| リビジョン | ebc9304af9717e0a060f93817983ed9e71466118 (tree) |
|---|---|
| 日時 | 2017-01-02 15:19:40 |
| 作者 | whitestar <whitestar@gaea...> |
| コミッター | whitestar |
bug fix: key access group modification.
cookbooks/openldap-grid/CHANGELOG.md (diff) cookbooks/openldap-grid/README.md (diff) cookbooks/openldap-grid/metadata.rb (diff) cookbooks/openldap-grid/recipes/server.rb (diff)| @@ -1,5 +1,10 @@ | ||
| 1 | 1 | # CHANGELOG for openldap-grid |
| 2 | 2 | |
| 3 | +0.2.4 | |
| 4 | +----- | |
| 5 | +- bug fix: key access group modification. | |
| 6 | +- updates documents. | |
| 7 | + | |
| 3 | 8 | 0.2.3 |
| 4 | 9 | ----- |
| 5 | 10 | - adds Samba schema setup feature. |
| @@ -1,17 +1,24 @@ | ||
| 1 | 1 | openldap-grid Cookbook |
| 2 | -================= | |
| 2 | +====================== | |
| 3 | 3 | |
| 4 | 4 | This cookbook sets up OpenLDAP client, server and nss-ldapd. |
| 5 | 5 | |
| 6 | -Requirements | |
| 7 | ------------- | |
| 6 | +## Contents | |
| 7 | + | |
| 8 | +- [Requirements](#requirements) | |
| 9 | +- [Attributes](#attributes) | |
| 10 | + - [openldap::default](#openldapdefault) | |
| 11 | +- [Usage](#usage) | |
| 12 | + - [with ssl_cert cookbook](#with-ssl_cert-cookbook) | |
| 13 | +- [License and Authors](#license-and-authors) | |
| 14 | + | |
| 15 | +## Requirements | |
| 8 | 16 | |
| 9 | 17 | None. |
| 10 | 18 | |
| 11 | -Attributes | |
| 12 | ----------- | |
| 19 | +## Attributes | |
| 13 | 20 | |
| 14 | -#### openldap::default | |
| 21 | +### openldap::default | |
| 15 | 22 | |Key|Type|Description, example|Default| |
| 16 | 23 | |:--|:--|:--|:--| |
| 17 | 24 | |`['openldap']['with_ssl_cert_cookbook']`|Boolean|make it work with ssl_cert cookbook. (ver. 0.1.1 or later)|`false`| |
| @@ -35,10 +42,7 @@ Attributes | ||
| 35 | 42 | |`['openldap']['server']['ldaps']`|Boolean|enable ldaps (ver. 0.1.2 or later)|`false`| |
| 36 | 43 | |`['openldap']['server']['KRB5_KTNAME']`|String|e.g. `'/etc/krb5.keytab'` (ver. 0.1.2 or later)|`nil`| |
| 37 | 44 | |
| 38 | -['openldap']['extra_schema'] | |
| 39 | - | |
| 40 | -Usage | |
| 41 | ------ | |
| 45 | +## Usage | |
| 42 | 46 | |
| 43 | 47 | Just include `openldap-grid::recipe` in your node's `run_list`: |
| 44 | 48 |
| @@ -53,16 +57,16 @@ Just include `openldap-grid::recipe` in your node's `run_list`: | ||
| 53 | 57 | } |
| 54 | 58 | ``` |
| 55 | 59 | |
| 56 | -#### with ssl_cert cookbook | |
| 60 | +### with ssl_cert cookbook | |
| 57 | 61 | |
| 58 | 62 | If `node['openldap']['with_ssl_cert_cookbook']` is `true`, `node['openldap']['client']['TLS_CACERT']` and `node['openldap']['nss-ldapd']['tls_cacertfile']` are overridden by the file path based on `['openldap']['ssl_cert']['ca_name']` attribute. |
| 59 | 63 | |
| 60 | -License and Authors | |
| 61 | -------------------- | |
| 64 | +## License and Authors | |
| 65 | + | |
| 62 | 66 | - Author:: whitestar at osdn.jp |
| 63 | 67 | |
| 64 | 68 | ```text |
| 65 | -Copyright 2013-2016, whitestar | |
| 69 | +Copyright 2013-2017, whitestar | |
| 66 | 70 | |
| 67 | 71 | Licensed under the Apache License, Version 2.0 (the "License"); |
| 68 | 72 | you may not use this file except in compliance with the License. |
| @@ -5,7 +5,7 @@ maintainer_email '' | ||
| 5 | 5 | license 'Apache 2.0' |
| 6 | 6 | description 'Installs/Configures openldap' |
| 7 | 7 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) |
| 8 | -version '0.2.3' | |
| 8 | +version '0.2.4' | |
| 9 | 9 | source_url 'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git' |
| 10 | 10 | issues_url 'https://osdn.jp/projects/metasearch/ticket' |
| 11 | 11 |
| @@ -13,4 +13,4 @@ issues_url 'https://osdn.jp/projects/metasearch/ticket' | ||
| 13 | 13 | supports os |
| 14 | 14 | end |
| 15 | 15 | |
| 16 | -depends 'ssl_cert', '>= 0.3.2' | |
| 16 | +depends 'ssl_cert', '>= 0.3.5' |
| @@ -17,6 +17,8 @@ | ||
| 17 | 17 | # limitations under the License. |
| 18 | 18 | # |
| 19 | 19 | |
| 20 | +::Chef::Recipe.send(:include, SSLCert::Helper) | |
| 21 | + | |
| 20 | 22 | case node['platform_family'] |
| 21 | 23 | when 'debian' |
| 22 | 24 | [ |
| @@ -30,10 +32,8 @@ when 'debian' | ||
| 30 | 32 | } |
| 31 | 33 | |
| 32 | 34 | # for SSL server key access |
| 33 | - group 'ssl-cert' do | |
| 34 | - action :modify | |
| 35 | - members 'openldap' | |
| 36 | - append true | |
| 35 | + if node['openldap']['with_ssl_cert_cookbook'] | |
| 36 | + append_members_to_key_access_group(['openldap']) | |
| 37 | 37 | end |
| 38 | 38 | |
| 39 | 39 | template '/etc/default/slapd' do |
| @@ -53,14 +53,8 @@ when 'rhel' | ||
| 53 | 53 | } |
| 54 | 54 | |
| 55 | 55 | # for SSL server key access |
| 56 | - group node['ssl_cert']['rhel']['key_access_group'] do | |
| 57 | - action :modify | |
| 58 | - members 'ldap' | |
| 59 | - append true | |
| 60 | - only_if { | |
| 61 | - node['openldap']['with_ssl_cert_cookbook'] \ | |
| 62 | - && node['ssl_cert']['rhel']['key_access_group'] != 'root' | |
| 63 | - } | |
| 56 | + if node['openldap']['with_ssl_cert_cookbook'] | |
| 57 | + append_members_to_key_access_group(['ldap']) | |
| 64 | 58 | end |
| 65 | 59 | |
| 66 | 60 | template '/etc/sysconfig/ldap' do |
Fork