diff --git a/REFERENCE.md b/REFERENCE.md index 40e332b..2a21bdf 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -202,25 +202,25 @@ The following options are possible: Plain text (default) ``` { - 'server' => 'http://localhost:8080', + 'server' => 'http://localhost:8080', } ``` Using PE token: ``` { - 'server' => 'https://localhost:8081', - 'token' => '/etc/hdm/puppetdb.token', - 'cacert' => '', + 'server' => 'https://localhost:8081', + 'token' => '/etc/hdm/puppetdb.token', + 'cacert' => '', } ``` Using SSL cert: ``` { - 'server' => 'https://localhost:8081', - 'pem' => { - 'key' => '/etc/hdm/ssl.key', - 'cert' => '/etc/hdm/ssl.cert', - 'ca_file' => '/etc/hdm/ssl.ca', + 'server' => 'https://localhost:8081', + 'pem' => { + 'key' => '/etc/hdm/ssl.key', + 'cert' => '/etc/hdm/ssl.cert', + 'ca_file' => '/etc/hdm/ssl.ca', }, } ``` @@ -304,10 +304,10 @@ Required Array of hash data: ``` [ { - 'datadir' => 'modules/hieradata/data', - 'git_url' => 'git@server:path/repo.git', - 'path_in_repo' => 'data', - 'ssh_priv_key' => '.ssh/id_rsa', + 'datadir' => 'modules/hieradata/data', + 'git_url' => 'git@server:path/repo.git', + 'path_in_repo' => 'data', + 'ssh_priv_key' => '.ssh/id_rsa', } ] ``` @@ -322,12 +322,16 @@ Config for LDAP integration Needs the following Hash: ``` { - 'host' => 'localhost', - 'port' => 389, - 'base_dn' => 'ou=hdm,dc=nodomain', - 'bind_dn' => 'cn=admin,dc=nodomain', - 'bind_dn_password' => 'openldap', # clear text - 'ldaps' => false, + 'host' => 'localhost', + 'port' => 389, + 'base_dn' => 'ou=hdm,dc=nodomain', + 'bind_dn' => 'cn=admin,dc=nodomain', + 'bind_dn_password' => 'openldap', # clear text + 'username_attribute' => 'mail', # where is the email in ldap - defaults to mail + 'filter' => '(gid=23)', # filter for specific ldap entries + 'ssl_mode' => 'start_tls', # simple, start_tls or empty (plain text) + 'ssl_verify' => true, # true or false + 'ca_file' => '/etc/hdm/ca.crt', } ``` @@ -368,7 +372,7 @@ or eyaml data. Example: ``` { - 'functon_name' => '' + 'function_name' => '' } Default value: `{}` @@ -400,12 +404,16 @@ Alias of ```puppet Struct[{ - 'host' => Stdlib::Host, - 'port' => Stdlib::Port, - 'base_dn' => String[1], - 'bind_dn' => String[1], - 'bind_dn_password' => Optional[Variant[Sensitive[String[1]],String[1]]], - 'ldaps' => Boolean, + 'host' => Stdlib::Host, + 'port' => Stdlib::Port, + 'base_dn' => String[1], + 'bind_dn' => String[1], + 'bind_dn_password' => Optional[Variant[Sensitive[String[1]],String[1]]], + 'ssl_mode' => Optional[Enum['start_tls', 'simple']], + 'ssl_verify' => Optional[Boolean], + 'username_attribute' => Optional[String[1]], + 'ca_file' => Optional[Stdlib::Absolutepath], + 'filter' => Optional[String[1]], }] ``` diff --git a/manifests/init.pp b/manifests/init.pp index e0300b6..ec9713b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -49,25 +49,25 @@ # Plain text (default) # ``` # { -# 'server' => 'http://localhost:8080', +# 'server' => 'http://localhost:8080', # } # ``` # Using PE token: # ``` # { -# 'server' => 'https://localhost:8081', -# 'token' => '/etc/hdm/puppetdb.token', -# 'cacert' => '', +# 'server' => 'https://localhost:8081', +# 'token' => '/etc/hdm/puppetdb.token', +# 'cacert' => '', # } # ``` # Using SSL cert: # ``` # { -# 'server' => 'https://localhost:8081', -# 'pem' => { -# 'key' => '/etc/hdm/ssl.key', -# 'cert' => '/etc/hdm/ssl.cert', -# 'ca_file' => '/etc/hdm/ssl.ca', +# 'server' => 'https://localhost:8081', +# 'pem' => { +# 'key' => '/etc/hdm/ssl.key', +# 'cert' => '/etc/hdm/ssl.cert', +# 'ca_file' => '/etc/hdm/ssl.ca', # }, # } # ``` @@ -109,10 +109,10 @@ # ``` # [ # { -# 'datadir' => 'modules/hieradata/data', -# 'git_url' => 'git@server:path/repo.git', -# 'path_in_repo' => 'data', -# 'ssh_priv_key' => '.ssh/id_rsa', +# 'datadir' => 'modules/hieradata/data', +# 'git_url' => 'git@server:path/repo.git', +# 'path_in_repo' => 'data', +# 'ssh_priv_key' => '.ssh/id_rsa', # } # ] # ``` @@ -121,12 +121,16 @@ # Needs the following Hash: # ``` # { -# 'host' => 'localhost', -# 'port' => 389, -# 'base_dn' => 'ou=hdm,dc=nodomain', -# 'bind_dn' => 'cn=admin,dc=nodomain', -# 'bind_dn_password' => 'openldap', # clear text -# 'ldaps' => false, +# 'host' => 'localhost', +# 'port' => 389, +# 'base_dn' => 'ou=hdm,dc=nodomain', +# 'bind_dn' => 'cn=admin,dc=nodomain', +# 'bind_dn_password' => 'openldap', # clear text +# 'username_attribute' => 'mail', # where is the email in ldap - defaults to mail +# 'filter' => '(gid=23)', # filter for specific ldap entries +# 'ssl_mode' => 'start_tls', # simple, start_tls or empty (plain text) +# 'ssl_verify' => true, # true or false +# 'ca_file' => '/etc/hdm/ca.crt', # } # ``` # @@ -143,7 +147,7 @@ # Example: # ``` # { -# 'functon_name' => '' +# 'function_name' => '' # } # # @example diff --git a/types/ldap_settings.pp b/types/ldap_settings.pp index 8979fca..99c0a87 100644 --- a/types/ldap_settings.pp +++ b/types/ldap_settings.pp @@ -1,11 +1,15 @@ # @summary type to enforce ldap settings for HDM type Hdm::Ldap_settings = Struct[ { - 'host' => Stdlib::Host, - 'port' => Stdlib::Port, - 'base_dn' => String[1], - 'bind_dn' => String[1], - 'bind_dn_password' => Optional[Variant[Sensitive[String[1]],String[1]]], - 'ldaps' => Boolean, + 'host' => Stdlib::Host, + 'port' => Stdlib::Port, + 'base_dn' => String[1], + 'bind_dn' => String[1], + 'bind_dn_password' => Optional[Variant[Sensitive[String[1]],String[1]]], + 'ssl_mode' => Optional[Enum['start_tls', 'simple']], + 'ssl_verify' => Optional[Boolean], + 'username_attribute' => Optional[String[1]], + 'ca_file' => Optional[Stdlib::Absolutepath], + 'filter' => Optional[String[1]], } ]