
* The same config in Hiera
|
||||||
|
|
||||||
|
```
|
||||||
|
nslcd::config_options:
|
||||||
|
threads: '10'
|
||||||
|
```
|
||||||
|
|
||||||
|
* Will give this in the config file
|
||||||
|
|
||||||
|
```
|
||||||
|
threads 10
|
||||||
|
```
|
||||||
|
|
||||||
## Limitations
|
## Limitations
|
||||||
|
|
||||||
The module has been tested with Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Debian 8, Debian 9 and Puppet 4.10.
|
The module has been tested with :
|
||||||
It should work with Puppet 4.x.
|
|
||||||
|
|
||||||
For additional OS support, you should contribute it back upstream!
|
* Ubuntu 14.04 / 16.04 / 18.04 / 20.04
|
||||||
|
* Debian 8 / 9 / 10 / 11
|
||||||
The module doesn't support setting the `rootbinddn` and `rootbindpw` attributes yet, it will be added in a next version.
|
* Puppet 4 / 5 / 6
|
||||||
|
|
||||||
## Development
|
## Development
|
||||||
|
|
||||||
If you want to improve this module, send us a patch of pull request!
|
If you want to improve this module, send us a pull request !
|
||||||
|
|
||||||
|
34
Rakefile
34
Rakefile
@ -1,7 +1,12 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
require 'bundler'
|
||||||
|
require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any?
|
||||||
require 'puppetlabs_spec_helper/rake_tasks'
|
require 'puppetlabs_spec_helper/rake_tasks'
|
||||||
require 'puppet-syntax/tasks/puppet-syntax'
|
require 'puppet-syntax/tasks/puppet-syntax'
|
||||||
require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any?
|
require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any?
|
||||||
require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any?
|
require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any?
|
||||||
|
require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any?
|
||||||
|
|
||||||
def changelog_user
|
def changelog_user
|
||||||
return unless Rake.application.top_level_tasks.include? "changelog"
|
return unless Rake.application.top_level_tasks.include? "changelog"
|
||||||
@ -13,15 +18,24 @@ end
|
|||||||
|
|
||||||
def changelog_project
|
def changelog_project
|
||||||
return unless Rake.application.top_level_tasks.include? "changelog"
|
return unless Rake.application.top_level_tasks.include? "changelog"
|
||||||
returnVal = nil || JSON.load(File.read('metadata.json'))['name']
|
|
||||||
raise "unable to find the changelog_project in .sync.yml or the name in metadata.json" if returnVal.nil?
|
returnVal = nil
|
||||||
|
returnVal ||= begin
|
||||||
|
metadata_source = JSON.load(File.read('metadata.json'))['source']
|
||||||
|
metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z})
|
||||||
|
|
||||||
|
metadata_source_match && metadata_source_match[1]
|
||||||
|
end
|
||||||
|
|
||||||
|
raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil?
|
||||||
|
|
||||||
puts "GitHubChangelogGenerator project:#{returnVal}"
|
puts "GitHubChangelogGenerator project:#{returnVal}"
|
||||||
returnVal
|
returnVal
|
||||||
end
|
end
|
||||||
|
|
||||||
def changelog_future_release
|
def changelog_future_release
|
||||||
return unless Rake.application.top_level_tasks.include? "changelog"
|
return unless Rake.application.top_level_tasks.include? "changelog"
|
||||||
returnVal = JSON.load(File.read('metadata.json'))['version']
|
returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version']
|
||||||
raise "unable to find the future_release (version) in metadata.json" if returnVal.nil?
|
raise "unable to find the future_release (version) in metadata.json" if returnVal.nil?
|
||||||
puts "GitHubChangelogGenerator future_release:#{returnVal}"
|
puts "GitHubChangelogGenerator future_release:#{returnVal}"
|
||||||
returnVal
|
returnVal
|
||||||
@ -29,6 +43,7 @@ end
|
|||||||
|
|
||||||
PuppetLint.configuration.send('disable_relative')
|
PuppetLint.configuration.send('disable_relative')
|
||||||
|
|
||||||
|
|
||||||
if Bundler.rubygems.find_name('github_changelog_generator').any?
|
if Bundler.rubygems.find_name('github_changelog_generator').any?
|
||||||
GitHubChangelogGenerator::RakeTask.new :changelog do |config|
|
GitHubChangelogGenerator::RakeTask.new :changelog do |config|
|
||||||
raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?
|
raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?
|
||||||
@ -39,7 +54,7 @@ if Bundler.rubygems.find_name('github_changelog_generator').any?
|
|||||||
config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)."
|
config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)."
|
||||||
config.add_pr_wo_labels = true
|
config.add_pr_wo_labels = true
|
||||||
config.issues = false
|
config.issues = false
|
||||||
config.merge_prefix = "### UNCATEGORIZED PRS; GO LABEL THEM"
|
config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB"
|
||||||
config.configure_sections = {
|
config.configure_sections = {
|
||||||
"Changed" => {
|
"Changed" => {
|
||||||
"prefix" => "### Changed",
|
"prefix" => "### Changed",
|
||||||
@ -47,11 +62,11 @@ if Bundler.rubygems.find_name('github_changelog_generator').any?
|
|||||||
},
|
},
|
||||||
"Added" => {
|
"Added" => {
|
||||||
"prefix" => "### Added",
|
"prefix" => "### Added",
|
||||||
"labels" => ["feature", "enhancement"],
|
"labels" => ["enhancement", "feature"],
|
||||||
},
|
},
|
||||||
"Fixed" => {
|
"Fixed" => {
|
||||||
"prefix" => "### Fixed",
|
"prefix" => "### Fixed",
|
||||||
"labels" => ["bugfix"],
|
"labels" => ["bug", "documentation", "bugfix"],
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
@ -59,16 +74,15 @@ else
|
|||||||
desc 'Generate a Changelog from GitHub'
|
desc 'Generate a Changelog from GitHub'
|
||||||
task :changelog do
|
task :changelog do
|
||||||
raise <<EOM
|
raise <<EOM
|
||||||
The changelog tasks depends on unreleased features of the github_changelog_generator gem.
|
The changelog tasks depends on recent features of the github_changelog_generator gem.
|
||||||
Please manually add it to your .sync.yml for now, and run `pdk update`:
|
Please manually add it to your .sync.yml for now, and run `pdk update`:
|
||||||
---
|
---
|
||||||
Gemfile:
|
Gemfile:
|
||||||
optional:
|
optional:
|
||||||
':development':
|
':development':
|
||||||
- gem: 'github_changelog_generator'
|
- gem: 'github_changelog_generator'
|
||||||
git: 'https://github.com/skywinder/github-changelog-generator'
|
version: '~> 1.15'
|
||||||
ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018'
|
condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')"
|
||||||
condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2')"
|
|
||||||
EOM
|
EOM
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
25
appveyor.yml
25
appveyor.yml
@ -1,5 +1,10 @@
|
|||||||
---
|
---
|
||||||
version: 1.1.x.{build}
|
version: 1.1.x.{build}
|
||||||
|
skip_branch_with_pr: true
|
||||||
|
branches:
|
||||||
|
only:
|
||||||
|
- main
|
||||||
|
- release
|
||||||
skip_commits:
|
skip_commits:
|
||||||
message: /^\(?doc\)?.*/
|
message: /^\(?doc\)?.*/
|
||||||
clone_depth: 10
|
clone_depth: 10
|
||||||
@ -12,23 +17,15 @@ init:
|
|||||||
environment:
|
environment:
|
||||||
matrix:
|
matrix:
|
||||||
-
|
-
|
||||||
RUBY_VERSION: 24-x64
|
RUBY_VERSION: 25-x64
|
||||||
CHECK: syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop
|
CHECK: validate lint check rubocop
|
||||||
-
|
-
|
||||||
PUPPET_GEM_VERSION: ~> 4.0
|
PUPPET_GEM_VERSION: ~> 6.0
|
||||||
RUBY_VERSION: 21
|
RUBY_VERSION: 25
|
||||||
CHECK: parallel_spec
|
CHECK: parallel_spec
|
||||||
-
|
-
|
||||||
PUPPET_GEM_VERSION: ~> 4.0
|
PUPPET_GEM_VERSION: ~> 6.0
|
||||||
RUBY_VERSION: 21-x64
|
RUBY_VERSION: 25-x64
|
||||||
CHECK: parallel_spec
|
|
||||||
-
|
|
||||||
PUPPET_GEM_VERSION: ~> 5.0
|
|
||||||
RUBY_VERSION: 24
|
|
||||||
CHECK: parallel_spec
|
|
||||||
-
|
|
||||||
PUPPET_GEM_VERSION: ~> 5.0
|
|
||||||
RUBY_VERSION: 24-x64
|
|
||||||
CHECK: parallel_spec
|
CHECK: parallel_spec
|
||||||
matrix:
|
matrix:
|
||||||
fast_finish: true
|
fast_finish: true
|
||||||
|
28
data/Debian.yaml
Normal file
28
data/Debian.yaml
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
nslcd::package_ensure: 'present'
|
||||||
|
nslcd::package_name: 'nslcd'
|
||||||
|
nslcd::package_manage: true
|
||||||
|
nslcd::service_ensure: 'running'
|
||||||
|
nslcd::service_enable: true
|
||||||
|
nslcd::service_name: 'nslcd'
|
||||||
|
nslcd::service_manage: true
|
||||||
|
nslcd::uid: 'nslcd'
|
||||||
|
nslcd::gid: 'nslcd'
|
||||||
|
nslcd::config: '/etc/nslcd.conf'
|
||||||
|
nslcd::config_user: 'root'
|
||||||
|
nslcd::config_group: 'nslcd'
|
||||||
|
nslcd::config_mode: '0640'
|
||||||
|
nslcd::ldap_uris:
|
||||||
|
- 'ldap://ldap01.company.com:389'
|
||||||
|
- 'ldap://ldap01.company.com:389'
|
||||||
|
nslcd::ldap_version: '3'
|
||||||
|
nslcd::ldap_binddn: 'cn=bind_user,ou=user,dc=company,dc=com'
|
||||||
|
nslcd::ldap_bindpw: 'secure_bind_user_password'
|
||||||
|
nslcd::ldap_search_base: 'dc=company,dc=com'
|
||||||
|
nslcd::ldap_group_base: 'ou=groups,dc=company,dc=com'
|
||||||
|
nslcd::ldap_search_scope: 'subtree'
|
||||||
|
nslcd::ldap_ssl: 'off'
|
||||||
|
nslcd::ldap_tls_reqcert: 'allow'
|
||||||
|
nslcd::reconnect_sleeptime: 1
|
||||||
|
nslcd::reconnect_retrytime: 10
|
28
data/RedHat.yaml
Normal file
28
data/RedHat.yaml
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
nslcd::package_ensure: 'present'
|
||||||
|
nslcd::package_name: 'nss-pam-ldapd'
|
||||||
|
nslcd::package_manage: true
|
||||||
|
nslcd::service_ensure: 'running'
|
||||||
|
nslcd::service_enable: true
|
||||||
|
nslcd::service_name: 'nslcd'
|
||||||
|
nslcd::service_manage: true
|
||||||
|
nslcd::uid: 'nslcd'
|
||||||
|
nslcd::gid: 'ldap'
|
||||||
|
nslcd::config: '/etc/nslcd.conf'
|
||||||
|
nslcd::config_user: 'root'
|
||||||
|
nslcd::config_group: 'root'
|
||||||
|
nslcd::config_mode: '0600'
|
||||||
|
nslcd::ldap_uris:
|
||||||
|
- 'ldap://ldap01.company.com:389'
|
||||||
|
- 'ldap://ldap01.company.com:389'
|
||||||
|
nslcd::ldap_version: '3'
|
||||||
|
nslcd::ldap_binddn: 'cn=bind_user,ou=user,dc=company,dc=com'
|
||||||
|
nslcd::ldap_bindpw: 'secure_bind_user_password'
|
||||||
|
nslcd::ldap_search_base: 'dc=company,dc=com'
|
||||||
|
nslcd::ldap_group_base: 'ou=groups,dc=company,dc=com'
|
||||||
|
nslcd::ldap_search_scope: 'subtree'
|
||||||
|
nslcd::ldap_ssl: 'off'
|
||||||
|
nslcd::ldap_tls_reqcert: 'allow'
|
||||||
|
nslcd::reconnect_sleeptime: 1
|
||||||
|
nslcd::reconnect_retrytime: 10
|
6
data/common.yaml
Normal file
6
data/common.yaml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
nslcd::ldap_uris:
|
||||||
|
- 'ldap://ldap01.company.com:389'
|
||||||
|
- 'ldap://ldap01.company.com:389'
|
||||||
|
nslcd::ldap_search_base: 'dc=company,dc=com'
|
@ -1,12 +0,0 @@
|
|||||||
# The baseline for module testing used by Puppet Labs is that each manifest
|
|
||||||
# should have a corresponding test manifest that declares that class or defined
|
|
||||||
# type.
|
|
||||||
#
|
|
||||||
# Tests are then run by using puppet apply --noop (to check for compilation
|
|
||||||
# errors and view a log of events) or by fully applying the test in a virtual
|
|
||||||
# environment (to compare the resulting system state to the desired state).
|
|
||||||
#
|
|
||||||
# Learn more about module testing here:
|
|
||||||
# http://docs.puppetlabs.com/guides/tests_smoke.html
|
|
||||||
#
|
|
||||||
include nslcd
|
|
21
hiera.yaml
Normal file
21
hiera.yaml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
---
|
||||||
|
version: 5
|
||||||
|
|
||||||
|
defaults: # Used for any hierarchy level that omits these keys.
|
||||||
|
datadir: data # This path is relative to hiera.yaml's directory.
|
||||||
|
data_hash: yaml_data # Use the built-in YAML backend.
|
||||||
|
|
||||||
|
hierarchy:
|
||||||
|
- name: "osfamily/major release"
|
||||||
|
paths:
|
||||||
|
# Used to distinguish between Debian and Ubuntu
|
||||||
|
- "os/%{facts.os.name}/%{facts.os.release.major}.yaml"
|
||||||
|
- "os/%{facts.os.family}/%{facts.os.release.major}.yaml"
|
||||||
|
# Used for Solaris
|
||||||
|
- "os/%{facts.os.family}/%{facts.kernelrelease}.yaml"
|
||||||
|
- name: "osfamily"
|
||||||
|
paths:
|
||||||
|
- "os/%{facts.os.name}.yaml"
|
||||||
|
- "os/%{facts.os.family}.yaml"
|
||||||
|
- name: 'common'
|
||||||
|
path: 'common.yaml'
|
@ -1,14 +1,16 @@
|
|||||||
# == Class: nslcd::config
|
# == Class: nslcd::config
|
||||||
#
|
#
|
||||||
# Manages the nslcd server configuration file
|
# Manages the nslcd server configuration file
|
||||||
class nslcd::config inherits nslcd {
|
#
|
||||||
|
class nslcd::config inherits nslcd
|
||||||
file { $nslcd::config:
|
{
|
||||||
|
file
|
||||||
|
{
|
||||||
|
$nslcd::config:
|
||||||
ensure => file,
|
ensure => file,
|
||||||
owner => $nslcd::config_user,
|
owner => $nslcd::config_user,
|
||||||
group => $nslcd::config_group,
|
group => $nslcd::config_group,
|
||||||
mode => $nslcd::config_mode,
|
mode => $nslcd::config_mode,
|
||||||
content => template('nslcd/nslcd.erb'),
|
content => template('nslcd/nslcd.erb'),
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -1,7 +1,105 @@
|
|||||||
# == Class: nslcd
|
# == Class: nslcd
|
||||||
#
|
#
|
||||||
# This class manages the nslcd server and service.
|
# This class manages the nslcd server and service.
|
||||||
class nslcd (
|
#
|
||||||
|
# @param package_ensure
|
||||||
|
# Sets if the package should be present or absent.
|
||||||
|
#
|
||||||
|
# @param package_name
|
||||||
|
# Name of the package to install. Depends on the Linux distrib.
|
||||||
|
# Set if your platform is not supported.
|
||||||
|
#
|
||||||
|
# @param package_manage
|
||||||
|
# Sets if the module should manage or not the package installation.
|
||||||
|
#
|
||||||
|
# @param service_ensure
|
||||||
|
# Sets if the service should be running or stopped.
|
||||||
|
#
|
||||||
|
# @param service_enable
|
||||||
|
# Sets if the service should be started on startup.
|
||||||
|
#
|
||||||
|
# @param service_name
|
||||||
|
# Sets the name of the service.
|
||||||
|
# Set if your platform is not supported.
|
||||||
|
#
|
||||||
|
# @param service_manage
|
||||||
|
# Sets if the module should manage or not the service.
|
||||||
|
#
|
||||||
|
# @param uid
|
||||||
|
# Sets the user to start the daemon.
|
||||||
|
#
|
||||||
|
# @param gid
|
||||||
|
# Sets the group to start the daemon. Depends on the Linux distrib.
|
||||||
|
#
|
||||||
|
# @param config
|
||||||
|
# Sets the path of the config file.
|
||||||
|
#
|
||||||
|
# @param config_user
|
||||||
|
# Sets the owner of the config file.
|
||||||
|
#
|
||||||
|
# @param config_group
|
||||||
|
# Sets the group of the config file. Depends on the Linux distrib.
|
||||||
|
#
|
||||||
|
# @param config_mode
|
||||||
|
# Permission of the config file. Depends on the Linux distrib.
|
||||||
|
#
|
||||||
|
# @param ldap_uris
|
||||||
|
# Array of LDAP servers.
|
||||||
|
#
|
||||||
|
# @param ldap_version
|
||||||
|
# Sets the LDAP version to use.
|
||||||
|
#
|
||||||
|
# @param ldap_binddn
|
||||||
|
# Sets the DN (distinguished name) to bind to the LDAP servers.
|
||||||
|
#
|
||||||
|
# @param ldap_bindpw
|
||||||
|
# Sets the password to bind to the LDAP servers. Only used if the parameter ldap_binddn is set.
|
||||||
|
#
|
||||||
|
# @param ldap_search_base
|
||||||
|
# Sets the base DN (distinguished name) to use as the search base.
|
||||||
|
#
|
||||||
|
# @param ldap_group_base
|
||||||
|
# Sets the base DN (distinguished name) to use as the group search base.
|
||||||
|
#
|
||||||
|
# @param ldap_search_scope
|
||||||
|
# Sets the search scope depth.
|
||||||
|
#
|
||||||
|
# @param config_options
|
||||||
|
# Key/Value hash to extend initial configuration.
|
||||||
|
#
|
||||||
|
# @param ldap_filters
|
||||||
|
# Sets the LDAP search filter for specific mapping.
|
||||||
|
#
|
||||||
|
# @param ldap_maps
|
||||||
|
# Allows for custom attributes to be looked up.
|
||||||
|
#
|
||||||
|
# @param ldap_ssl
|
||||||
|
# Whether to use SSL/TLS for the connexion to the LDAP servers.
|
||||||
|
#
|
||||||
|
# @param ldap_tls_reqcert
|
||||||
|
# Sets what checks to perform on a server-supplied certificate.
|
||||||
|
#
|
||||||
|
# @param ldap_tls_cacertfile
|
||||||
|
# Sets the path of the PEM-format file containing certificates for the CA's that will be trusted.
|
||||||
|
#
|
||||||
|
# @param bind_timelimit
|
||||||
|
# Sets the time limit (in seconds) to setup a connexion with the LDAP server.
|
||||||
|
#
|
||||||
|
# @param timelimit
|
||||||
|
# Sets the time limit (in seconds) to wait for a response from the LDAP server.
|
||||||
|
#
|
||||||
|
# @param idle_timelimit
|
||||||
|
# Sets the period if inactivity (in seconds) after which the connection to the LDAP server will be closed.
|
||||||
|
#
|
||||||
|
# @param reconnect_sleeptime
|
||||||
|
# Sets the number of seconds to sleep when connecting to all LDAP servers fails.
|
||||||
|
#
|
||||||
|
# @param reconnect_retrytime
|
||||||
|
# Sets the time after which the LDAP server is considered to be permanently unavailable.
|
||||||
|
# Once this time is reached retries will be done only once per this time period.
|
||||||
|
#
|
||||||
|
class nslcd
|
||||||
|
(
|
||||||
Variant[Boolean,String[1]] $package_ensure = 'present',
|
Variant[Boolean,String[1]] $package_ensure = 'present',
|
||||||
String[1] $package_name = $nslcd::params::package_name,
|
String[1] $package_name = $nslcd::params::package_name,
|
||||||
Boolean $package_manage = true,
|
Boolean $package_manage = true,
|
||||||
@ -26,10 +124,16 @@ class nslcd (
|
|||||||
Hash $ldap_filters = {},
|
Hash $ldap_filters = {},
|
||||||
Hash $ldap_maps = {},
|
Hash $ldap_maps = {},
|
||||||
Enum['on','off','start_tls'] $ldap_ssl = 'off',
|
Enum['on','off','start_tls'] $ldap_ssl = 'off',
|
||||||
Enum['never','allow','try','demand','hard' ] $ldap_tls_reqcert = 'allow',
|
Enum['never','allow','try','demand','hard'] $ldap_tls_reqcert = 'allow',
|
||||||
Optional[String[1]] $ldap_tls_cacertfile = undef,
|
Optional[String[1]] $ldap_tls_cacertfile = undef,
|
||||||
) inherits nslcd::params {
|
Optional[Integer] $bind_timelimit = undef,
|
||||||
|
Integer $timelimit = 10,
|
||||||
|
Optional[Integer] $idle_timelimit = undef,
|
||||||
|
Integer $reconnect_sleeptime = 1,
|
||||||
|
Integer $reconnect_retrytime = 10,
|
||||||
|
)
|
||||||
|
inherits nslcd::params
|
||||||
|
{
|
||||||
contain nslcd::install
|
contain nslcd::install
|
||||||
contain nslcd::config
|
contain nslcd::config
|
||||||
contain nslcd::service
|
contain nslcd::service
|
||||||
@ -37,5 +141,4 @@ class nslcd (
|
|||||||
Class['nslcd::install']
|
Class['nslcd::install']
|
||||||
-> Class['nslcd::config']
|
-> Class['nslcd::config']
|
||||||
~> Class['nslcd::service']
|
~> Class['nslcd::service']
|
||||||
|
|
||||||
}
|
}
|
@ -1,12 +1,15 @@
|
|||||||
# == Class: nslcd::install
|
# == Class: nslcd::install
|
||||||
#
|
#
|
||||||
# Installs the nslcd package.
|
# Installs the nslcd package.
|
||||||
class nslcd::install inherits nslcd {
|
#
|
||||||
|
class nslcd::install inherits nslcd
|
||||||
if $nslcd::package_manage {
|
{
|
||||||
package { $nslcd::package_name:
|
if $nslcd::package_manage
|
||||||
|
{
|
||||||
|
package
|
||||||
|
{
|
||||||
|
$nslcd::package_name:
|
||||||
ensure => $nslcd::package_ensure,
|
ensure => $nslcd::package_ensure,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -1,24 +1,28 @@
|
|||||||
# == Class: nslcd::params
|
# == Class: nslcd::params
|
||||||
#
|
#
|
||||||
# Sets the default parameters for the nslcd class.
|
# Sets the default parameters for the nslcd class.
|
||||||
class nslcd::params {
|
#
|
||||||
|
class nslcd::params
|
||||||
case $::osfamily {
|
{
|
||||||
'Debian': {
|
case $::osfamily
|
||||||
|
{
|
||||||
|
'Debian':
|
||||||
|
{
|
||||||
$package_name = 'nslcd'
|
$package_name = 'nslcd'
|
||||||
$gid = 'nslcd'
|
$gid = 'nslcd'
|
||||||
$config_group = 'nslcd'
|
$config_group = 'nslcd'
|
||||||
$config_mode = '0640'
|
$config_mode = '0640'
|
||||||
}
|
}
|
||||||
'RedHat': {
|
'RedHat':
|
||||||
|
{
|
||||||
$package_name = 'nss-pam-ldapd'
|
$package_name = 'nss-pam-ldapd'
|
||||||
$gid = 'ldap'
|
$gid = 'ldap'
|
||||||
$config_group = 'root'
|
$config_group = 'root'
|
||||||
$config_mode = '0600'
|
$config_mode = '0600'
|
||||||
}
|
}
|
||||||
default: {
|
default:
|
||||||
|
{
|
||||||
fail("The ${module_name} module is not supported on an ${::osfamily} based system.")
|
fail("The ${module_name} module is not supported on an ${::osfamily} based system.")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -1,14 +1,17 @@
|
|||||||
# == Class: nslcd::service
|
# == Class: nslcd::service
|
||||||
#
|
#
|
||||||
# Manages the nslcd service.
|
# Manages the nslcd service.
|
||||||
class nslcd::service inherits nslcd {
|
#
|
||||||
|
class nslcd::service inherits nslcd
|
||||||
if $nslcd::service_manage {
|
{
|
||||||
service { 'nslcd':
|
if $nslcd::service_manage
|
||||||
|
{
|
||||||
|
service
|
||||||
|
{
|
||||||
|
'nslcd':
|
||||||
ensure => $nslcd::service_ensure,
|
ensure => $nslcd::service_ensure,
|
||||||
enable => $nslcd::service_enable,
|
enable => $nslcd::service_enable,
|
||||||
name => $nslcd::service_name,
|
name => $nslcd::service_name,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "geekix-nslcd",
|
"name": "geekix-nslcd",
|
||||||
"version": "0.4.1",
|
"version": "0.4.2",
|
||||||
"author": "geekix",
|
"author": "geekix",
|
||||||
"summary": "Installs and configures nslcd.",
|
"summary": "Installs and configures nslcd.",
|
||||||
"license": "Apache-2.0",
|
"license": "Apache-2.0",
|
||||||
@ -10,7 +10,7 @@
|
|||||||
"dependencies": [
|
"dependencies": [
|
||||||
{
|
{
|
||||||
"name": "puppetlabs-stdlib",
|
"name": "puppetlabs-stdlib",
|
||||||
"version_requirement": ">= 4.0.0 < 7.0.0"
|
"version_requirement": ">= 4.0.0 < 8.1.0"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"operatingsystem_support": [
|
"operatingsystem_support": [
|
||||||
@ -18,7 +18,9 @@
|
|||||||
"operatingsystem": "Debian",
|
"operatingsystem": "Debian",
|
||||||
"operatingsystemrelease": [
|
"operatingsystemrelease": [
|
||||||
"8",
|
"8",
|
||||||
"9"
|
"9",
|
||||||
|
"10",
|
||||||
|
"11"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -26,7 +28,8 @@
|
|||||||
"operatingsystemrelease": [
|
"operatingsystemrelease": [
|
||||||
"14.04",
|
"14.04",
|
||||||
"16.04",
|
"16.04",
|
||||||
"18.04"
|
"18.04",
|
||||||
|
"20.04"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
@ -40,9 +43,10 @@
|
|||||||
"nslcd",
|
"nslcd",
|
||||||
"pam",
|
"pam",
|
||||||
"nss",
|
"nss",
|
||||||
"ldap"
|
"ldap",
|
||||||
|
"authentication"
|
||||||
],
|
],
|
||||||
"pdk-version": "1.7.0",
|
"pdk-version": "2.2.0",
|
||||||
"template-url": "file:///opt/puppetlabs/pdk/share/cache/pdk-templates.git",
|
"template-url": "https://github.com/puppetlabs/pdk-templates#main",
|
||||||
"template-ref": "1.7.0-0-g57412ed"
|
"template-ref": "tags/2.3.0-0-g8aaceff"
|
||||||
}
|
}
|
||||||
|
@ -1,12 +0,0 @@
|
|||||||
HOSTS:
|
|
||||||
ubuntu-1204-x64:
|
|
||||||
default_apply_opts:
|
|
||||||
strict_variables:
|
|
||||||
platform: ubuntu-12.04-amd64
|
|
||||||
hypervisor : docker
|
|
||||||
image: ubuntu:12.04
|
|
||||||
# This stops the image from being deleted on completion, speeding up the process.
|
|
||||||
docker_preserve_image: true
|
|
||||||
CONFIG:
|
|
||||||
type: foss
|
|
||||||
log_level: debug
|
|
@ -1,10 +0,0 @@
|
|||||||
HOSTS:
|
|
||||||
ubuntu-1204-x64:
|
|
||||||
default_apply_opts:
|
|
||||||
strict_variables:
|
|
||||||
platform: ubuntu-12.04-amd64
|
|
||||||
hypervisor : vagrant
|
|
||||||
box : puppetlabs/ubuntu-12.04-64-nocm
|
|
||||||
CONFIG:
|
|
||||||
type: foss
|
|
||||||
log_level: debug
|
|
@ -1,12 +0,0 @@
|
|||||||
HOSTS:
|
|
||||||
ubuntu-1404-x64:
|
|
||||||
default_apply_opts:
|
|
||||||
strict_variables:
|
|
||||||
platform: ubuntu-14.04-amd64
|
|
||||||
hypervisor : docker
|
|
||||||
image: ubuntu:14.04
|
|
||||||
# This stops the image from being deleted on completion, speeding up the process.
|
|
||||||
docker_preserve_image: true
|
|
||||||
CONFIG:
|
|
||||||
type: foss
|
|
||||||
log_level: debug
|
|
@ -1,10 +0,0 @@
|
|||||||
HOSTS:
|
|
||||||
ubuntu-1404-x64:
|
|
||||||
default_apply_opts:
|
|
||||||
strict_variables:
|
|
||||||
platform: ubuntu-14.04-amd64
|
|
||||||
hypervisor : vagrant
|
|
||||||
box : puppetlabs/ubuntu-14.04-64-nocm
|
|
||||||
CONFIG:
|
|
||||||
type: foss
|
|
||||||
log_level: debug
|
|
@ -1,37 +0,0 @@
|
|||||||
require 'spec_helper'
|
|
||||||
|
|
||||||
describe 'nslcd' do
|
|
||||||
{ 'Ubuntu' => 'Debian', 'Debian' => 'Debian', 'CentOS' => 'RedHat', 'RedHat' => 'RedHat' }.each do |system, family|
|
|
||||||
context "when on system #{system}" do
|
|
||||||
facts = {
|
|
||||||
osfamily: family,
|
|
||||||
operatingsystem: system,
|
|
||||||
}
|
|
||||||
let :facts do
|
|
||||||
facts
|
|
||||||
end
|
|
||||||
|
|
||||||
it { is_expected.to contain_class('nslcd') }
|
|
||||||
it { is_expected.to contain_class('nslcd::install') }
|
|
||||||
it { is_expected.to contain_class('nslcd::config') }
|
|
||||||
it { is_expected.to contain_class('nslcd::service') }
|
|
||||||
|
|
||||||
case facts[:osfamily]
|
|
||||||
when 'Debian'
|
|
||||||
it {
|
|
||||||
is_expected.to contain_package('nslcd')
|
|
||||||
is_expected.to contain_service('nslcd')
|
|
||||||
}
|
|
||||||
when 'RedHat'
|
|
||||||
it {
|
|
||||||
is_expected.to contain_package('nss-pam-ldapd')
|
|
||||||
is_expected.to contain_service('nslcd')
|
|
||||||
}
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'when on an unknown system' do
|
|
||||||
it { is_expected.to raise_error(Puppet::Error) }
|
|
||||||
end
|
|
||||||
end
|
|
@ -2,7 +2,7 @@
|
|||||||
#
|
#
|
||||||
# Facts specified here will override the values provided by rspec-puppet-facts.
|
# Facts specified here will override the values provided by rspec-puppet-facts.
|
||||||
---
|
---
|
||||||
concat_basedir: "/tmp"
|
|
||||||
ipaddress: "172.16.254.254"
|
ipaddress: "172.16.254.254"
|
||||||
|
ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
|
||||||
is_pe: false
|
is_pe: false
|
||||||
macaddress: "AA:AA:AA:AA:AA:AA"
|
macaddress: "AA:AA:AA:AA:AA:AA"
|
||||||
|
@ -1,11 +1,13 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
RSpec.configure do |c|
|
||||||
|
c.mock_with :rspec
|
||||||
|
end
|
||||||
|
|
||||||
require 'puppetlabs_spec_helper/module_spec_helper'
|
require 'puppetlabs_spec_helper/module_spec_helper'
|
||||||
require 'rspec-puppet-facts'
|
require 'rspec-puppet-facts'
|
||||||
|
|
||||||
begin
|
require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb'))
|
||||||
require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb'))
|
|
||||||
rescue LoadError => loaderror
|
|
||||||
warn "Could not require spec_helper_local: #{loaderror.message}"
|
|
||||||
end
|
|
||||||
|
|
||||||
include RspecPuppetFacts
|
include RspecPuppetFacts
|
||||||
|
|
||||||
@ -14,15 +16,24 @@ default_facts = {
|
|||||||
facterversion: Facter.version,
|
facterversion: Facter.version,
|
||||||
}
|
}
|
||||||
|
|
||||||
default_facts_path = File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml'))
|
default_fact_files = [
|
||||||
default_module_facts_path = File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml'))
|
File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')),
|
||||||
|
File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')),
|
||||||
|
]
|
||||||
|
|
||||||
if File.exist?(default_facts_path) && File.readable?(default_facts_path)
|
default_fact_files.each do |f|
|
||||||
default_facts.merge!(YAML.safe_load(File.read(default_facts_path)))
|
next unless File.exist?(f) && File.readable?(f) && File.size?(f)
|
||||||
|
|
||||||
|
begin
|
||||||
|
default_facts.merge!(YAML.safe_load(File.read(f), [], [], true))
|
||||||
|
rescue => e
|
||||||
|
RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
if File.exist?(default_module_facts_path) && File.readable?(default_module_facts_path)
|
# read default_facts and merge them over what is provided by facterdb
|
||||||
default_facts.merge!(YAML.safe_load(File.read(default_module_facts_path)))
|
default_facts.each do |fact, value|
|
||||||
|
add_custom_fact fact, value
|
||||||
end
|
end
|
||||||
|
|
||||||
RSpec.configure do |c|
|
RSpec.configure do |c|
|
||||||
@ -31,13 +42,31 @@ RSpec.configure do |c|
|
|||||||
# set to strictest setting for testing
|
# set to strictest setting for testing
|
||||||
# by default Puppet runs at warning level
|
# by default Puppet runs at warning level
|
||||||
Puppet.settings[:strict] = :warning
|
Puppet.settings[:strict] = :warning
|
||||||
|
Puppet.settings[:strict_variables] = true
|
||||||
|
end
|
||||||
|
c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT']
|
||||||
|
c.after(:suite) do
|
||||||
|
end
|
||||||
|
|
||||||
|
# Filter backtrace noise
|
||||||
|
backtrace_exclusion_patterns = [
|
||||||
|
%r{spec_helper},
|
||||||
|
%r{gems},
|
||||||
|
]
|
||||||
|
|
||||||
|
if c.respond_to?(:backtrace_exclusion_patterns)
|
||||||
|
c.backtrace_exclusion_patterns = backtrace_exclusion_patterns
|
||||||
|
elsif c.respond_to?(:backtrace_clean_patterns)
|
||||||
|
c.backtrace_clean_patterns = backtrace_exclusion_patterns
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Ensures that a module is defined
|
||||||
|
# @param module_name Name of the module
|
||||||
def ensure_module_defined(module_name)
|
def ensure_module_defined(module_name)
|
||||||
module_name.split('::').reduce(Object) do |last_module, next_module|
|
module_name.split('::').reduce(Object) do |last_module, next_module|
|
||||||
last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module)
|
last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false)
|
||||||
last_module.const_get(next_module)
|
last_module.const_get(next_module, false)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -12,15 +12,18 @@ uri <%= @ldap_uris.sort.join(' ') %>
|
|||||||
# The LDAP protocol version to use.
|
# The LDAP protocol version to use.
|
||||||
ldap_version <%= @ldap_version %>
|
ldap_version <%= @ldap_version %>
|
||||||
|
|
||||||
|
<% if @ldap_search_base -%>
|
||||||
# The search base that will be used for all queries.
|
# The search base that will be used for all queries.
|
||||||
base <%= @ldap_search_base %>
|
base <%= @ldap_search_base %>
|
||||||
<% if @ldap_group_base -%>
|
|
||||||
base group <%= @ldap_group_base -%>
|
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
|
||||||
|
<% if @ldap_group_base -%>
|
||||||
|
# The group search base that will be used for all queries.
|
||||||
|
base group <%= @ldap_group_base %>
|
||||||
|
<% end -%>
|
||||||
|
|
||||||
<% if @ldap_binddn and @ldap_bindpw -%>
|
<% if @ldap_binddn and @ldap_bindpw -%>
|
||||||
# The DN to bind with for normal lookups.
|
# The DN to bind with the LDAP server.
|
||||||
binddn <%= @ldap_binddn %>
|
binddn <%= @ldap_binddn %>
|
||||||
bindpw <%= @ldap_bindpw %>
|
bindpw <%= @ldap_bindpw %>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
@ -35,14 +38,6 @@ tls_cacertfile <%= @ldap_tls_cacertfile %>
|
|||||||
# The search scope.
|
# The search scope.
|
||||||
scope <%= @ldap_search_scope %>
|
scope <%= @ldap_search_scope %>
|
||||||
|
|
||||||
<% @config_options.sort.each do |k,v| -%>
|
|
||||||
<% Array(v).each do |av| -%>
|
|
||||||
<% if ![nil, '', :undef].include?(av) -%>
|
|
||||||
<%= %Q(#{k} #{av}) %>
|
|
||||||
<% end -%>
|
|
||||||
<% end -%>
|
|
||||||
<% end -%>
|
|
||||||
|
|
||||||
<% if @ldap_filters.length > 0 -%>
|
<% if @ldap_filters.length > 0 -%>
|
||||||
# Custom search filters
|
# Custom search filters
|
||||||
<% @ldap_filters.sort.each do |map, filter| -%>
|
<% @ldap_filters.sort.each do |map, filter| -%>
|
||||||
@ -58,3 +53,26 @@ map <%= map %> <%= attribute %> <%= newattribute %>
|
|||||||
<% end -%>
|
<% end -%>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
|
||||||
|
# Timeouts
|
||||||
|
<% if @bind_timelimit -%>
|
||||||
|
bind_timelimit <%= @bind_timelimit %>
|
||||||
|
<% end -%>
|
||||||
|
timelimit <%= @timelimit %>
|
||||||
|
<% if @idle_timelimit -%>
|
||||||
|
idle_timelimit <%= @idle_timelimit %>
|
||||||
|
<% end -%>
|
||||||
|
reconnect_sleeptime <%= @reconnect_sleeptime %>
|
||||||
|
reconnect_retrytime <%= @reconnect_retrytime %>
|
||||||
|
|
||||||
|
<% if @config_options.length > 0 -%>
|
||||||
|
# Extended configuration
|
||||||
|
<% @config_options.sort.each do |k,v| -%>
|
||||||
|
<% Array(v).each do |av| -%>
|
||||||
|
<% if ![nil, '', :undef].include?(av) -%>
|
||||||
|
<%= %Q(#{k} #{av}) %>
|
||||||
|
<% end -%>
|
||||||
|
<% end -%>
|
||||||
|
<% end -%>
|
||||||
|
<% end -%>
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user