Add openldap client
Change-Id: I9b2c2559e7b267278baf04a8bb913f57f4603a75
diff --git a/openldap/client/groups/admins.yml b/openldap/client/groups/admins.yml
new file mode 100644
index 0000000..5dbc7ba
--- /dev/null
+++ b/openldap/client/groups/admins.yml
@@ -0,0 +1,18 @@
+classes:
+ - system.openldap.client.groups
+parameters:
+ openldap:
+ client:
+ entry:
+ groups:
+ entry:
+ admins:
+ attr:
+ description: Administrators
+ gidNumber: 20001
+ classes:
+ - posixGroup
+ - top
+ # TODO: Cannot set member attributes in our LDAP yet
+ # member:
+ # - cn=admin,ou=people
diff --git a/openldap/client/groups/init.yml b/openldap/client/groups/init.yml
new file mode 100644
index 0000000..a419001
--- /dev/null
+++ b/openldap/client/groups/init.yml
@@ -0,0 +1,9 @@
+parameters:
+ openldap:
+ client:
+ entry:
+ groups:
+ type: ou
+ classes:
+ - top
+ - organizationalUnit
diff --git a/openldap/client/init.yml b/openldap/client/init.yml
new file mode 100644
index 0000000..25812f6
--- /dev/null
+++ b/openldap/client/init.yml
@@ -0,0 +1,15 @@
+classes:
+ - service.openldap.client
+parameters:
+ _param:
+ openldap_server: ${_param:cluster_vip_address}
+ openldap_tls: false
+ openldap:
+ client:
+ server:
+ basedn: ${_param:openldap_dn}
+ host: ${_param:openldap_server}
+ tls: ${_param:openldap_tls}
+ auth:
+ user: cn=admin,${_param:openldap_dn}
+ password: ${_param:openldap_admin_password}
diff --git a/openldap/client/people/admin.yml b/openldap/client/people/admin.yml
new file mode 100644
index 0000000..c3341aa
--- /dev/null
+++ b/openldap/client/people/admin.yml
@@ -0,0 +1,25 @@
+classes:
+ - system.openldap.client.people
+ - system.openldap.client.groups.admins
+parameters:
+ openldap:
+ client:
+ entry:
+ people:
+ entry:
+ admin:
+ attr:
+ uid: admin
+ userPassword: ${_param:openldap_admin_password}
+ uidNumber: 20001
+ gidNumber: ${openldap:client:entry:groups:entry:admins:attr:gidNumber}
+ gecos: Administrator
+ givenName: Charlie
+ sn: Root
+ homeDirectory: /home/admin
+ loginShell: /bin/bash
+ classes:
+ - posixAccount
+ - inetOrgPerson
+ - top
+ - shadowAccount
diff --git a/openldap/client/people/init.yml b/openldap/client/people/init.yml
new file mode 100644
index 0000000..a4ae94d
--- /dev/null
+++ b/openldap/client/people/init.yml
@@ -0,0 +1,9 @@
+parameters:
+ openldap:
+ client:
+ entry:
+ people:
+ type: ou
+ classes:
+ - top
+ - organizationalUnit
diff --git a/salt/master/formula/pkg/foundation.yml b/salt/master/formula/pkg/foundation.yml
index abcc1b0..3611321 100644
--- a/salt/master/formula/pkg/foundation.yml
+++ b/salt/master/formula/pkg/foundation.yml
@@ -19,4 +19,7 @@
freeipa:
source: pkg
name: salt-formula-freeipa
+ openldap:
+ source: pkg
+ name: salt-formula-openldap