Revision 9c70dbc8
Added by Dominic Cleal over 7 years ago
| manifests/init.pp | ||
|---|---|---|
|
# $realm_principal:: Kerberos principal for realm updates
|
||
|
# type:String
|
||
|
#
|
||
|
# $freeipa_config:: Path to FreeIPA default.conf configuration file
|
||
|
# type:Stdlib::Absolutepath
|
||
|
#
|
||
|
# $freeipa_remove_dns:: Remove DNS entries from FreeIPA when deleting hosts from realm
|
||
|
# type:Boolean
|
||
|
#
|
||
| ... | ... | |
|
$realm_provider = $foreman_proxy::params::realm_provider,
|
||
|
$realm_keytab = $foreman_proxy::params::realm_keytab,
|
||
|
$realm_principal = $foreman_proxy::params::realm_principal,
|
||
|
$freeipa_config = $foreman_proxy::params::freeipa_config,
|
||
|
$freeipa_remove_dns = $foreman_proxy::params::freeipa_remove_dns,
|
||
|
$keyfile = $foreman_proxy::params::keyfile,
|
||
|
$register_in_foreman = $foreman_proxy::params::register_in_foreman,
|
||
| ... | ... | |
|
|
||
|
# Validate realm params
|
||
|
validate_bool($freeipa_remove_dns, $realm_split_config_files)
|
||
|
validate_string($realm_provider, $realm_principal)
|
||
|
validate_string($realm_provider, $realm_principal, $freeipa_config)
|
||
|
unless $realm_split_config_files {
|
||
|
validate_re($realm_provider, '^freeipa$', 'Invalid provider: choose freeipa')
|
||
|
}
|
||
| manifests/params.pp | ||
|---|---|---|
|
$realm_provider = 'freeipa'
|
||
|
$realm_keytab = "${etc}/foreman-proxy/freeipa.keytab"
|
||
|
$realm_principal = 'realm-proxy@EXAMPLE.COM'
|
||
|
$freeipa_config = '/etc/ipa/default.conf'
|
||
|
$freeipa_remove_dns = true
|
||
|
$realm_split_config_files = false
|
||
|
|
||
| spec/classes/foreman_proxy__config__spec.rb | ||
|---|---|---|
|
'---',
|
||
|
":keytab_path: #{etc_dir}/foreman-proxy/freeipa.keytab",
|
||
|
':principal: realm-proxy@EXAMPLE.COM',
|
||
|
':ipa_config: /etc/ipa/default.conf',
|
||
|
':remove_dns: true',
|
||
|
])
|
||
|
end
|
||
| templates/realm_freeipa.yml.erb | ||
|---|---|---|
|
:keytab_path: <%= scope.lookupvar("foreman_proxy::realm_keytab") %>
|
||
|
:principal: <%= scope.lookupvar("foreman_proxy::realm_principal") %>
|
||
|
|
||
|
:ipa_config: <%= scope.lookupvar("foreman_proxy::freeipa_config") %>
|
||
|
# Remove from DNS when deleting the FreeIPA entry
|
||
|
:remove_dns: <%= scope.lookupvar("foreman_proxy::freeipa_remove_dns") %>
|
||
Also available in: Unified diff
Add freeipa_config parameter