Revision 9c70dbc8
Added by Dominic Cleal over 7 years ago
manifests/init.pp | ||
---|---|---|
# $realm_principal:: Kerberos principal for realm updates
|
||
# type:String
|
||
#
|
||
# $freeipa_config:: Path to FreeIPA default.conf configuration file
|
||
# type:Stdlib::Absolutepath
|
||
#
|
||
# $freeipa_remove_dns:: Remove DNS entries from FreeIPA when deleting hosts from realm
|
||
# type:Boolean
|
||
#
|
||
... | ... | |
$realm_provider = $foreman_proxy::params::realm_provider,
|
||
$realm_keytab = $foreman_proxy::params::realm_keytab,
|
||
$realm_principal = $foreman_proxy::params::realm_principal,
|
||
$freeipa_config = $foreman_proxy::params::freeipa_config,
|
||
$freeipa_remove_dns = $foreman_proxy::params::freeipa_remove_dns,
|
||
$keyfile = $foreman_proxy::params::keyfile,
|
||
$register_in_foreman = $foreman_proxy::params::register_in_foreman,
|
||
... | ... | |
|
||
# Validate realm params
|
||
validate_bool($freeipa_remove_dns, $realm_split_config_files)
|
||
validate_string($realm_provider, $realm_principal)
|
||
validate_string($realm_provider, $realm_principal, $freeipa_config)
|
||
unless $realm_split_config_files {
|
||
validate_re($realm_provider, '^freeipa$', 'Invalid provider: choose freeipa')
|
||
}
|
manifests/params.pp | ||
---|---|---|
$realm_provider = 'freeipa'
|
||
$realm_keytab = "${etc}/foreman-proxy/freeipa.keytab"
|
||
$realm_principal = 'realm-proxy@EXAMPLE.COM'
|
||
$freeipa_config = '/etc/ipa/default.conf'
|
||
$freeipa_remove_dns = true
|
||
$realm_split_config_files = false
|
||
|
spec/classes/foreman_proxy__config__spec.rb | ||
---|---|---|
'---',
|
||
":keytab_path: #{etc_dir}/foreman-proxy/freeipa.keytab",
|
||
':principal: realm-proxy@EXAMPLE.COM',
|
||
':ipa_config: /etc/ipa/default.conf',
|
||
':remove_dns: true',
|
||
])
|
||
end
|
templates/realm_freeipa.yml.erb | ||
---|---|---|
:keytab_path: <%= scope.lookupvar("foreman_proxy::realm_keytab") %>
|
||
:principal: <%= scope.lookupvar("foreman_proxy::realm_principal") %>
|
||
|
||
:ipa_config: <%= scope.lookupvar("foreman_proxy::freeipa_config") %>
|
||
# Remove from DNS when deleting the FreeIPA entry
|
||
:remove_dns: <%= scope.lookupvar("foreman_proxy::freeipa_remove_dns") %>
|
Also available in: Unified diff
Add freeipa_config parameter