Commit 8e5b5abe authored by Fabien Combernous's avatar Fabien Combernous

some cleanup of docs

parent 6214509a
Pipeline #7851 passed with stages
in 55 minutes and 7 seconds
......@@ -9,17 +9,14 @@ _Public Classes_
* [`freeipa`](#freeipa): Manages IPA masters, replicas and clients.
* [`freeipa::helpers::flushcache`](#freeipahelpersflushcache): Flushcache sss for Debian and RedHat only
* [`freeipa::install::autofs`](#freeipainstallautofs): Installs and start autofs
_Private Classes_
* `freeipa::config::keytab`: Configures keytab for admin user on FreeIPA master.
* `freeipa::install`: Installs the packages needed for servers and clients
* `freeipa::install::client`: Install freeipa client
* `freeipa::install::server`: This class mainly defines options for the ipa install command, then install master or replica regarding the role set.
* `freeipa::install::server::master`: Installs freeipa server as master
* `freeipa::install::server::replica`: Installs freeipa server as replica
* `freeipa::install::sssd`: Install sssd package
**Tasks**
......@@ -66,19 +63,19 @@ The name of the IPA domain to create or join.
Data type: `Enum['master','replica','client']`
What role the node will be. Options are 'master', 'replica', and 'client'.
What role the node will be.
##### `puppet_admin_password`
Data type: `String[8]`
Password which will be assigned to the IPA account named 'admin'.
Password which will be assigned to the IPA account named `admin` and used by Puppet.
##### `directory_services_password`
Data type: `String[8]`
Password which will be passed into the ipa setup's parameter named "--ds-password".
Password which will be passed into the ipa setup's parameter named `--ds-password`.
##### `autofs_package_name`
......@@ -100,8 +97,8 @@ Default value: `false`
Data type: `Boolean`
If true, then the parameter '--setup-dns' is passed to the IPA server installer.
Also, triggers the install of the required dns server packages.
If true, then install and configure an integrated DNS server, create DNS zone specified by `domain`,
and fill it with service records necessary for IPA deployment.
Default value: `true`
......@@ -109,7 +106,7 @@ Default value: `true`
Data type: `Boolean`
If false, then the parameter '--no-ntp' is passed to the IPA server installer.
If false, then do not configure NTP.
Default value: `true`
......@@ -117,7 +114,7 @@ Default value: `true`
Data type: `Array[String]`
Each element in this array is prefixed with '--forwarder' and passed to the IPA server installer.
Each element in this array is prefixed with `--forwarder` and passed to the IPA server installer.
Default value: []
......@@ -141,7 +138,7 @@ Default value: $puppet_admin_password
Data type: `Boolean`
If true, then the parameter '--hostname' is populated with the parameter 'ipa_server_fqdn'
If true, then the installer flag `--hostname` is populated with the parameter `ipa_server_fqdn`
and passed to the IPA installer.
Default value: `true`
......@@ -150,7 +147,7 @@ Default value: `true`
Data type: `Boolean`
If true, then the parameter '--ip-address' is populated with the parameter 'ip_address'
If true, then the installer flag `--ip-address` is populated with the parameter `ip_address`
and passed to the IPA installer.
Default value: `false`
......@@ -159,7 +156,8 @@ Default value: `false`
Data type: `Boolean`
If true, then the parameter '--fixed-primary' is passed to the IPA installer.
If true, on client it configure SSSD to use a fixed server as the primary IPA server.
The default behavior of client is to use DNS SRV records to determine the primary server to use.
Default value: `false`
......@@ -215,7 +213,7 @@ Default value: 'ipa-server'
Data type: `Boolean`
If true, then the IPA client packages are installed if the parameter 'ipa_role' is set to 'client'.
If true, then the IPA client packages are installed if the parameter `ipa_role` is set to `client`.
Default value: `true`
......@@ -223,7 +221,7 @@ Default value: `true`
Data type: `Boolean`
If true, then the IPA server packages are installed if the parameter 'ipa_role' is not set to 'client'.
If true, then the IPA server packages are installed if the parameter `ipa_role` is not set to `client`.
Default value: `true`
......@@ -239,13 +237,14 @@ Default value: `true`
Data type: `Stdlib::IP::Address`
IP address to pass to the IPA installer.
The IP address of this server.
If this address does not match the address the host resolves to and `configure_dns_server` is not `true`, the installation will fail.
##### `ipa_server_fqdn`
Data type: `Stdlib::Fqdn`
Actual fqdn of the IPA server or client.
Actual fqdn of the IPA server.
Default value: $facts['networking']['fqdn']
......@@ -267,7 +266,7 @@ FQDN of the server to use for a client or replica domain join.
Data type: `Boolean`
If true, then a host entry is created using the parameters 'ipa_server_fqdn' and 'ip_address'.
If true, then a host entry is created using the parameters `ipa_server_fqdn` and `ip_address`.
Default value: `false`
......@@ -275,7 +274,7 @@ Default value: `false`
Data type: `Boolean`
If true, then the parameter '--mkhomedir' is passed to the IPA client installer.
If true, on client configure PAM to create a users home directory if it does not exist.
Default value: `true`
......@@ -323,7 +322,7 @@ Default value: 'sssd-tools'
Data type: `Boolean`
If true, then the parameter '--setup-ca' is passed to the IPA server installer (for replicas)
If true, install and configure a CA even on replica.
Default value: `true`
......@@ -339,18 +338,6 @@ Flushcache sss for Debian and RedHat only
include freeipa::helpers::flushcache
```
### freeipa::install::autofs
Installs and start autofs
#### Examples
#####
```puppet
include freeipa::install::autofs
```
## Tasks
### manage_admin
......
......@@ -19,46 +19,50 @@
# Parameters
# ----------
# @param domain The name of the IPA domain to create or join.
# @param ipa_role What role the node will be. Options are 'master', 'replica', and 'client'.
# @param puppet_admin_password Password which will be assigned to the IPA account named 'admin'.
# @param directory_services_password Password which will be passed into the ipa setup's parameter named "--ds-password".
# @param ipa_role What role the node will be.
# @param puppet_admin_password Password which will be assigned to the IPA account named `admin` and used by Puppet.
# @param directory_services_password Password which will be passed into the ipa setup's parameter named `--ds-password`.
# @param autofs_package_name Name of the autofs package to install if enabled.
# @param client_install_ldaputils If true, then the ldaputils packages are installed if ipa_role is set to client.
# @param configure_dns_server
# If true, then the parameter '--setup-dns' is passed to the IPA server installer.
# Also, triggers the install of the required dns server packages.
# @param configure_ntp If false, then the parameter '--no-ntp' is passed to the IPA server installer.
# @param custom_dns_forwarders Each element in this array is prefixed with '--forwarder' and passed to the IPA server installer.
# If true, then install and configure an integrated DNS server, create DNS zone specified by `domain`,
# and fill it with service records necessary for IPA deployment.
# @param configure_ntp If false, then do not configure NTP.
# @param custom_dns_forwarders Each element in this array is prefixed with `--forwarder` and passed to the IPA server installer.
# @param principal_usedto_joindomain The principal (usually username) used to join a client or replica to the IPA domain.
# @param password_usedto_joindomain The password for the domain_join_principal.
# @param enable_hostname
# If true, then the parameter '--hostname' is populated with the parameter 'ipa_server_fqdn'
# If true, then the installer flag `--hostname` is populated with the parameter `ipa_server_fqdn`
# and passed to the IPA installer.
# @param enable_ip_address
# If true, then the parameter '--ip-address' is populated with the parameter 'ip_address'
# If true, then the installer flag `--ip-address` is populated with the parameter `ip_address`
# and passed to the IPA installer.
# @param fixed_primary If true, then the parameter '--fixed-primary' is passed to the IPA installer.
# @param fixed_primary
# If true, on client it configure SSSD to use a fixed server as the primary IPA server.
# The default behavior of client is to use DNS SRV records to determine the primary server to use.
# @param idstart From the IPA man pages: "The starting user and group id number".
# @param install_autofs If true, then the autofs packages are installed.
# @param install_epel If true, then the epel repo is installed. The epel repo is usually required for sssd packages.
# @param install_sssdtools If true, then the sssdtools packages are installed.
# @param ipa_client_package_name Name of the IPA client package.
# @param ipa_server_package_name Name of the IPA server package.
# @param install_ipa_client If true, then the IPA client packages are installed if the parameter 'ipa_role' is set to 'client'.
# @param install_ipa_server If true, then the IPA server packages are installed if the parameter 'ipa_role' is not set to 'client'.
# @param install_ipa_client If true, then the IPA client packages are installed if the parameter `ipa_role` is set to `client`.
# @param install_ipa_server If true, then the IPA server packages are installed if the parameter `ipa_role` is not set to `client`.
# @param install_sssd If true, then the sssd packages are installed.
# @param ip_address IP address to pass to the IPA installer.
# @param ipa_server_fqdn Actual fqdn of the IPA server or client.
# @param ip_address
# The IP address of this server.
# If this address does not match the address the host resolves to and `configure_dns_server` is not `true`, the installation will fail.
# @param ipa_server_fqdn Actual fqdn of the IPA server.
# @param ldaputils_package_name Name of the ldaputils package.
# @param ipa_master_fqdn FQDN of the server to use for a client or replica domain join.
# @param manage_host_entry If true, then a host entry is created using the parameters 'ipa_server_fqdn' and 'ip_address'.
# @param mkhomedir If true, then the parameter '--mkhomedir' is passed to the IPA client installer.
# @param manage_host_entry If true, then a host entry is created using the parameters `ipa_server_fqdn` and `ip_address`.
# @param mkhomedir If true, on client configure PAM to create a users home directory if it does not exist.
# @param webui_redirect If true, then web requests to URL root / will be redirected to webui https://example.com/ipa/ui.
# @param realm The name of the IPA realm to create or join.
# @param server_install_ldaputils If true, then the ldaputils packages are installed if ipa_role is not set to client.
# @param sssd_package_name Name of the sssd package.
# @param sssdtools_package_name Name of the sssdtools package.
# @param install_ca If true, then the parameter '--setup-ca' is passed to the IPA server installer (for replicas)
# @param install_ca If true, install and configure a CA even on replica.
#
class freeipa (
Stdlib::Fqdn $domain,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment