add config_ldap param to class pureftpd

To allow passing a hash of pureftpd-ldap.conf configuration values through to class pureftpd::config::ldap
jhoblitt · Aug 5, 2013 · 5abd649 · 5abd649
1 parent c3e8fdd
commit 5abd649
Show file tree

Hide file tree

Showing 4 changed files with 90 additions and 22 deletions.
diff --git a/Modulefile b/Modulefile
@@ -17,5 +17,4 @@ Requirements:
 Todo:
 - complete the config_mysql and config_pgsql defines
 '
-
-## Add dependencies, if any:
+dependency 'puppetlabs/stdlib', '>= 2.2.0'
diff --git a/README.md b/README.md
@@ -39,20 +39,29 @@ defaults) and start `pure-ftpd` as a stand alone daemon.
 
 ### Enabling LDAP authentication
 
-```
-  pureftpd::config_ldap { 'ftp-server':
-    ldap_server     => '192.168.100.10',
-    ldap_basedn     => 'ou=Users,dc=company,dc=com',
-    ldap_filter     => '(&(objectClass=posixAccount)(uid=\L))',
-    ldap_authmethod => 'BIND'
-    user_bandwidth  => '1800:1800'
-  }
-```
-```
-  pureftpd::config_pgsql { 'ftp-server':
-    user_bandwidth  => '1800:1800'
-  }
-```
+    class { 'pureftpd':
+      use_selinux => true,
+      config      => {
+        ipv4only         => 'Yes',
+        passiveportrange => '49999:59999',
+      }
+      config_ldap => {
+        $ldapserver      => 'ldap.example.com',
+        $ldapauthmethod  => 'PASSWORD',
+        $ldapport        => '389',
+        $ldapbinddn      => 'cn=Manager,dc=c9x,dc=org',
+        $ldapbindpw      => 'r00tPaSsw0rD',
+        $ldapbasedn      => 'cn=Users,dc=c9x,dc=org',
+        $ldapfilter      => '(&(objectClass=posixAccount)(uid=\L))',
+        $ldaphomedir     => 'homeDirectory',
+        $ldapversion     => '3',
+        $ldapdefaultuid  => '100',
+        $ldapdefaultgid  => '100',
+        $ldapdefaultgid  => '100',
+        $ldapusetls      => 'False',
+        $ldapauthmethod  => 'PASSWORD',
+      }
+    }
 
 ### TODO
 - add a configuration switch for the pem certificate file, in case TLS is used

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -18,15 +18,34 @@
 class pureftpd (
   $use_selinux = false,
   $config      = {},
+  $config_ldap = {},
 ) {
   validate_bool($use_selinux)
   validate_hash($config)
+  validate_hash($config_ldap)
 
   include pureftpd::service
 
   class{ 'pureftpd::install': use_selinux => $use_selinux }
 
-  create_resources( 'class', { 'pureftpd::config' => $config } )
+  unless (empty($config_ldap)) {
+    # insert the path to the ldap conf file into pure-ftpd.conf
+    $enable_ldap = { ldapconfigfile => $pureftpd::params::ldap_conf_path }
+
+    # instantiate pureftpd::config::ldap that will notify the service class
+    $safe_config_ldap = merge($config,
+      { notify => Class[ 'pureftpd::service' ] }
+    )
+    create_resources( 'class', { 'pureftpd::config::ldap' => $config_ldap } )
+
+    # only try to create the ldap configuration file after the pureftpd package
+    # is installed and configuration; otherwise the dir may not exist yet
+    Class[ 'pureftpd::config' ] ->
+    Class[ 'pureftpd::config::ldap' ]
+  }
+
+  $safe_config = merge($config, $enable_ldap)
+  create_resources( 'class', { 'pureftpd::config' => $safe_config } )
 
   Class[ 'pureftpd::install' ] ->
   Class[ 'pureftpd::config' ] ->

diff --git a/spec/classes/pureftpd_spec.rb b/spec/classes/pureftpd_spec.rb
@@ -11,7 +11,8 @@
       should include_class('pureftpd::service') 
       should contain_package('pure-ftpd').with_ensure('present')
       should_not contain_package('pure-ftpd-selinux')
-      should contain_file('/etc/pure-ftpd/pure-ftpd.conf').with_ensure('file')
+      should contain_file('/etc/pure-ftpd/pure-ftpd.conf').with_ensure('file')\
+        .with_content('')
       should contain_service('pure-ftpd').with({
         'ensure' => 'running',
         'enable' => 'true',
@@ -28,7 +29,8 @@
       should include_class('pureftpd::service') 
       should contain_package('pure-ftpd').with_ensure('present')
       should contain_package('pure-ftpd-selinux').with_ensure('present')
-      should contain_file('/etc/pure-ftpd/pure-ftpd.conf').with_ensure('file')
+      should contain_file('/etc/pure-ftpd/pure-ftpd.conf').with_ensure('file')\
+        .with_content('')
       should contain_service('pure-ftpd').with({
         'ensure' => 'running',
         'enable' => 'true',
@@ -45,7 +47,8 @@
       should include_class('pureftpd::service') 
       should contain_package('pure-ftpd').with_ensure('present')
       should_not contain_package('pure-ftpd-selinux')
-      should contain_file('/etc/pure-ftpd/pure-ftpd.conf').with_ensure('file')
+      should contain_file('/etc/pure-ftpd/pure-ftpd.conf').with_ensure('file')\
+        .with_content('')
       should contain_service('pure-ftpd').with({
         'ensure' => 'running',
         'enable' => 'true',
@@ -71,7 +74,8 @@
       should include_class('pureftpd::service') 
       should contain_package('pure-ftpd').with_ensure('present')
       should_not contain_package('pure-ftpd-selinux')
-      should contain_file('/etc/pure-ftpd/pure-ftpd.conf').with_ensure('file')
+      should contain_file('/etc/pure-ftpd/pure-ftpd.conf').with_ensure('file')\
+        .with_content('')
       should contain_service('pure-ftpd').with({
         'ensure' => 'running',
         'enable' => 'true',
@@ -80,7 +84,12 @@
   end
 
   describe 'with $config keys' do
-    let(:params) {{ :config => { 'daemonize' => 'Yes', 'ipv4only' => 'No'} }}
+    let(:params) {{
+      :config => {
+        'daemonize' => 'Yes',
+        'ipv4only'  => 'No',
+      }
+    }}
     it do
       should include_class('pureftpd') 
       should include_class('pureftpd::install') 
@@ -108,4 +117,36 @@
       }.to raise_error(Puppet::Error, /is not a Hash/)
     end
   end
+
+  describe 'with $config_ldap => { ldapserver => ldap.example.com  }' do
+    let(:params) {{
+      :config_ldap => {
+        'ldapserver' => 'ldap.example.com',
+        'ldapport'   => '389',
+      }
+    }}
+    it do
+      should include_class('pureftpd') 
+      should include_class('pureftpd::install') 
+      should include_class('pureftpd::config') 
+      should include_class('pureftpd::config::ldap') 
+      should include_class('pureftpd::service') 
+      should contain_package('pure-ftpd').with_ensure('present')
+      should_not contain_package('pure-ftpd-selinux')
+      should contain_file('/etc/pure-ftpd/pure-ftpd.conf').with_ensure('file') \
+        .with_content(<<-END.gsub(/^\s+/, ""))
+        LDAPConfigFile      /etc/pure-ftpd/pureftpd-ldap.conf
+        END
+      should contain_file('/etc/pure-ftpd/pureftpd-ldap.conf').with_ensure('file') \
+        .with_content(<<-END.gsub(/^\s+/, ""))
+        LDAPServer          ldap.example.com
+        LDAPPort            389
+        END
+      should contain_service('pure-ftpd').with({
+        'ensure' => 'running',
+        'enable' => 'true',
+      })
+    end
+  end
+
 end