Break rhelish 6 and 7 sysconfig templates out separately

Signed-off-by: Seth Thomas <[email protected]>
sous-chefs · Apr 3, 2017 · 52ff305 · 52ff305
1 parent a0dd3e7
commit 52ff305
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 9 deletions.
diff --git a/recipes/default.rb b/recipes/default.rb
@@ -33,7 +33,7 @@
     end
   else
     template '/etc/sysconfig/ldap' do
-      source 'sysconfig_slapd.erb'
+      source 'sysconfig_ldap.erb'
     end
   end
 when 'suse'

diff --git a/templates/default/sysconfig_ldap.erb b/templates/default/sysconfig_ldap.erb
@@ -0,0 +1,37 @@
+## Generated by Chef. Do not hand edit
+## based on CentOS 6 defaults
+
+# Options of slapd (see man slapd)
+SLAPD_OPTIONS="-f /etc/openldap/slapd.conf"
+
+# At least one of SLAPD_LDAP, SLAPD_LDAPI and SLAPD_LDAPS must be set to 'yes'!
+#
+# Run slapd with -h "... ldap:/// ..."
+#   yes/no, default: yes
+SLAPD_LDAP=yes
+
+# Run slapd with -h "... ldapi:/// ..."
+#   yes/no, default: yes
+SLAPD_LDAPI=yes
+
+# Run slapd with -h "... ldaps:/// ..."
+#   yes/no, default: no
+<% if node['openldap']['ldaps_enabled'] -%>
+SLAPD_LDAPS=yes
+<% else -%>
+SLAPD_LDAPS=no
+<% end -%>
+
+# Run slapd with -h "... $SLAPD_URLS ..."
+# This option could be used instead of previous three ones, but:
+# - it doesn't overwrite settings of $SLAPD_LDAP, $SLAPD_LDAPS and $SLAPD_LDAPI options
+# - it isn't overwritten by settings of $SLAPD_LDAP, $SLAPD_LDAPS and $SLAPD_LDAPI options
+# example: SLAPD_URLS="ldapi:///var/lib/ldap_root/ldapi ldapi:/// ldaps:///"
+# default: empty
+#SLAPD_URLS=""
+
+# Maximum allowed time to wait for slapd shutdown on 'service ldap stop' (in seconds)
+#SLAPD_SHUTDOWN_TIMEOUT=3
+
+# Parameters to ulimit, use to change system limits for slapd
+#SLAPD_ULIMIT_SETTINGS=""
diff --git a/templates/default/sysconfig_slapd.erb b/templates/default/sysconfig_slapd.erb
@@ -1,5 +1,6 @@
-# Generated by Chef. Do not hand edit
-#
+## Generated by Chef. Do not hand edit
+## based on CentOS 7 defaults
+
 # OpenLDAP server configuration
 # see 'man slapd' for additional information
 
@@ -9,17 +10,13 @@
 # - default: ldapi:/// ldap:///
 # - example: ldapi:/// ldap://127.0.0.1/ ldap://10.0.0.1:1389/ ldaps:///
 <% if node['openldap']['ldaps_enabled'] -%>
-SLAPD_URLS="ldapi:/// ldap:/// ldaps:///"
+SLAPD_URLS="ldap:/// ldapi:/// ldaps:///"
 <% else -%>
-SLAPD_URLS="ldapi:/// ldap:///"
+SLAPD_URLS="ldap:/// ldapi:///"
 <% end -%>
 
 # Any custom options
-<% if node['platform'] == "centos"  or node['platform'] == "amazon" -%>
 SLAPD_OPTIONS="-f /etc/openldap/slapd.conf"
-<% else %>
-SLAPD_OPTIONS=""
-<% end -%>
 
 # Keytab location for GSSAPI Kerberos authentication
 #KRB5_KTNAME="FILE:/etc/openldap/ldap.keytab"