site.pp: Tweak /etc/ldap/ldap.conf and add HOST ldap.intern.

1 files changed, 22 insertions, 0 deletions

diff --git a/code/environments/production/manifests/site.pp b/code/environments/production/manifests/site.pp
index ab14b12..c257998 100644
--- a/code/environments/production/manifests/site.pp
+++ b/code/environments/production/manifests/site.pp
@@ -258,6 +258,13 @@ class fsautoresizetab {
 	}
 }
 
+class ldapconf {
+	exec { 'add_tjener_to_ldapconf':
+		command => "/usr/bin/sed -i /etc/ldap/ldap.conf -e '\$ a HOST ldap.intern\\nBASE dc=skole,dc=skolelinux,dc=no\\nTLS_REQCERT demand\\nTLS_CACERT /etc/ssl/certs/debian-edu-server.crt\\n'",
+		unless => [ "/bin/grep -E 'HOST ldap.intern' /etc/ldap/ldap.conf" ],
+	}
+}
+
 class ensure_roaming_workstation {
 
 	file_line { 'debianedu_profile_roamingworkstation':
@@ -306,6 +313,7 @@ node "disklserver.intern" {
 	}
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 node "tjener.intern" {
@@ -350,6 +358,7 @@ node "faiserver.intern" {
 	}
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 node "filter.intern" {
@@ -373,6 +382,7 @@ node "filter.intern" {
 	}
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 # NOT PRESENT node "opsiserver.intern" inherits "all_servers" {}
@@ -397,6 +407,7 @@ node "contentserver.intern" {
 	}
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 node "devserver.intern" {
 	class { 'ssh_pubkeys_admins': }
@@ -419,6 +430,7 @@ node "devserver.intern" {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 node "bibserv.intern" {
 	class { 'ssh_pubkeys_admins': }
@@ -442,6 +454,7 @@ node "bibserv.intern" {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 # Notebooks in den Medienwagen
@@ -472,6 +485,7 @@ node /^mw.*\.intern$/ {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 node /^nbw.*\.intern$/ {
@@ -499,6 +513,7 @@ node /^nbw.*\.intern$/ {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 node /^net.*\.intern$/ {
@@ -526,6 +541,7 @@ node /^net.*\.intern$/ {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 node /^snb.*\.intern$/ {
@@ -553,6 +569,7 @@ node /^snb.*\.intern$/ {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 node /^t410.*\.intern$/ {
@@ -580,6 +597,7 @@ node /^t410.*\.intern$/ {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 node /^t61.*\.intern$/ {
@@ -607,6 +625,7 @@ node /^t61.*\.intern$/ {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 node /^test-fai-installation\.intern$/ {
@@ -635,6 +654,7 @@ node /^test-fai-installation\.intern$/ {
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
 	class { 'ensure_roaming_workstation': }
+	class { 'ldapconf': }
 }
 
 node /^tp.*\.intern$/ {
@@ -662,6 +682,7 @@ node /^tp.*\.intern$/ {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }
 
 # default / minimal
@@ -684,4 +705,5 @@ node "default" {
 	class { 'ldapservercert_renewal': }
 	class { 'cups_browsed_polling': }
 	class { 'debianeducacert_2_cacerts':  }
+	class { 'ldapconf': }
 }