opendev/system-config
Code Issues Proposed changes
system-config/modules/kerberos/manifests/server.pp
Monty Taylor b4b5724a0b Add AFS 
I don't really think this needs any further explanation.

Change-Id: I41378bd320c6c6fad2c981d5cc773486af075c41
2014-10-20 15:13:14 -05:00

111 lines
2.5 KiB
Puppet
Raw Blame History

class kerberos::server (
$realm,
$kdcs = [$::fqdn],
$admin_server = [$::fdqn],
$slaves = [],
$slave = false,
) {
include haveged
class { 'kerberos::client':
realm => $realm,
kdcs => $kdcs,
admin_server => $admin_server,
}
$packages = [
'krb5-admin-server',
'krb5-kdc',
]
package { $packages:
ensure => present,
}
file { '/etc/krb5kdc/kdc.conf':
ensure => present,
replace => true,
content => template('kerberos/kdc.conf.erb'),
require => Package['krb5-kdc'],
}
file { '/etc/krb5kdc/kpropd.acl':
ensure => present,
replace => true,
content => template('kerberos/kpropd.acl.erb'),
require => Package['krb5-kdc'],
}
file { '/etc/krb5kdc/kadm5.acl':
ensure => present,
replace => true,
source => 'puppet:///modules/kerberos/kadm5.acl',
require => Package['krb5-admin-server'],
}
file { '/var/krb5kdc':
ensure => directory,
}
file { '/etc/init.d/krb5-kpropd':
ensure => present,
replace => true,
source => 'puppet:///modules/kerberos/krb5-kpropd',
require => Package['krb5-admin-server'],
}
file { '/usr/local/bin/run-kprop.sh':
ensure => present,
replace => true,
mode => 0755,
content => template('kerberos/run-kprop.sh.erb'),
require => Package['krb5-admin-server'],
}
if ($slave) {
$run_admin_server = stopped
$run_kadmind = 'false'
$run_kpropd = running
$kprop_cron = absent
} else {
$run_admin_server = running
$run_kadmind = 'true'
$run_kpropd = stopped
$kprop_cron = present
}
# krb5-admin-server generates this, so make sure this runs after we do
# things with krb5-admin-server
file { '/etc/default/krb5-admin-server':
ensure => present,
replace => true,
content => template('kerberos/krb5-admin-server.defaults.erb'),
require => Package['krb5-admin-server'],
}
cron { 'kprop':
ensure => $kprop_cron,
user => 'root',
minute => '*/15',
command => '/usr/local/bin/run-kprop.sh >/dev/null 2>&1',
environment => 'PATH=/usr/bin:/bin:/usr/sbin:/sbin',
}
service { 'krb5-kpropd':
ensure => $run_kpropd,
require => [
File['/etc/init.d/krb5-kpropd'],
Package['krb5-admin-server'],
],
}
service { 'krb5-admin-server':
ensure => $run_admin_server,
subscribe => File['/etc/krb5kdc/kadm5.acl'],
require => [
File['/etc/krb5kdc/kadm5.acl'],
Package['krb5-admin-server'],
],
}
}
View Git Blame Copy Permalink