From aec385610af667f4ce24676ebcfbb4e03cc5e365 Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Mon, 16 Dec 2024 11:46:00 -0500 Subject: [PATCH 01/10] Adding a bunch of new settings. --- manifests/domain.pp | 48 +++++++++++++++++++++++++++++- templates/domain.erb | 69 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 116 insertions(+), 1 deletion(-) diff --git a/manifests/domain.pp b/manifests/domain.pp index d5e8c4c..5fa73a9 100644 --- a/manifests/domain.pp +++ b/manifests/domain.pp @@ -65,6 +65,29 @@ # @param proxy_pam_target # @param proxy_lib_name # @param ldap_user_search_filter +# @param ldap_referrals +# @param timeout +# @param ldap_network_timeout +# @param ldap_opt_timeout +# @param ldap_uri +# @param ldap_page_size +# @param ldap_id_use_start_tls +# @param ldap_default_bind_dn +# @param ldap_default_authtok_type +# @param ldap_default_authtok +# @param ldap_tls_reqcert +# @param ldap_schema +# @param ldap_user_search_base +# @param ldap_user_object_class +# @param ldap_user_home_directory +# @param ldap_user_principal +# @param ldap_group_search_base +# @param ldap_group_object_class +# @param ldap_access_order +# @param ldap_account_expire_policy +# @param ldap_force_upper_case_realm +# @param krb5_realm +# @param krb5_canonicalize # # @author https://github.com/simp/pupmod-simp-sssd/graphs/contributors # @@ -112,7 +135,30 @@ Optional[String] $realmd_tags = undef, Optional[String] $proxy_pam_target = undef, Optional[String] $proxy_lib_name = undef, - Optional[String] $ldap_user_search_filter = undef + Optional[String] $ldap_user_search_filter = undef, + Optional[Boolean] $ldap_referrals = undef, + Optional[Integer[0]] $timeout = undef, + Optional[Integer[0]] $ldap_network_timeout = undef, + Optional[Integer[0]] $ldap_opt_timeout = undef, + Optional[String] $ldap_uri = undef, + Optional[Integer[0]] $ldap_page_size = undef, + Optional[Boolean] $ldap_id_use_start_tls = undef, + Optional[String] $ldap_default_bind_dn = undef, + Optional[String] $ldap_default_authtok_type = undef, + Optional[String] $ldap_default_authtok = undef, + Optional[String] $ldap_tls_reqcert = undef, + Optional[String] $ldap_schema = undef, + Optional[String] $ldap_user_search_base = undef, + Optional[String] $ldap_user_object_class = undef, + Optional[String] $ldap_user_home_directory = undef, + Optional[String] $ldap_user_principal = undef, + Optional[String] $ldap_group_search_base = undef, + Optional[String] $ldap_group_object_class = undef, + Optional[String] $ldap_access_order = undef, + Optional[String] $ldap_account_expire_policy = undef, + Optional[Boolean] $ldap_force_upper_case_realm = undef, + Optional[String] $krb5_realm = undef, + Optional[Boolean] $krb5_canonicalize = undef, ) { sssd::config::entry { "puppet_domain_${name}": diff --git a/templates/domain.erb b/templates/domain.erb index 6740a9b..36cc95a 100644 --- a/templates/domain.erb +++ b/templates/domain.erb @@ -107,3 +107,72 @@ proxy_pam_target = <%= @proxy_pam_target %> <% if @proxy_lib_name %> proxy_lib_name = <%= @proxy_lib_name %> <% end -%> +<% if @ldap_referrals %> +ldap_referrals = <%= @ldap_referrals.to_s %> +<% end -%> +<% if @timeout %> +timeout = <%= @timeout.to_s %> +<% end -%> +<% if @ldap_network_timeout %> +ldap_network_timeout = <%= @ldap_network_timeout.to_s %> +<% end -%> +<% if @ldap_opt_timeout %> +ldap_opt_timeout = <%= @ldap_opt_timeout.to_s %> +<% end -%> +<% if @ldap_uri %> +ldap_uri = <%= @ldap_uri %> +<% end -%> +<% if @ldap_page_size %> +ldap_page_size = <%= @ldap_page_size.to_s %> +<% end -%> +<% if @ldap_id_use_start_tls %> +ldap_id_use_start_tls = <%= @ldap_id_use_start_tls.to_s %> +<% end -%> +<% if @ldap_default_bind_dn %> +ldap_default_bind_dn = <%= @ldap_default_bind_dn %> +<% end -%> +<% if @ldap_default_authtok_type %> +ldap_default_authtok_type = <%= @ldap_default_authtok_type %> +<% end -%> +<% if @ldap_default_authtok %> +ldap_default_authtok = <%= @ldap_default_authtok %> +<% end -%> +<% if @ldap_tls_reqcert %> +ldap_tls_reqcert = <%= @ldap_tls_reqcert %> +<% end -%> +<% if @ldap_schema %> +ldap_schema = <%= @ldap_schema %> +<% end -%> +<% if @ldap_user_search_base %> +ldap_user_search_base = <%= @ldap_user_search_base %> +<% end -%> +<% if @ldap_user_object_class %> +ldap_user_object_class = <%= @ldap_user_object_class %> +<% end -%> +<% if @ldap_user_home_directory %> +ldap_user_home_directory = <%= @ldap_user_home_directory %> +<% end -%> +<% if @ldap_user_principal %> +ldap_user_principal = <%= @ldap_user_principal %> +<% end -%> +<% if @ldap_group_search_base %> +ldap_group_search_base = <%= @ldap_group_search_base %> +<% end -%> +<% if @ldap_group_object_class %> +ldap_group_object_class = <%= @ldap_group_object_class %> +<% end -%> +<% if @ldap_access_order %> +ldap_access_order = <%= @ldap_access_order %> +<% end -%> +<% if @ldap_account_expire_policy %> +ldap_account_expire_policy = <%= @ldap_account_expire_policy %> +<% end -%> +<% if @ldap_force_upper_case_realm %> +ldap_force_upper_case_realm = <%= @ldap_force_upper_case_realm.to_s %> +<% end -%> +<% if @krb5_realm %> +krb5_realm = <%= @krb5_realm %> +<% end -%> +<% if @krb5_canonicalize %> +krb5_canonicalize = <%= @krb5_canonicalize.to_s %> +<% end -%> From 76b830bc340695b89996de76b4d7084346f9b4d4 Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Mon, 16 Dec 2024 11:58:49 -0500 Subject: [PATCH 02/10] Fixing formatting. --- templates/domain.erb | 46 ++++++++++++++++++++++---------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/templates/domain.erb b/templates/domain.erb index 36cc95a..ac28160 100644 --- a/templates/domain.erb +++ b/templates/domain.erb @@ -107,72 +107,72 @@ proxy_pam_target = <%= @proxy_pam_target %> <% if @proxy_lib_name %> proxy_lib_name = <%= @proxy_lib_name %> <% end -%> -<% if @ldap_referrals %> +<% if @ldap_referrals -%> ldap_referrals = <%= @ldap_referrals.to_s %> <% end -%> -<% if @timeout %> +<% if @timeout -%> timeout = <%= @timeout.to_s %> <% end -%> -<% if @ldap_network_timeout %> +<% if @ldap_network_timeout -%> ldap_network_timeout = <%= @ldap_network_timeout.to_s %> <% end -%> -<% if @ldap_opt_timeout %> +<% if @ldap_opt_timeout -%> ldap_opt_timeout = <%= @ldap_opt_timeout.to_s %> <% end -%> -<% if @ldap_uri %> +<% if @ldap_uri -%> ldap_uri = <%= @ldap_uri %> <% end -%> -<% if @ldap_page_size %> +<% if @ldap_page_size -%> ldap_page_size = <%= @ldap_page_size.to_s %> <% end -%> -<% if @ldap_id_use_start_tls %> +<% if @ldap_id_use_start_tls -%> ldap_id_use_start_tls = <%= @ldap_id_use_start_tls.to_s %> <% end -%> -<% if @ldap_default_bind_dn %> +<% if @ldap_default_bind_dn -%> ldap_default_bind_dn = <%= @ldap_default_bind_dn %> <% end -%> -<% if @ldap_default_authtok_type %> +<% if @ldap_default_authtok_type -%> ldap_default_authtok_type = <%= @ldap_default_authtok_type %> <% end -%> -<% if @ldap_default_authtok %> +<% if @ldap_default_authtok -%> ldap_default_authtok = <%= @ldap_default_authtok %> <% end -%> -<% if @ldap_tls_reqcert %> +<% if @ldap_tls_reqcert -%> ldap_tls_reqcert = <%= @ldap_tls_reqcert %> <% end -%> -<% if @ldap_schema %> +<% if @ldap_schema -%> ldap_schema = <%= @ldap_schema %> <% end -%> -<% if @ldap_user_search_base %> +<% if @ldap_user_search_base -%> ldap_user_search_base = <%= @ldap_user_search_base %> <% end -%> -<% if @ldap_user_object_class %> +<% if @ldap_user_object_class -%> ldap_user_object_class = <%= @ldap_user_object_class %> <% end -%> -<% if @ldap_user_home_directory %> +<% if @ldap_user_home_directory -%> ldap_user_home_directory = <%= @ldap_user_home_directory %> <% end -%> -<% if @ldap_user_principal %> +<% if @ldap_user_principal -%> ldap_user_principal = <%= @ldap_user_principal %> <% end -%> -<% if @ldap_group_search_base %> +<% if @ldap_group_search_base -%> ldap_group_search_base = <%= @ldap_group_search_base %> <% end -%> -<% if @ldap_group_object_class %> +<% if @ldap_group_object_class -%> ldap_group_object_class = <%= @ldap_group_object_class %> <% end -%> -<% if @ldap_access_order %> +<% if @ldap_access_order -%> ldap_access_order = <%= @ldap_access_order %> <% end -%> -<% if @ldap_account_expire_policy %> +<% if @ldap_account_expire_policy -%> ldap_account_expire_policy = <%= @ldap_account_expire_policy %> <% end -%> -<% if @ldap_force_upper_case_realm %> +<% if @ldap_force_upper_case_realm -%> ldap_force_upper_case_realm = <%= @ldap_force_upper_case_realm.to_s %> <% end -%> -<% if @krb5_realm %> +<% if @krb5_realm -%> krb5_realm = <%= @krb5_realm %> <% end -%> -<% if @krb5_canonicalize %> +<% if @krb5_canonicalize -%> krb5_canonicalize = <%= @krb5_canonicalize.to_s %> <% end -%> From 954c5e28e14e63f7563fd015be095be907988179 Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Mon, 16 Dec 2024 15:47:24 -0500 Subject: [PATCH 03/10] Adding override_homedir --- manifests/domain.pp | 2 ++ templates/domain.erb | 3 +++ 2 files changed, 5 insertions(+) diff --git a/manifests/domain.pp b/manifests/domain.pp index 5fa73a9..044e3e7 100644 --- a/manifests/domain.pp +++ b/manifests/domain.pp @@ -88,6 +88,7 @@ # @param ldap_force_upper_case_realm # @param krb5_realm # @param krb5_canonicalize +# @param override_homedir # # @author https://github.com/simp/pupmod-simp-sssd/graphs/contributors # @@ -159,6 +160,7 @@ Optional[Boolean] $ldap_force_upper_case_realm = undef, Optional[String] $krb5_realm = undef, Optional[Boolean] $krb5_canonicalize = undef, + Optional[String] $override_homedir = undef, ) { sssd::config::entry { "puppet_domain_${name}": diff --git a/templates/domain.erb b/templates/domain.erb index ac28160..8aa4fb2 100644 --- a/templates/domain.erb +++ b/templates/domain.erb @@ -176,3 +176,6 @@ krb5_realm = <%= @krb5_realm %> <% if @krb5_canonicalize -%> krb5_canonicalize = <%= @krb5_canonicalize.to_s %> <% end -%> +<% if @override_homedir -%> +override_homedir = <%= @override_homedir %> +<% end -%> From 08d08d95950807517faf21a2b60a2e6f0d581f35 Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Tue, 17 Dec 2024 10:39:53 -0500 Subject: [PATCH 04/10] Adding references. --- REFERENCE.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/REFERENCE.md b/REFERENCE.md index e9fd44c..c50da3f 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1376,6 +1376,26 @@ The following parameters are available in the `sssd::domain` defined type: * [`proxy_pam_target`](#-sssd--domain--proxy_pam_target) * [`proxy_lib_name`](#-sssd--domain--proxy_lib_name) * [`ldap_user_search_filter`](#-sssd--domain--ldap_user_search_filter) +* [`ldap_referrals`](#-sssd--domain--ldap_referrals) +* [`timeout`](#-sssd--domain--timeout) +* [`ldap_network_timeout`](#-sssd--domain--ldap_network_timeout) +* [`ldap_opt_timeout`](#-sssd--domain--ldap_opt_timeout) +* [`ldap_uri`](#-sssd--domain--ldap_uri) +* [`ldap_page_size`](#-sssd--domain--ldap_page_size) +* [`ldap_id_use_start_tls`](#-sssd--domain--ldap_id_use_start_tls) +* [`ldap_default_bind_dn`](#-sssd--domain--ldap_default_bind_dn) +* [`ldap_default_authtok_type`](#-sssd--domain--ldap_default_authtok_type) +* [`ldap_default_authtok`](#-sssd--domain--ldap_default_authtok) +* [`ldap_tls_reqcert`](#-sssd--domain--ldap_tls_reqcert) +* [`ldap_schema`](#-sssd--domain--ldap_schema) +* [`ldap_user_search_base`](#-sssd--domain--ldap_user_search_base) +* [`ldap_user_object_class`](#-sssd--domain--ldap_user_object_class) +* [`ldap_access_order`](#-sssd--domain--ldap_access_order) +* [`ldap_account_expire_policy`](#-sssd--domain--ldap_account_expire_policy) +* [`ldap_force_upper_case_realm`](#-sssd--domain--ldap_force_upper_case_realm) +* [`krb5_realm`](#-sssd--domain--krb5_realm) +* [`krb5_canonicalize`](#-sssd--domain--krb5_canonicalize) +* [`override_homedir`](#-sssd--domain--override_homedir) ##### `name` From a6719e310d130ba78d00bcdf276067ee88f58e9c Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Tue, 17 Dec 2024 13:22:51 -0500 Subject: [PATCH 05/10] Finishing references. --- REFERENCE.md | 200 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 200 insertions(+) diff --git a/REFERENCE.md b/REFERENCE.md index c50da3f..7a7c5b5 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1750,6 +1750,206 @@ Data type: `Optional[String]` +Default value: `undef` + +##### `ldap_referrals + +Data type: `Optional[Boolean]` + + + +Default value: `undef` + +##### `timeout` + +Data type: `Optional[Integer[0]]` + + + +Default value: `undef` + +##### `ldap_network_timeout` + +Data type: `Optional[Integer[0]]` + + + +Default value: `undef` + +##### `ldap_opt_timeout` + +Data type: `Optional[Integer[0]]` + + + +Default value: `undef` + +##### `ldap_uri` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_page_size` + +Data type: `Optional[Integer[0]]` + + + +Default value: `undef` + +##### `ldap_id_use_start_tls` + +Data type: `Optional[Boolean]` + + + +Default value: `undef` + +##### `ldap_default_bind_dn` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_default_authtok_type` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_default_authtok` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_tls_reqcert` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_schema` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_user_search_base` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_user_object_class` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_user_home_directory` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_user_principal` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_group_search_base` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_group_object_class` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_access_order` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_account_expire_policy` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_account_expire_policy` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `ldap_force_upper_case_realm` + +Data type: `Optional[Boolean]` + + + +Default value: `undef` + +##### `krb5_realm` + +Data type: `Optional[String]` + + + +Default value: `undef` + +##### `krb5_canonicalize` + +Data type: `Optional[Boolean]` + + + +Default value: `undef` + +##### `override_homedir` + +Data type: `Optional[String]` + + + Default value: `undef` ### `sssd::provider::ad` From 0d3079ead0325f9fae356c042621306789f6abc2 Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Thu, 2 Jan 2025 15:48:58 -0500 Subject: [PATCH 06/10] Refactoring to use custom_options instead. --- REFERENCE.md | 229 ++----------------------------------------- manifests/domain.pp | 57 ++--------- templates/domain.erb | 75 +------------- 3 files changed, 23 insertions(+), 338 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 7a7c5b5..b8f2f2a 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1376,26 +1376,7 @@ The following parameters are available in the `sssd::domain` defined type: * [`proxy_pam_target`](#-sssd--domain--proxy_pam_target) * [`proxy_lib_name`](#-sssd--domain--proxy_lib_name) * [`ldap_user_search_filter`](#-sssd--domain--ldap_user_search_filter) -* [`ldap_referrals`](#-sssd--domain--ldap_referrals) -* [`timeout`](#-sssd--domain--timeout) -* [`ldap_network_timeout`](#-sssd--domain--ldap_network_timeout) -* [`ldap_opt_timeout`](#-sssd--domain--ldap_opt_timeout) -* [`ldap_uri`](#-sssd--domain--ldap_uri) -* [`ldap_page_size`](#-sssd--domain--ldap_page_size) -* [`ldap_id_use_start_tls`](#-sssd--domain--ldap_id_use_start_tls) -* [`ldap_default_bind_dn`](#-sssd--domain--ldap_default_bind_dn) -* [`ldap_default_authtok_type`](#-sssd--domain--ldap_default_authtok_type) -* [`ldap_default_authtok`](#-sssd--domain--ldap_default_authtok) -* [`ldap_tls_reqcert`](#-sssd--domain--ldap_tls_reqcert) -* [`ldap_schema`](#-sssd--domain--ldap_schema) -* [`ldap_user_search_base`](#-sssd--domain--ldap_user_search_base) -* [`ldap_user_object_class`](#-sssd--domain--ldap_user_object_class) -* [`ldap_access_order`](#-sssd--domain--ldap_access_order) -* [`ldap_account_expire_policy`](#-sssd--domain--ldap_account_expire_policy) -* [`ldap_force_upper_case_realm`](#-sssd--domain--ldap_force_upper_case_realm) -* [`krb5_realm`](#-sssd--domain--krb5_realm) -* [`krb5_canonicalize`](#-sssd--domain--krb5_canonicalize) -* [`override_homedir`](#-sssd--domain--override_homedir) +* [`custom_options`](#-sssd--domain--custom_options) ##### `name` @@ -1748,207 +1729,17 @@ Default value: `undef` Data type: `Optional[String]` +##### `custom_options` +Data type: `Optional[Hash]` -Default value: `undef` - -##### `ldap_referrals - -Data type: `Optional[Boolean]` - - - -Default value: `undef` - -##### `timeout` - -Data type: `Optional[Integer[0]]` - - - -Default value: `undef` - -##### `ldap_network_timeout` - -Data type: `Optional[Integer[0]]` - - - -Default value: `undef` - -##### `ldap_opt_timeout` - -Data type: `Optional[Integer[0]]` - - - -Default value: `undef` - -##### `ldap_uri` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_page_size` - -Data type: `Optional[Integer[0]]` - - - -Default value: `undef` - -##### `ldap_id_use_start_tls` - -Data type: `Optional[Boolean]` - - - -Default value: `undef` - -##### `ldap_default_bind_dn` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_default_authtok_type` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_default_authtok` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_tls_reqcert` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_schema` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_user_search_base` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_user_object_class` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_user_home_directory` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_user_principal` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_group_search_base` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_group_object_class` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_access_order` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_account_expire_policy` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_account_expire_policy` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `ldap_force_upper_case_realm` - -Data type: `Optional[Boolean]` - - - -Default value: `undef` - -##### `krb5_realm` - -Data type: `Optional[String]` - - - -Default value: `undef` - -##### `krb5_canonicalize` - -Data type: `Optional[Boolean]` - - - -Default value: `undef` - -##### `override_homedir` - -Data type: `Optional[String]` - - +If defined, this hash will be used to create the service +section instead of the parameters. You must provide all options +in the section you want to add. Each entry in the hash will be +added as a simple init pair +key = value +under the section in the sssd.conf file. +No error checking will be performed. Default value: `undef` diff --git a/manifests/domain.pp b/manifests/domain.pp index 044e3e7..10e3986 100644 --- a/manifests/domain.pp +++ b/manifests/domain.pp @@ -65,30 +65,14 @@ # @param proxy_pam_target # @param proxy_lib_name # @param ldap_user_search_filter -# @param ldap_referrals -# @param timeout -# @param ldap_network_timeout -# @param ldap_opt_timeout -# @param ldap_uri -# @param ldap_page_size -# @param ldap_id_use_start_tls -# @param ldap_default_bind_dn -# @param ldap_default_authtok_type -# @param ldap_default_authtok -# @param ldap_tls_reqcert -# @param ldap_schema -# @param ldap_user_search_base -# @param ldap_user_object_class -# @param ldap_user_home_directory -# @param ldap_user_principal -# @param ldap_group_search_base -# @param ldap_group_object_class -# @param ldap_access_order -# @param ldap_account_expire_policy -# @param ldap_force_upper_case_realm -# @param krb5_realm -# @param krb5_canonicalize -# @param override_homedir +# +# @param custom_options +# If defined, this hash will be used to create the service +# section instead of the parameters. You must provide all options +# in the section you want to add. Each entry in the hash will be +# added as a simple init pair key = value under the section in +# the sssd.conf file. +# No error checking will be performed. # # @author https://github.com/simp/pupmod-simp-sssd/graphs/contributors # @@ -137,30 +121,7 @@ Optional[String] $proxy_pam_target = undef, Optional[String] $proxy_lib_name = undef, Optional[String] $ldap_user_search_filter = undef, - Optional[Boolean] $ldap_referrals = undef, - Optional[Integer[0]] $timeout = undef, - Optional[Integer[0]] $ldap_network_timeout = undef, - Optional[Integer[0]] $ldap_opt_timeout = undef, - Optional[String] $ldap_uri = undef, - Optional[Integer[0]] $ldap_page_size = undef, - Optional[Boolean] $ldap_id_use_start_tls = undef, - Optional[String] $ldap_default_bind_dn = undef, - Optional[String] $ldap_default_authtok_type = undef, - Optional[String] $ldap_default_authtok = undef, - Optional[String] $ldap_tls_reqcert = undef, - Optional[String] $ldap_schema = undef, - Optional[String] $ldap_user_search_base = undef, - Optional[String] $ldap_user_object_class = undef, - Optional[String] $ldap_user_home_directory = undef, - Optional[String] $ldap_user_principal = undef, - Optional[String] $ldap_group_search_base = undef, - Optional[String] $ldap_group_object_class = undef, - Optional[String] $ldap_access_order = undef, - Optional[String] $ldap_account_expire_policy = undef, - Optional[Boolean] $ldap_force_upper_case_realm = undef, - Optional[String] $krb5_realm = undef, - Optional[Boolean] $krb5_canonicalize = undef, - Optional[String] $override_homedir = undef, + Optional[Hash] $custom_options = undef ) { sssd::config::entry { "puppet_domain_${name}": diff --git a/templates/domain.erb b/templates/domain.erb index 8aa4fb2..820aa80 100644 --- a/templates/domain.erb +++ b/templates/domain.erb @@ -107,75 +107,8 @@ proxy_pam_target = <%= @proxy_pam_target %> <% if @proxy_lib_name %> proxy_lib_name = <%= @proxy_lib_name %> <% end -%> -<% if @ldap_referrals -%> -ldap_referrals = <%= @ldap_referrals.to_s %> -<% end -%> -<% if @timeout -%> -timeout = <%= @timeout.to_s %> -<% end -%> -<% if @ldap_network_timeout -%> -ldap_network_timeout = <%= @ldap_network_timeout.to_s %> -<% end -%> -<% if @ldap_opt_timeout -%> -ldap_opt_timeout = <%= @ldap_opt_timeout.to_s %> -<% end -%> -<% if @ldap_uri -%> -ldap_uri = <%= @ldap_uri %> -<% end -%> -<% if @ldap_page_size -%> -ldap_page_size = <%= @ldap_page_size.to_s %> -<% end -%> -<% if @ldap_id_use_start_tls -%> -ldap_id_use_start_tls = <%= @ldap_id_use_start_tls.to_s %> -<% end -%> -<% if @ldap_default_bind_dn -%> -ldap_default_bind_dn = <%= @ldap_default_bind_dn %> -<% end -%> -<% if @ldap_default_authtok_type -%> -ldap_default_authtok_type = <%= @ldap_default_authtok_type %> -<% end -%> -<% if @ldap_default_authtok -%> -ldap_default_authtok = <%= @ldap_default_authtok %> -<% end -%> -<% if @ldap_tls_reqcert -%> -ldap_tls_reqcert = <%= @ldap_tls_reqcert %> -<% end -%> -<% if @ldap_schema -%> -ldap_schema = <%= @ldap_schema %> -<% end -%> -<% if @ldap_user_search_base -%> -ldap_user_search_base = <%= @ldap_user_search_base %> -<% end -%> -<% if @ldap_user_object_class -%> -ldap_user_object_class = <%= @ldap_user_object_class %> -<% end -%> -<% if @ldap_user_home_directory -%> -ldap_user_home_directory = <%= @ldap_user_home_directory %> -<% end -%> -<% if @ldap_user_principal -%> -ldap_user_principal = <%= @ldap_user_principal %> -<% end -%> -<% if @ldap_group_search_base -%> -ldap_group_search_base = <%= @ldap_group_search_base %> -<% end -%> -<% if @ldap_group_object_class -%> -ldap_group_object_class = <%= @ldap_group_object_class %> -<% end -%> -<% if @ldap_access_order -%> -ldap_access_order = <%= @ldap_access_order %> -<% end -%> -<% if @ldap_account_expire_policy -%> -ldap_account_expire_policy = <%= @ldap_account_expire_policy %> -<% end -%> -<% if @ldap_force_upper_case_realm -%> -ldap_force_upper_case_realm = <%= @ldap_force_upper_case_realm.to_s %> -<% end -%> -<% if @krb5_realm -%> -krb5_realm = <%= @krb5_realm %> -<% end -%> -<% if @krb5_canonicalize -%> -krb5_canonicalize = <%= @krb5_canonicalize.to_s %> -<% end -%> -<% if @override_homedir -%> -override_homedir = <%= @override_homedir %> +<% if @custom_options %> +<% $custom_options.each | $opt, $value| { -%> +<%= $opt %> = <%= $value %> +<% } -%> <% end -%> From fcfd33535a8d1fd8b3794613ef944065c53ff54d Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Mon, 6 Jan 2025 10:50:34 -0500 Subject: [PATCH 07/10] Fixing syntax --- templates/domain.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/domain.erb b/templates/domain.erb index 820aa80..c533603 100644 --- a/templates/domain.erb +++ b/templates/domain.erb @@ -108,7 +108,7 @@ proxy_pam_target = <%= @proxy_pam_target %> proxy_lib_name = <%= @proxy_lib_name %> <% end -%> <% if @custom_options %> -<% $custom_options.each | $opt, $value| { -%> +<% $custom_options.each do |opt,value| -%> <%= $opt %> = <%= $value %> -<% } -%> +<% end %> <% end -%> From 24bdb859b400f5bdabada921d416fce724442168 Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Mon, 6 Jan 2025 10:58:03 -0500 Subject: [PATCH 08/10] Fixing pointer. --- templates/domain.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/domain.erb b/templates/domain.erb index c533603..8eb788d 100644 --- a/templates/domain.erb +++ b/templates/domain.erb @@ -108,7 +108,7 @@ proxy_pam_target = <%= @proxy_pam_target %> proxy_lib_name = <%= @proxy_lib_name %> <% end -%> <% if @custom_options %> -<% $custom_options.each do |opt,value| -%> +<% @custom_options.each do |opt,value| -%> <%= $opt %> = <%= $value %> <% end %> <% end -%> From fd95e1204b87c7780b3c0f6b49b664bfcccc9099 Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Mon, 6 Jan 2025 11:02:53 -0500 Subject: [PATCH 09/10] Fixing reference. --- templates/domain.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/domain.erb b/templates/domain.erb index 8eb788d..5bc1009 100644 --- a/templates/domain.erb +++ b/templates/domain.erb @@ -109,6 +109,6 @@ proxy_lib_name = <%= @proxy_lib_name %> <% end -%> <% if @custom_options %> <% @custom_options.each do |opt,value| -%> -<%= $opt %> = <%= $value %> -<% end %> +<%= opt %> = <%= value %> +<% end -%> <% end -%> From 0c80c3a84489d437dd3309f6920667ea750c2bf6 Mon Sep 17 00:00:00 2001 From: Paul Edmon Date: Mon, 6 Jan 2025 11:06:58 -0500 Subject: [PATCH 10/10] Tweaking formatting. --- templates/domain.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/domain.erb b/templates/domain.erb index 5bc1009..7ddb181 100644 --- a/templates/domain.erb +++ b/templates/domain.erb @@ -107,7 +107,7 @@ proxy_pam_target = <%= @proxy_pam_target %> <% if @proxy_lib_name %> proxy_lib_name = <%= @proxy_lib_name %> <% end -%> -<% if @custom_options %> +<% if @custom_options -%> <% @custom_options.each do |opt,value| -%> <%= opt %> = <%= value %> <% end -%>