Commit 8e7463ff authored by Fabien Combernous's avatar Fabien Combernous

ipa-client-install pass --hostname when enable_hostname is true

parent 2daa5dad
Pipeline #11612 passed with stages
in 47 minutes and 15 seconds
# Reference # Reference
<!-- DO NOT EDIT: This document was generated by Puppet Strings --> <!-- DO NOT EDIT: This document was generated by Puppet Strings -->
## Table of Contents ## Table of Contents
**Classes** ### Classes
_Public Classes_ #### Public Classes
* [`freeipa`](#freeipa): Manages IPA masters, replicas and clients. * [`freeipa`](#freeipa): Manages IPA masters, replicas and clients.
* [`freeipa::helpers::flushcache`](#freeipahelpersflushcache): Flushcache sss for Debian and RedHat only * [`freeipa::helpers::flushcache`](#freeipahelpersflushcache): Flushcache sss for Debian and RedHat only
_Private Classes_ #### Private Classes
* `freeipa::install`: Installs the packages needed for servers and clients * `freeipa::install`: Installs the packages needed for servers and clients
* `freeipa::install::client`: Install freeipa client * `freeipa::install::client`: Install freeipa client
...@@ -18,13 +19,13 @@ _Private Classes_ ...@@ -18,13 +19,13 @@ _Private Classes_
* `freeipa::install::server::master`: Installs freeipa server as master * `freeipa::install::server::master`: Installs freeipa server as master
* `freeipa::install::server::replica`: Installs freeipa server as replica * `freeipa::install::server::replica`: Installs freeipa server as replica
**Tasks** ### Tasks
* [`manage_admin`](#manage_admin): Manage (create or delete) a FreeIPA admin account * [`manage_admin`](#manage_admin): Manage (create or delete) a FreeIPA admin account
## Classes ## Classes
### freeipa ### `freeipa`
Parameters Parameters
---------- ----------
...@@ -83,7 +84,7 @@ Data type: `String` ...@@ -83,7 +84,7 @@ Data type: `String`
Name of the autofs package to install if enabled. Name of the autofs package to install if enabled.
Default value: 'autofs' Default value: `'autofs'`
##### `client_install_ldaputils` ##### `client_install_ldaputils`
...@@ -91,7 +92,7 @@ Data type: `Boolean` ...@@ -91,7 +92,7 @@ Data type: `Boolean`
If true, then the ldaputils packages are installed if ipa_role is set to client. If true, then the ldaputils packages are installed if ipa_role is set to client.
Default value: `false` Default value: ``false``
##### `configure_dns_server` ##### `configure_dns_server`
...@@ -100,7 +101,7 @@ Data type: `Boolean` ...@@ -100,7 +101,7 @@ Data type: `Boolean`
If true, then install and configure an integrated DNS server, create DNS zone specified by `domain`, If true, then install and configure an integrated DNS server, create DNS zone specified by `domain`,
and fill it with service records necessary for IPA deployment. and fill it with service records necessary for IPA deployment.
Default value: `true` Default value: ``true``
##### `configure_ntp` ##### `configure_ntp`
...@@ -108,7 +109,7 @@ Data type: `Boolean` ...@@ -108,7 +109,7 @@ Data type: `Boolean`
If false, then do not configure NTP. If false, then do not configure NTP.
Default value: `true` Default value: ``true``
##### `custom_dns_forwarders` ##### `custom_dns_forwarders`
...@@ -116,7 +117,7 @@ Data type: `Array[String]` ...@@ -116,7 +117,7 @@ Data type: `Array[String]`
Each element in this array is prefixed with `--forwarder` and passed to the IPA server installer. Each element in this array is prefixed with `--forwarder` and passed to the IPA server installer.
Default value: [] Default value: `[]`
##### `principal_usedto_joindomain` ##### `principal_usedto_joindomain`
...@@ -124,7 +125,7 @@ Data type: `String` ...@@ -124,7 +125,7 @@ Data type: `String`
The principal (usually username) used to join a client or replica to the IPA domain. The principal (usually username) used to join a client or replica to the IPA domain.
Default value: 'admin' Default value: `'admin'`
##### `password_usedto_joindomain` ##### `password_usedto_joindomain`
...@@ -132,7 +133,7 @@ Data type: `String` ...@@ -132,7 +133,7 @@ Data type: `String`
The password for the domain_join_principal. The password for the domain_join_principal.
Default value: $puppet_admin_password Default value: `$puppet_admin_password`
##### `enable_hostname` ##### `enable_hostname`
...@@ -141,7 +142,7 @@ Data type: `Boolean` ...@@ -141,7 +142,7 @@ Data type: `Boolean`
If true, then the installer flag `--hostname` is populated with the parameter `ipa_server_fqdn` If true, then the installer flag `--hostname` is populated with the parameter `ipa_server_fqdn`
and passed to the IPA installer. and passed to the IPA installer.
Default value: `true` Default value: ``true``
##### `enable_ip_address` ##### `enable_ip_address`
...@@ -150,7 +151,7 @@ Data type: `Boolean` ...@@ -150,7 +151,7 @@ Data type: `Boolean`
If true, then the installer flag `--ip-address` is populated with the parameter `ip_address` If true, then the installer flag `--ip-address` is populated with the parameter `ip_address`
and passed to the IPA installer. and passed to the IPA installer.
Default value: `false` Default value: ``false``
##### `fixed_primary` ##### `fixed_primary`
...@@ -159,7 +160,7 @@ Data type: `Boolean` ...@@ -159,7 +160,7 @@ Data type: `Boolean`
If true, on client it configure SSSD to use a fixed server as the primary IPA server. If true, on client it configure SSSD to use a fixed server as the primary IPA server.
The default behavior of client is to use DNS SRV records to determine the primary server to use. The default behavior of client is to use DNS SRV records to determine the primary server to use.
Default value: `false` Default value: ``false``
##### `idstart` ##### `idstart`
...@@ -167,7 +168,7 @@ Data type: `Integer[10000]` ...@@ -167,7 +168,7 @@ Data type: `Integer[10000]`
From the IPA man pages: "The starting user and group id number". From the IPA man pages: "The starting user and group id number".
Default value: 10000 Default value: `10000`
##### `install_autofs` ##### `install_autofs`
...@@ -175,7 +176,7 @@ Data type: `Boolean` ...@@ -175,7 +176,7 @@ Data type: `Boolean`
If true, then the autofs packages are installed. If true, then the autofs packages are installed.
Default value: `false` Default value: ``false``
##### `install_epel` ##### `install_epel`
...@@ -183,7 +184,7 @@ Data type: `Boolean` ...@@ -183,7 +184,7 @@ Data type: `Boolean`
If true, then the epel repo is installed. The epel repo is usually required for sssd packages. If true, then the epel repo is installed. The epel repo is usually required for sssd packages.
Default value: `true` Default value: ``true``
##### `install_sssdtools` ##### `install_sssdtools`
...@@ -191,7 +192,7 @@ Data type: `Boolean` ...@@ -191,7 +192,7 @@ Data type: `Boolean`
If true, then the sssdtools packages are installed. If true, then the sssdtools packages are installed.
Default value: `true` Default value: ``true``
##### `ipa_client_package_name` ##### `ipa_client_package_name`
...@@ -199,7 +200,7 @@ Data type: `String` ...@@ -199,7 +200,7 @@ Data type: `String`
Name of the IPA client package. Name of the IPA client package.
Default value: $facts['os']['family'] Default value: `$facts['os']['family']`
##### `ipa_server_package_name` ##### `ipa_server_package_name`
...@@ -207,7 +208,7 @@ Data type: `String` ...@@ -207,7 +208,7 @@ Data type: `String`
Name of the IPA server package. Name of the IPA server package.
Default value: 'ipa-server' Default value: `'ipa-server'`
##### `install_ipa_client` ##### `install_ipa_client`
...@@ -215,7 +216,7 @@ Data type: `Boolean` ...@@ -215,7 +216,7 @@ Data type: `Boolean`
If true, then the IPA client packages are installed if the parameter `ipa_role` is set to `client`. If true, then the IPA client packages are installed if the parameter `ipa_role` is set to `client`.
Default value: `true` Default value: ``true``
##### `install_ipa_server` ##### `install_ipa_server`
...@@ -223,7 +224,7 @@ Data type: `Boolean` ...@@ -223,7 +224,7 @@ Data type: `Boolean`
If true, then the IPA server packages are installed if the parameter `ipa_role` is not set to `client`. If true, then the IPA server packages are installed if the parameter `ipa_role` is not set to `client`.
Default value: `true` Default value: ``true``
##### `install_sssd` ##### `install_sssd`
...@@ -231,7 +232,7 @@ Data type: `Boolean` ...@@ -231,7 +232,7 @@ Data type: `Boolean`
If true, then the sssd packages are installed. If true, then the sssd packages are installed.
Default value: `true` Default value: ``true``
##### `ip_address` ##### `ip_address`
...@@ -244,9 +245,9 @@ If this address does not match the address the host resolves to and `configure_d ...@@ -244,9 +245,9 @@ If this address does not match the address the host resolves to and `configure_d
Data type: `Stdlib::Fqdn` Data type: `Stdlib::Fqdn`
Actual fqdn of the IPA server. Actual fqdn of the IPA server being configured.
Default value: $facts['networking']['fqdn'] Default value: `$facts['networking']['fqdn']`
##### `ldaputils_package_name` ##### `ldaputils_package_name`
...@@ -254,7 +255,7 @@ Data type: `String` ...@@ -254,7 +255,7 @@ Data type: `String`
Name of the ldaputils package. Name of the ldaputils package.
Default value: $facts['os']['family'] Default value: `$facts['os']['family']`
##### `ipa_master_fqdn` ##### `ipa_master_fqdn`
...@@ -268,7 +269,7 @@ Data type: `Boolean` ...@@ -268,7 +269,7 @@ Data type: `Boolean`
If true, then a host entry is created using the parameters `ipa_server_fqdn` and `ip_address`. If true, then a host entry is created using the parameters `ipa_server_fqdn` and `ip_address`.
Default value: `false` Default value: ``false``
##### `mkhomedir` ##### `mkhomedir`
...@@ -276,7 +277,7 @@ Data type: `Boolean` ...@@ -276,7 +277,7 @@ Data type: `Boolean`
If true, on client configure PAM to create a users home directory if it does not exist. If true, on client configure PAM to create a users home directory if it does not exist.
Default value: `true` Default value: ``true``
##### `webui_redirect` ##### `webui_redirect`
...@@ -284,7 +285,7 @@ Data type: `Boolean` ...@@ -284,7 +285,7 @@ Data type: `Boolean`
If true, then web requests to URL root / will be redirected to webui https://example.com/ipa/ui. If true, then web requests to URL root / will be redirected to webui https://example.com/ipa/ui.
Default value: `true` Default value: ``true``
##### `realm` ##### `realm`
...@@ -292,7 +293,7 @@ Data type: `Stdlib::Fqdn` ...@@ -292,7 +293,7 @@ Data type: `Stdlib::Fqdn`
The name of the IPA realm to create or join. The name of the IPA realm to create or join.
Default value: upcase($domain) Default value: `upcase($domain)`
##### `server_install_ldaputils` ##### `server_install_ldaputils`
...@@ -300,7 +301,7 @@ Data type: `Boolean` ...@@ -300,7 +301,7 @@ Data type: `Boolean`
If true, then the ldaputils packages are installed if ipa_role is not set to client. If true, then the ldaputils packages are installed if ipa_role is not set to client.
Default value: `true` Default value: ``true``
##### `sssd_package_name` ##### `sssd_package_name`
...@@ -308,7 +309,7 @@ Data type: `String` ...@@ -308,7 +309,7 @@ Data type: `String`
Name of the sssd package. Name of the sssd package.
Default value: 'sssd-common' Default value: `'sssd-common'`
##### `sssdtools_package_name` ##### `sssdtools_package_name`
...@@ -316,7 +317,7 @@ Data type: `String` ...@@ -316,7 +317,7 @@ Data type: `String`
Name of the sssdtools package. Name of the sssdtools package.
Default value: 'sssd-tools' Default value: `'sssd-tools'`
##### `install_ca` ##### `install_ca`
...@@ -324,9 +325,9 @@ Data type: `Boolean` ...@@ -324,9 +325,9 @@ Data type: `Boolean`
If true, install and configure a CA even on replica. If true, install and configure a CA even on replica.
Default value: `true` Default value: ``true``
### freeipa::helpers::flushcache ### `freeipa::helpers::flushcache`
Flushcache sss for Debian and RedHat only Flushcache sss for Debian and RedHat only
...@@ -340,7 +341,7 @@ include freeipa::helpers::flushcache ...@@ -340,7 +341,7 @@ include freeipa::helpers::flushcache
## Tasks ## Tasks
### manage_admin ### `manage_admin`
Manage (create or delete) a FreeIPA admin account Manage (create or delete) a FreeIPA admin account
......
...@@ -52,7 +52,7 @@ ...@@ -52,7 +52,7 @@
# @param ip_address # @param ip_address
# The IP address of this server. # The IP address of this server.
# If this address does not match the address the host resolves to and `configure_dns_server` is not `true`, the installation will fail. # If this address does not match the address the host resolves to and `configure_dns_server` is not `true`, the installation will fail.
# @param ipa_server_fqdn Actual fqdn of the IPA server. # @param ipa_server_fqdn Actual fqdn of the IPA server being configured.
# @param ldaputils_package_name Name of the ldaputils package. # @param ldaputils_package_name Name of the ldaputils package.
# @param ipa_master_fqdn FQDN of the server to use for a client or replica domain join. # @param ipa_master_fqdn FQDN of the server to use for a client or replica domain join.
# @param manage_host_entry If true, then a host entry is created using the parameters `ipa_server_fqdn` and `ip_address`. # @param manage_host_entry If true, then a host entry is created using the parameters `ipa_server_fqdn` and `ip_address`.
......
...@@ -38,7 +38,14 @@ class freeipa::install::client { ...@@ -38,7 +38,14 @@ class freeipa::install::client {
$client_install_cmd_opts_no_ntp = '--no-ntp' $client_install_cmd_opts_no_ntp = '--no-ntp'
} }
$client_install_cmd = "/usr/sbin/ipa-client-install \ if $freeipa::enable_hostname {
$client_install_cmd_opts_hostname = "--hostname=${freeipa::ipa_server_fqdn}"
end
} else {
$client_install_cmd_opts_hostname = ''
}
$client_install_cmd = "/usr/sbin/ipa-client-install \
--server=${freeipa::ipa_master_fqdn} \ --server=${freeipa::ipa_master_fqdn} \
--realm=${freeipa::realm} \ --realm=${freeipa::realm} \
--domain=${freeipa::domain} \ --domain=${freeipa::domain} \
...@@ -47,9 +54,10 @@ class freeipa::install::client { ...@@ -47,9 +54,10 @@ class freeipa::install::client {
${client_install_cmd_opts_mkhomedir} \ ${client_install_cmd_opts_mkhomedir} \
${client_install_cmd_opts_fixed_primary} \ ${client_install_cmd_opts_fixed_primary} \
${client_install_cmd_opts_no_ntp} \ ${client_install_cmd_opts_no_ntp} \
${client_install_cmd_opts_hostname} \
--unattended" --unattended"
exec { "client_install_${::fqdn}": exec { "client_install_${facts['fqdn']}":
command => $client_install_cmd, command => $client_install_cmd,
timeout => 0, timeout => 0,
unless => "cat /etc/ipa/default.conf | grep -i \"${freeipa::domain}\"", unless => "cat /etc/ipa/default.conf | grep -i \"${freeipa::domain}\"",
......
require 'spec_helper' require 'spec_helper'
ipa_node = 'foo.example.com'
describe 'freeipa::install::client' do describe 'freeipa::install::client' do
context 'with node not yet configured' do context 'with node not yet configured' do
on_supported_os.each do |os, os_facts| on_supported_os.each do |os, facts|
context "on #{os}" do context "on #{os}" do
let(:facts) { os_facts } let(:facts) { facts }
let(:pre_condition) do let(:pre_condition) do
manifest = <<-EOS manifest = <<-EOS
class{ 'freeipa' : class{ 'freeipa' :
ipa_role => 'client', ipa_role => 'client',
ipa_master_fqdn => 'master.example.lan', ipa_master_fqdn => 'master.example.com',
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => '#{ipa_node}',
domain => 'example.lan', domain => 'example.com',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
puppet_admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
...@@ -22,6 +24,7 @@ describe 'freeipa::install::client' do ...@@ -22,6 +24,7 @@ describe 'freeipa::install::client' do
end end
it { is_expected.to compile } it { is_expected.to compile }
it { is_expected.to contain_exec("client_install_#{ipa_node}").with('command' => %r{.*hostname=#{ipa_node}.*}) }
end end
end end
end end
...@@ -34,9 +37,9 @@ describe 'freeipa::install::client' do ...@@ -34,9 +37,9 @@ describe 'freeipa::install::client' do
manifest = <<-EOS manifest = <<-EOS
class{ 'freeipa' : class{ 'freeipa' :
ipa_role => 'client', ipa_role => 'client',
ipa_master_fqdn => 'master.example.lan', ipa_master_fqdn => 'master.example.com',
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.com',
domain => 'example.lan', domain => 'example.com',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
puppet_admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
...@@ -59,9 +62,9 @@ describe 'freeipa::install::client' do ...@@ -59,9 +62,9 @@ describe 'freeipa::install::client' do
manifest = <<-EOS manifest = <<-EOS
class{ 'freeipa' : class{ 'freeipa' :
ipa_role => 'client', ipa_role => 'client',
ipa_master_fqdn => 'master.example.lan', ipa_master_fqdn => 'master.example.com',
ipa_server_fqdn => 'foo.example.lan', ipa_server_fqdn => 'foo.example.com',
domain => 'example.lan', domain => 'example.com',
password_usedto_joindomain => 'foobartest', password_usedto_joindomain => 'foobartest',
puppet_admin_password => 'foobartest', puppet_admin_password => 'foobartest',
directory_services_password => 'foobartest', directory_services_password => 'foobartest',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment