Grid環境構築用のChefリポジトリです。
Révision | ebc9304af9717e0a060f93817983ed9e71466118 (tree) |
---|---|
l'heure | 2017-01-02 15:19:40 |
Auteur | whitestar <whitestar@gaea...> |
Commiter | whitestar |
bug fix: key access group modification.
@@ -1,5 +1,10 @@ | ||
1 | 1 | # CHANGELOG for openldap-grid |
2 | 2 | |
3 | +0.2.4 | |
4 | +----- | |
5 | +- bug fix: key access group modification. | |
6 | +- updates documents. | |
7 | + | |
3 | 8 | 0.2.3 |
4 | 9 | ----- |
5 | 10 | - adds Samba schema setup feature. |
@@ -1,17 +1,24 @@ | ||
1 | 1 | openldap-grid Cookbook |
2 | -================= | |
2 | +====================== | |
3 | 3 | |
4 | 4 | This cookbook sets up OpenLDAP client, server and nss-ldapd. |
5 | 5 | |
6 | -Requirements | |
7 | ------------- | |
6 | +## Contents | |
7 | + | |
8 | +- [Requirements](#requirements) | |
9 | +- [Attributes](#attributes) | |
10 | + - [openldap::default](#openldapdefault) | |
11 | +- [Usage](#usage) | |
12 | + - [with ssl_cert cookbook](#with-ssl_cert-cookbook) | |
13 | +- [License and Authors](#license-and-authors) | |
14 | + | |
15 | +## Requirements | |
8 | 16 | |
9 | 17 | None. |
10 | 18 | |
11 | -Attributes | |
12 | ----------- | |
19 | +## Attributes | |
13 | 20 | |
14 | -#### openldap::default | |
21 | +### openldap::default | |
15 | 22 | |Key|Type|Description, example|Default| |
16 | 23 | |:--|:--|:--|:--| |
17 | 24 | |`['openldap']['with_ssl_cert_cookbook']`|Boolean|make it work with ssl_cert cookbook. (ver. 0.1.1 or later)|`false`| |
@@ -35,10 +42,7 @@ Attributes | ||
35 | 42 | |`['openldap']['server']['ldaps']`|Boolean|enable ldaps (ver. 0.1.2 or later)|`false`| |
36 | 43 | |`['openldap']['server']['KRB5_KTNAME']`|String|e.g. `'/etc/krb5.keytab'` (ver. 0.1.2 or later)|`nil`| |
37 | 44 | |
38 | -['openldap']['extra_schema'] | |
39 | - | |
40 | -Usage | |
41 | ------ | |
45 | +## Usage | |
42 | 46 | |
43 | 47 | Just include `openldap-grid::recipe` in your node's `run_list`: |
44 | 48 |
@@ -53,16 +57,16 @@ Just include `openldap-grid::recipe` in your node's `run_list`: | ||
53 | 57 | } |
54 | 58 | ``` |
55 | 59 | |
56 | -#### with ssl_cert cookbook | |
60 | +### with ssl_cert cookbook | |
57 | 61 | |
58 | 62 | If `node['openldap']['with_ssl_cert_cookbook']` is `true`, `node['openldap']['client']['TLS_CACERT']` and `node['openldap']['nss-ldapd']['tls_cacertfile']` are overridden by the file path based on `['openldap']['ssl_cert']['ca_name']` attribute. |
59 | 63 | |
60 | -License and Authors | |
61 | -------------------- | |
64 | +## License and Authors | |
65 | + | |
62 | 66 | - Author:: whitestar at osdn.jp |
63 | 67 | |
64 | 68 | ```text |
65 | -Copyright 2013-2016, whitestar | |
69 | +Copyright 2013-2017, whitestar | |
66 | 70 | |
67 | 71 | Licensed under the Apache License, Version 2.0 (the "License"); |
68 | 72 | you may not use this file except in compliance with the License. |
@@ -5,7 +5,7 @@ maintainer_email '' | ||
5 | 5 | license 'Apache 2.0' |
6 | 6 | description 'Installs/Configures openldap' |
7 | 7 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) |
8 | -version '0.2.3' | |
8 | +version '0.2.4' | |
9 | 9 | source_url 'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git' |
10 | 10 | issues_url 'https://osdn.jp/projects/metasearch/ticket' |
11 | 11 |
@@ -13,4 +13,4 @@ issues_url 'https://osdn.jp/projects/metasearch/ticket' | ||
13 | 13 | supports os |
14 | 14 | end |
15 | 15 | |
16 | -depends 'ssl_cert', '>= 0.3.2' | |
16 | +depends 'ssl_cert', '>= 0.3.5' |
@@ -17,6 +17,8 @@ | ||
17 | 17 | # limitations under the License. |
18 | 18 | # |
19 | 19 | |
20 | +::Chef::Recipe.send(:include, SSLCert::Helper) | |
21 | + | |
20 | 22 | case node['platform_family'] |
21 | 23 | when 'debian' |
22 | 24 | [ |
@@ -30,10 +32,8 @@ when 'debian' | ||
30 | 32 | } |
31 | 33 | |
32 | 34 | # for SSL server key access |
33 | - group 'ssl-cert' do | |
34 | - action :modify | |
35 | - members 'openldap' | |
36 | - append true | |
35 | + if node['openldap']['with_ssl_cert_cookbook'] | |
36 | + append_members_to_key_access_group(['openldap']) | |
37 | 37 | end |
38 | 38 | |
39 | 39 | template '/etc/default/slapd' do |
@@ -53,14 +53,8 @@ when 'rhel' | ||
53 | 53 | } |
54 | 54 | |
55 | 55 | # for SSL server key access |
56 | - group node['ssl_cert']['rhel']['key_access_group'] do | |
57 | - action :modify | |
58 | - members 'ldap' | |
59 | - append true | |
60 | - only_if { | |
61 | - node['openldap']['with_ssl_cert_cookbook'] \ | |
62 | - && node['ssl_cert']['rhel']['key_access_group'] != 'root' | |
63 | - } | |
56 | + if node['openldap']['with_ssl_cert_cookbook'] | |
57 | + append_members_to_key_access_group(['ldap']) | |
64 | 58 | end |
65 | 59 | |
66 | 60 | template '/etc/sysconfig/ldap' do |