Loading manifests/config/admin_user.pp +2 −2 Original line number Diff line number Diff line Loading @@ -51,7 +51,7 @@ class freeipa::config::admin_user { exec { 'configure_admin_keytab': command => $configure_admin_keytab_cmd, cwd => $home_dir_path, unless => shellquote('/usr/bin/kvno','-k',"${home_dir_path}/admin.keytab","admin@${freeipa::final_realm}"), unless => shellquote('/usr/bin/kvno','-k',"${home_dir_path}/admin.keytab","admin@${freeipa::realm}"), notify => Exec['chown_admin_keytab'], refreshonly => true, require => Cron['k5start_admin'], Loading @@ -67,7 +67,7 @@ class freeipa::config::admin_user { } $k5start_admin_keytab_cmd = "/sbin/runuser -l admin -c \"/usr/bin/k5start -f ${home_dir_path}/admin.keytab -U\"" $k5start_admin_keytab_cmd_unless = "/sbin/runuser -l admin -c /usr/bin/klist | grep -i krbtgt\\/${freeipa::final_realm}\\@" $k5start_admin_keytab_cmd_unless = "/sbin/runuser -l admin -c /usr/bin/klist | grep -i krbtgt\\/${freeipa::realm}\\@" exec { 'k5start_admin_keytab': command => $k5start_admin_keytab_cmd, cwd => $home_dir_path, Loading manifests/init.pp +45 −64 Original line number Diff line number Diff line Loading @@ -17,8 +17,8 @@ # Also, triggers the install of the required dns server packages. # @param configure_ntp If false, then the parameter '--no-ntp' is passed to the IPA server installer. # @param custom_dns_forwarders Each element in this array is prefixed with '--forwarder' and passed to the IPA server installer. # @param domain_join_principal The principal (usually username) used to join a client or replica to the IPA domain. # @param domain_join_password The password for the domain_join_principal. # @param principal_usedto_joindomain The principal (usually username) used to join a client or replica to the IPA domain. # @param password_usedto_joindomain The password for the domain_join_principal. # @param enable_hostname If true, then the parameter '--hostname' is populated with the parameter 'ipa_server_fqdn' # and passed to the IPA installer. # @param enable_ip_address If true, then the parameter '--ip-address' is populated with the parameter 'ip_address' Loading Loading @@ -58,26 +58,29 @@ # # class freeipa ( Stdlib::Fqdn $domain = 'default', String $ipa_role = 'default', String $admin_password = '', String $directory_services_password = '', Stdlib::Fqdn $domain, Enum['master','replica','client'] $ipa_role, String[8] $admin_password, String[8] $directory_services_password, Stdlib::IP::Address::V4 $ip_address, Stdlib::Fqdn $ipa_master_fqdn, Stdlib::Fqdn $realm = $domain, String $autofs_package_name = 'autofs', Boolean $client_install_ldaputils = false, Boolean $configure_dns_server = true, Boolean $configure_ntp = true, Array[String] $custom_dns_forwarders = [], String $domain_join_principal = '', String $domain_join_password = '', String $principal_usedto_joindomain = 'admin', String $password_usedto_joindomain = $directory_services_password, Boolean $enable_hostname = true, Boolean $enable_ip_address = false, Boolean $fixed_primary = false, Integer $idstart = 10000, Integer[10000] $idstart = 10000, Boolean $install_autofs = false, Boolean $install_epel = true, Boolean $install_kstart = true, Boolean $install_sssdtools = true, String $ipa_client_package_name = $::osfamily ? { String $ipa_client_package_name = $facts['os']['family'] ? { 'Debian' => 'freeipa-client', default => 'ipa-client', }, Loading @@ -85,18 +88,15 @@ class freeipa ( Boolean $install_ipa_client = true, Boolean $install_ipa_server = true, Boolean $install_sssd = true, Stdlib::IP::Address::V4 $ip_address = '0.0.0.0', Stdlib::Fqdn $ipa_server_fqdn = $::fqdn, Stdlib::Fqdn $ipa_server_fqdn = $facts['fqdn'], String $kstart_package_name = 'kstart', String $ldaputils_package_name = $::osfamily ? { String $ldaputils_package_name = $facts['os']['family'] ? { 'Debian' => 'ldap-utils', default => 'openldap-clients', }, Stdlib::Fqdn $ipa_master_fqdn = 'default', Boolean $manage_host_entry = false, Boolean $mkhomedir = true, Boolean $no_ui_redirect = false, Stdlib::Fqdn $realm = 'default', Boolean $server_install_ldaputils = true, String $sssd_package_name = 'sssd-common', String $sssdtools_package_name = 'sssd-tools', Loading @@ -111,40 +111,21 @@ class freeipa ( fail('This module is only supported on Linux.') } if $realm != 'default'{ $final_realm = $realm } else { $final_realm = upcase($domain) } $master_principals = suffix( prefix( [$ipa_server_fqdn], 'host/' ), "@${final_realm}" "@${realm}" ) if $domain_join_principal != '' { $final_domain_join_principal = $domain_join_principal } else { $final_domain_join_principal = 'admin' } if $domain_join_password != '' { $final_domain_join_password = $domain_join_password } else { $final_domain_join_password = $directory_services_password } if $ipa_role == 'client' { $final_configure_dns_server = false } else { $final_configure_dns_server = $configure_dns_server } class {'::freeipa::validate_params':} -> class {'::freeipa::install':} class {'::freeipa::install':} } manifests/install/client.pp +3 −3 Original line number Diff line number Diff line Loading @@ -41,10 +41,10 @@ class freeipa::install::client { $client_install_cmd = "/usr/sbin/ipa-client-install \ --server=${freeipa::ipa_master_fqdn} \ --realm=${freeipa::final_realm} \ --realm=${freeipa::realm} \ --domain=${freeipa::domain} \ --principal='${freeipa::final_domain_join_principal}' \ --password='${freeipa::final_domain_join_password}' \ --principal='${freeipa::principal_usedto_joindomain}' \ --password='${freeipa::password_usedto_joindomain}' \ ${client_install_cmd_opts_mkhomedir} \ ${client_install_cmd_opts_fixed_primary} \ ${client_install_cmd_opts_no_ntp} \ Loading manifests/install/server/master.pp +1 −1 Original line number Diff line number Diff line Loading @@ -9,7 +9,7 @@ class freeipa::install::server::master { $server_install_cmd = "\ /usr/sbin/ipa-server-install \ ${freeipa::install::server::server_install_cmd_opts_hostname} \ --realm=${freeipa::final_realm} \ --realm=${freeipa::realm} \ --domain=${freeipa::domain} \ --admin-password='${freeipa::admin_password}' \ --ds-password='${freeipa::directory_services_password}' \ Loading manifests/install/server/replica.pp +3 −3 Original line number Diff line number Diff line Loading @@ -6,10 +6,10 @@ # include freeipa::install::server::replica class freeipa::install::server::replica { $replica_install_cmd = "/usr/sbin/ipa-replica-install \ --principal=${freeipa::final_domain_join_principal} \ --admin-password='${freeipa::final_domain_join_password}' \ --principal=${freeipa::principal_usedto_joindomain} \ --admin-password='${freeipa::password_usedto_joindomain}' \ ${freeipa::install::server::server_install_cmd_opts_hostname} \ --realm=${freeipa::final_realm} \ --realm=${freeipa::realm} \ --domain=${freeipa::domain} \ --server=${freeipa::ipa_master_fqdn} \ ${freeipa::install::server::server_install_cmd_opts_setup_dns} \ Loading Loading
manifests/config/admin_user.pp +2 −2 Original line number Diff line number Diff line Loading @@ -51,7 +51,7 @@ class freeipa::config::admin_user { exec { 'configure_admin_keytab': command => $configure_admin_keytab_cmd, cwd => $home_dir_path, unless => shellquote('/usr/bin/kvno','-k',"${home_dir_path}/admin.keytab","admin@${freeipa::final_realm}"), unless => shellquote('/usr/bin/kvno','-k',"${home_dir_path}/admin.keytab","admin@${freeipa::realm}"), notify => Exec['chown_admin_keytab'], refreshonly => true, require => Cron['k5start_admin'], Loading @@ -67,7 +67,7 @@ class freeipa::config::admin_user { } $k5start_admin_keytab_cmd = "/sbin/runuser -l admin -c \"/usr/bin/k5start -f ${home_dir_path}/admin.keytab -U\"" $k5start_admin_keytab_cmd_unless = "/sbin/runuser -l admin -c /usr/bin/klist | grep -i krbtgt\\/${freeipa::final_realm}\\@" $k5start_admin_keytab_cmd_unless = "/sbin/runuser -l admin -c /usr/bin/klist | grep -i krbtgt\\/${freeipa::realm}\\@" exec { 'k5start_admin_keytab': command => $k5start_admin_keytab_cmd, cwd => $home_dir_path, Loading
manifests/init.pp +45 −64 Original line number Diff line number Diff line Loading @@ -17,8 +17,8 @@ # Also, triggers the install of the required dns server packages. # @param configure_ntp If false, then the parameter '--no-ntp' is passed to the IPA server installer. # @param custom_dns_forwarders Each element in this array is prefixed with '--forwarder' and passed to the IPA server installer. # @param domain_join_principal The principal (usually username) used to join a client or replica to the IPA domain. # @param domain_join_password The password for the domain_join_principal. # @param principal_usedto_joindomain The principal (usually username) used to join a client or replica to the IPA domain. # @param password_usedto_joindomain The password for the domain_join_principal. # @param enable_hostname If true, then the parameter '--hostname' is populated with the parameter 'ipa_server_fqdn' # and passed to the IPA installer. # @param enable_ip_address If true, then the parameter '--ip-address' is populated with the parameter 'ip_address' Loading Loading @@ -58,26 +58,29 @@ # # class freeipa ( Stdlib::Fqdn $domain = 'default', String $ipa_role = 'default', String $admin_password = '', String $directory_services_password = '', Stdlib::Fqdn $domain, Enum['master','replica','client'] $ipa_role, String[8] $admin_password, String[8] $directory_services_password, Stdlib::IP::Address::V4 $ip_address, Stdlib::Fqdn $ipa_master_fqdn, Stdlib::Fqdn $realm = $domain, String $autofs_package_name = 'autofs', Boolean $client_install_ldaputils = false, Boolean $configure_dns_server = true, Boolean $configure_ntp = true, Array[String] $custom_dns_forwarders = [], String $domain_join_principal = '', String $domain_join_password = '', String $principal_usedto_joindomain = 'admin', String $password_usedto_joindomain = $directory_services_password, Boolean $enable_hostname = true, Boolean $enable_ip_address = false, Boolean $fixed_primary = false, Integer $idstart = 10000, Integer[10000] $idstart = 10000, Boolean $install_autofs = false, Boolean $install_epel = true, Boolean $install_kstart = true, Boolean $install_sssdtools = true, String $ipa_client_package_name = $::osfamily ? { String $ipa_client_package_name = $facts['os']['family'] ? { 'Debian' => 'freeipa-client', default => 'ipa-client', }, Loading @@ -85,18 +88,15 @@ class freeipa ( Boolean $install_ipa_client = true, Boolean $install_ipa_server = true, Boolean $install_sssd = true, Stdlib::IP::Address::V4 $ip_address = '0.0.0.0', Stdlib::Fqdn $ipa_server_fqdn = $::fqdn, Stdlib::Fqdn $ipa_server_fqdn = $facts['fqdn'], String $kstart_package_name = 'kstart', String $ldaputils_package_name = $::osfamily ? { String $ldaputils_package_name = $facts['os']['family'] ? { 'Debian' => 'ldap-utils', default => 'openldap-clients', }, Stdlib::Fqdn $ipa_master_fqdn = 'default', Boolean $manage_host_entry = false, Boolean $mkhomedir = true, Boolean $no_ui_redirect = false, Stdlib::Fqdn $realm = 'default', Boolean $server_install_ldaputils = true, String $sssd_package_name = 'sssd-common', String $sssdtools_package_name = 'sssd-tools', Loading @@ -111,40 +111,21 @@ class freeipa ( fail('This module is only supported on Linux.') } if $realm != 'default'{ $final_realm = $realm } else { $final_realm = upcase($domain) } $master_principals = suffix( prefix( [$ipa_server_fqdn], 'host/' ), "@${final_realm}" "@${realm}" ) if $domain_join_principal != '' { $final_domain_join_principal = $domain_join_principal } else { $final_domain_join_principal = 'admin' } if $domain_join_password != '' { $final_domain_join_password = $domain_join_password } else { $final_domain_join_password = $directory_services_password } if $ipa_role == 'client' { $final_configure_dns_server = false } else { $final_configure_dns_server = $configure_dns_server } class {'::freeipa::validate_params':} -> class {'::freeipa::install':} class {'::freeipa::install':} }
manifests/install/client.pp +3 −3 Original line number Diff line number Diff line Loading @@ -41,10 +41,10 @@ class freeipa::install::client { $client_install_cmd = "/usr/sbin/ipa-client-install \ --server=${freeipa::ipa_master_fqdn} \ --realm=${freeipa::final_realm} \ --realm=${freeipa::realm} \ --domain=${freeipa::domain} \ --principal='${freeipa::final_domain_join_principal}' \ --password='${freeipa::final_domain_join_password}' \ --principal='${freeipa::principal_usedto_joindomain}' \ --password='${freeipa::password_usedto_joindomain}' \ ${client_install_cmd_opts_mkhomedir} \ ${client_install_cmd_opts_fixed_primary} \ ${client_install_cmd_opts_no_ntp} \ Loading
manifests/install/server/master.pp +1 −1 Original line number Diff line number Diff line Loading @@ -9,7 +9,7 @@ class freeipa::install::server::master { $server_install_cmd = "\ /usr/sbin/ipa-server-install \ ${freeipa::install::server::server_install_cmd_opts_hostname} \ --realm=${freeipa::final_realm} \ --realm=${freeipa::realm} \ --domain=${freeipa::domain} \ --admin-password='${freeipa::admin_password}' \ --ds-password='${freeipa::directory_services_password}' \ Loading
manifests/install/server/replica.pp +3 −3 Original line number Diff line number Diff line Loading @@ -6,10 +6,10 @@ # include freeipa::install::server::replica class freeipa::install::server::replica { $replica_install_cmd = "/usr/sbin/ipa-replica-install \ --principal=${freeipa::final_domain_join_principal} \ --admin-password='${freeipa::final_domain_join_password}' \ --principal=${freeipa::principal_usedto_joindomain} \ --admin-password='${freeipa::password_usedto_joindomain}' \ ${freeipa::install::server::server_install_cmd_opts_hostname} \ --realm=${freeipa::final_realm} \ --realm=${freeipa::realm} \ --domain=${freeipa::domain} \ --server=${freeipa::ipa_master_fqdn} \ ${freeipa::install::server::server_install_cmd_opts_setup_dns} \ Loading
