Compare commits
3 Commits
da3a70ef4c
...
3cc11e58d3
| Author | SHA1 | Date | |
|---|---|---|---|
3cc11e58d3
|
|||
|
590366639e
|
|||
|
8fe3670ce9
|
@@ -1,4 +0,0 @@
|
||||
{
|
||||
"name": "ldap-1",
|
||||
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+bMtze1cMK3QRCnTsYwU\n5Y7EqaUU8ufrmesFhGLcMPsnZHT1KeL3GZ0Pc/ro50Eok3ryBM9DZxPRNMq5d601\n4NzHJWXgMQA9IdyNkFZejK/da+IHLLHL2BOdOx/Mhbtopcko0bupNYgBtBPPmBSD\nV0UH8t020wc7BWAx0fuIFV0iCAARo8SctLueGlEVK9VSfBFa2l95igxY71NAVV5r\n/SIkJzpHOlsKQNSqaAsVHiq+jtlJlfQ9ZdxD2EoS7GH+yWiLD4jqR5TF+Q1I/TLQ\nJuVTBg4QS2v2OgRa8bb1HdtmNo23yBJeDIUePt7KhO3Fz73wTJR2Bo6+S/D6tElZ\nawIDAQAB\n-----END PUBLIC KEY-----\n"
|
||||
}
|
||||
4
clients/ldap-2.json
Normal file
4
clients/ldap-2.json
Normal file
@@ -0,0 +1,4 @@
|
||||
{
|
||||
"name": "ldap-2.kosmos.org",
|
||||
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycyHso4sCJ/RLkuQl1Qp\nBaAJsWw8NilZyoZwuaYAC4IGJ1Pn4p+6Ly4vWveGCPbDf18VNFHwNMSjtH94EWOo\nrF8Qiamcn8/NlT6NbbN77fjOFDvwITW9+7zgJz9QNsAT7lbdv9eWlWijnslVvqtk\njx9IuqAF1tEKEfnhj8wAHLT8WPABHzmp3PdfZXKN4fjCL9VcPNruXJiCIuNPnWIo\nUxY9IRa9DiZ1jXIcWrTLLHCzq07jeo+MWpC5Uuz3U6+zfevFBHM0xpGMsouIfvLf\nF+MeckT5OhwujUL4IvfZ0Wl6/5wsvHbLFFW7KsmiBK0Su04OnKnZUSaAmtEDU2w4\nSQIDAQAB\n-----END PUBLIC KEY-----\n"
|
||||
}
|
||||
@@ -1,16 +1,16 @@
|
||||
{
|
||||
"name": "ldap-1.kosmos.org",
|
||||
"name": "ldap-2.kosmos.org",
|
||||
"normal": {
|
||||
"knife_zero": {
|
||||
"host": "10.1.1.63"
|
||||
"host": "10.1.1.232"
|
||||
}
|
||||
},
|
||||
"automatic": {
|
||||
"fqdn": "ldap-1.kosmos.org",
|
||||
"fqdn": "ldap-2.kosmos.org",
|
||||
"os": "linux",
|
||||
"os_version": "5.4.0-1049-kvm",
|
||||
"hostname": "ldap-1",
|
||||
"ipaddress": "192.168.122.164",
|
||||
"os_version": "5.4.0-1062-kvm",
|
||||
"hostname": "ldap-2",
|
||||
"ipaddress": "192.168.122.241",
|
||||
"roles": [
|
||||
"dirsrv_primary"
|
||||
],
|
||||
@@ -33,23 +33,20 @@
|
||||
"postfix::_attributes",
|
||||
"postfix::sasl_auth",
|
||||
"hostname::default",
|
||||
"kosmos-dirsrv::firewall",
|
||||
"backup::default",
|
||||
"logrotate::default",
|
||||
"ulimit::default"
|
||||
"kosmos-dirsrv::hostsfile"
|
||||
],
|
||||
"platform": "ubuntu",
|
||||
"platform_version": "20.04",
|
||||
"cloud": null,
|
||||
"chef_packages": {
|
||||
"chef": {
|
||||
"version": "17.8.25",
|
||||
"chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.8.25/lib",
|
||||
"version": "17.10.3",
|
||||
"chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.10.3/lib",
|
||||
"chef_effortless": null
|
||||
},
|
||||
"ohai": {
|
||||
"version": "17.7.12",
|
||||
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.7.12/lib/ohai"
|
||||
"version": "17.9.0",
|
||||
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.0/lib/ohai"
|
||||
}
|
||||
}
|
||||
},
|
||||
@@ -1 +0,0 @@
|
||||
node.default['kosmos-dirsrv']['master_hostname'] = 'ldap.kosmos.org'
|
||||
|
||||
119
site-cookbooks/kosmos-dirsrv/files/ldif2db
Executable file
119
site-cookbooks/kosmos-dirsrv/files/ldif2db
Executable file
@@ -0,0 +1,119 @@
|
||||
#!/bin/bash
|
||||
|
||||
. /usr/share/dirsrv/data/DSSharedLib
|
||||
|
||||
libpath_add "/usr/lib/x86_64-linux-gnu/dirsrv/"
|
||||
libpath_add ""
|
||||
libpath_add "/usr/lib/x86_64-linux-gnu"
|
||||
libpath_add "/usr/lib/x86_64-linux-gnu"
|
||||
|
||||
export LD_LIBRARY_PATH
|
||||
SHLIB_PATH=$LD_LIBRARY_PATH
|
||||
export SHLIB_PATH
|
||||
|
||||
usage()
|
||||
{
|
||||
echo "Usage: ldif2db [-Z serverID] -n backendname {-s includesuffix}* [{-x excludesuffix}*] {-i ldiffile}*"
|
||||
echo " [-c chunksize] [-g [string]] [-G namespace_id] [-O] [-E] [-q] [-v] [-h]"
|
||||
echo "Note: either \"-n backend\", \"-s includesuffix\", and \"-i ldiffile\" are required."
|
||||
echo "Options:"
|
||||
echo " -Z serverID - The server instance identifier"
|
||||
echo " -n backend - Backend database name. Example: userRoot"
|
||||
echo " -s inclduesuffix - Suffix to include"
|
||||
echo " -x excludesuffix - Suffix to exclude"
|
||||
echo " -i ldiffile - LDIF file name"
|
||||
echo " -c chunksize - Number of entries to process before starting a new pass"
|
||||
echo " -g [string] - String is \"none\" or \"deterministic\""
|
||||
echo " \"none\" - unique id is not generated"
|
||||
echo " \"deterministic\" - generate name based unique id (-G name)"
|
||||
echo " By default - generate time based unique id"
|
||||
echo " -G name - Namespace id for name based uniqueid (-g deterministic)"
|
||||
echo " -O - Do not index the attributes"
|
||||
echo " -E - Encrypt attributes"
|
||||
echo " -q - Quiet mode - suppresses output"
|
||||
echo " -v - Display version"
|
||||
echo " -h - Display usage"
|
||||
}
|
||||
|
||||
handleopts()
|
||||
{
|
||||
while [ "$1" != "" ]
|
||||
do
|
||||
if [ "$1" = "-q" ]; then
|
||||
return 1
|
||||
elif [ "$1" = "-Z" ]; then
|
||||
shift
|
||||
servid=$1
|
||||
elif [ "$1" = "-h" ]; then
|
||||
usage
|
||||
exit 0
|
||||
fi
|
||||
shift
|
||||
done
|
||||
return 0
|
||||
}
|
||||
|
||||
while getopts "Z:vhd:i:g:G:n:s:x:NOCc:St:D:Eq" flag
|
||||
do
|
||||
case $flag in
|
||||
h) usage
|
||||
exit 0;;
|
||||
Z) servid=$OPTARG;;
|
||||
n) args=$args" -n \"$OPTARG\"";;
|
||||
i) args=$args" -i \"$OPTARG\"";;
|
||||
s) args=$args" -s \"$OPTARG\"";;
|
||||
x) args=$args" -x \"$OPTARG\"";;
|
||||
c) args=$args" -c \"$OPTARG\"";;
|
||||
d) args=$args" -d \"$OPTARG\"";;
|
||||
g) args=$args" -g \"$OPTARG\"";;
|
||||
G) args=$args" -G \"$OPTARG\"";;
|
||||
t) args=$args" -t \"$OPTARG\"";;
|
||||
D) args=$args" -D \"$OPTARG\"";;
|
||||
E) args=$args" -E";;
|
||||
v) args=$args" -v";;
|
||||
N) args=$args" -N";;
|
||||
C) args=$args" -C";;
|
||||
S) args=$args" -S";;
|
||||
O) args=$args" -O";;
|
||||
q) args=$args" -q";;
|
||||
?) usage
|
||||
exit 1;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ $# -lt 4 ]
|
||||
then
|
||||
usage
|
||||
exit 1
|
||||
fi
|
||||
|
||||
ARGS=$@
|
||||
shift $(($OPTIND - 1))
|
||||
if [ $1 ]
|
||||
then
|
||||
echo "ERROR - Unknown option: $1"
|
||||
usage
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# FIXME look up if not master
|
||||
initfile="/etc/default/dirsrv-master"
|
||||
if [ $? -eq 1 ]
|
||||
then
|
||||
usage
|
||||
echo "You must supply a valid server instance identifier. Use -Z to specify instance name"
|
||||
echo "Available instances: $initfile"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
. $initfile
|
||||
|
||||
handleopts $ARGS
|
||||
quiet=$?
|
||||
if [ $quiet -eq 0 ]; then
|
||||
echo importing data ...
|
||||
fi
|
||||
|
||||
eval /usr/sbin/ns-slapd ldif2db -D $CONFIG_DIR $args 2>&1
|
||||
|
||||
exit $?
|
||||
22
site-cookbooks/kosmos-dirsrv/files/template-initconfig
Normal file
22
site-cookbooks/kosmos-dirsrv/files/template-initconfig
Normal file
@@ -0,0 +1,22 @@
|
||||
# This file is sourced by dirsrv upon startup to set
|
||||
# the default environment for a single specific directory
|
||||
# server instances. To set defaults for all instances, edit
|
||||
# the file in the same directory called dirsrv.
|
||||
|
||||
# These settings are used by the start-dirsrv and
|
||||
# start-slapd scripts (as well as their associates stop
|
||||
# and restart scripts). Do not edit them unless you know
|
||||
# what you are doing.
|
||||
|
||||
# This file is in systemd EnvironmentFile format - see man systemd.exec
|
||||
|
||||
SERVER_DIR={{SERVER-DIR}}
|
||||
SERVERBIN_DIR={{SERVERBIN-DIR}}
|
||||
CONFIG_DIR={{CONFIG-DIR}}
|
||||
INST_DIR={{INST-DIR}}
|
||||
RUN_DIR={{RUN-DIR}}
|
||||
DS_ROOT={{DS-ROOT}}
|
||||
PRODUCT_NAME={{PRODUCT-NAME}}
|
||||
|
||||
# Put custom instance specific settings below here.
|
||||
# if using systemd, omit the "; export VARNAME" at the end
|
||||
@@ -7,8 +7,9 @@ long_description 'Installs/Configures 389 Directory Server'
|
||||
version '0.1.2'
|
||||
chef_version '>= 14.0'
|
||||
|
||||
depends "firewall"
|
||||
depends "apt"
|
||||
depends "firewall"
|
||||
depends "hostsfile"
|
||||
depends "ulimit"
|
||||
depends "backup"
|
||||
depends "kosmos-base"
|
||||
|
||||
@@ -3,10 +3,12 @@
|
||||
# Recipe:: default
|
||||
#
|
||||
|
||||
include_recipe "kosmos-dirsrv::hostsfile"
|
||||
|
||||
credentials = data_bag_item("credentials", "dirsrv")
|
||||
|
||||
dirsrv_instance "master" do
|
||||
hostname node['kosmos-dirsrv']['master_hostname']
|
||||
hostname "ldap.kosmos.local"
|
||||
admin_password credentials['admin_password']
|
||||
suffix "dc=kosmos,dc=org"
|
||||
end
|
||||
|
||||
15
site-cookbooks/kosmos-dirsrv/recipes/hostsfile.rb
Normal file
15
site-cookbooks/kosmos-dirsrv/recipes/hostsfile.rb
Normal file
@@ -0,0 +1,15 @@
|
||||
#
|
||||
# Cookbook:: kosmos-dirsrv
|
||||
# Recipe:: hostsfile
|
||||
#
|
||||
|
||||
dirsrv_primary = search(:node, "role:dirsrv_primary AND chef_environment:#{node.chef_environment}").first
|
||||
|
||||
unless dirsrv_primary.nil?
|
||||
primary_ip = dirsrv_primary['knife_zero']['host']
|
||||
|
||||
hostsfile_entry primary_ip do
|
||||
hostname "ldap.kosmos.local"
|
||||
unique true
|
||||
end
|
||||
end
|
||||
@@ -34,6 +34,20 @@ action :create do
|
||||
inst_dir = "/etc/dirsrv/slapd-#{new_resource.instance_name}"
|
||||
service_name = "dirsrv@#{new_resource.instance_name}"
|
||||
|
||||
cookbook_file "/etc/dirsrv/config/template-initconfig" do
|
||||
source "template-initconfig"
|
||||
mode "0644"
|
||||
owner "dirsrv"
|
||||
group "dirsrv"
|
||||
end
|
||||
|
||||
cookbook_file "/usr/sbin/ldif2db" do
|
||||
source "ldif2db"
|
||||
mode "0755"
|
||||
owner "root"
|
||||
group "root"
|
||||
end
|
||||
|
||||
unless ::Dir.exists?(inst_dir)
|
||||
setup_config = "#{config[:conf_dir]}/setup-#{new_resource.instance_name}.inf"
|
||||
template setup_config do
|
||||
|
||||
Reference in New Issue
Block a user