File: ldap.pp

package info (click to toggle)
puppet-module-puppetlabs-apache 12.2.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,664 kB
  • sloc: ruby: 275; sh: 32; makefile: 2
file content (86 lines) | stat: -rw-r--r-- 3,245 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# @summary
#   Installs and configures `mod_ldap`.
# 
# @param package_name
#   Specifies the custom package name.
# 
# @param ldap_trusted_global_cert_file
#   Sets the file or database containing global trusted Certificate Authority or global client certificates.
# 
# @param ldap_trusted_global_cert_type
#   Sets the certificate parameter of the global trusted Certificate Authority or global client certificates.
# 
# @param ldap_shared_cache_size
#   Size in bytes of the shared-memory cache
# 
# @param ldap_cache_entries
#   Maximum number of entries in the primary LDAP cache
# 
# @param ldap_cache_ttl
#   Time that cached items remain valid (in seconds).
# 
# @param ldap_opcache_entries
#   Number of entries used to cache LDAP compare operations
# 
# @param ldap_opcache_ttl
#   Time that entries in the operation cache remain valid (in seconds).
# 
# @param ldap_trusted_mode
#   Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
#
# @param ldap_path
#   The server location of the ldap status page.
#
# @example 
#   class { 'apache::mod::ldap':
#     ldap_trusted_global_cert_file => '/etc/pki/tls/certs/ldap-trust.crt',
#     ldap_trusted_global_cert_type => 'CA_DER',
#     ldap_trusted_mode             => 'TLS',
#     ldap_shared_cache_size        => 500000,
#     ldap_cache_entries            => 1024,
#     ldap_cache_ttl                => 600,
#     ldap_opcache_entries          => 1024,
#     ldap_opcache_ttl              => 600,
#   }
#
# @see https://httpd.apache.org/docs/current/mod/mod_ldap.html for additional documentation.
# @note Unsupported platforms: CentOS: 8; RedHat: 8, 9
class apache::mod::ldap (
  Optional[String] $package_name                  = undef,
  Optional[String] $ldap_trusted_global_cert_file = undef,
  String $ldap_trusted_global_cert_type           = 'CA_BASE64',
  Optional[Integer] $ldap_shared_cache_size       = undef,
  Optional[Integer] $ldap_cache_entries           = undef,
  Optional[Integer] $ldap_cache_ttl               = undef,
  Optional[Integer] $ldap_opcache_entries         = undef,
  Optional[Integer] $ldap_opcache_ttl             = undef,
  Optional[String] $ldap_trusted_mode             = undef,
  String $ldap_path                               = '/ldap-status',
) {
  include apache
  ::apache::mod { 'ldap':
    package => $package_name,
  }

  $parameters = {
    'ldap_path'                     => $ldap_path,
    'ldap_trusted_global_cert_file' => $ldap_trusted_global_cert_file,
    'ldap_trusted_global_cert_type' => $ldap_trusted_global_cert_type,
    'ldap_trusted_mode'             => $ldap_trusted_mode,
    'ldap_shared_cache_size'        => $ldap_shared_cache_size,
    'ldap_cache_entries'            => $ldap_cache_entries,
    'ldap_cache_ttl'                => $ldap_cache_ttl,
    'ldap_opcache_entries'          => $ldap_opcache_entries,
    'ldap_opcache_ttl'              => $ldap_opcache_ttl,
  }

  file { 'ldap.conf':
    ensure  => file,
    path    => "${apache::mod_dir}/ldap.conf",
    mode    => $apache::file_mode,
    content => epp('apache/mod/ldap.conf.epp', $parameters),
    require => Exec["mkdir ${apache::mod_dir}"],
    before  => File[$apache::mod_dir],
    notify  => Class['apache::service'],
  }
}