Hi folks,
I have written a small LDAP backend for Hiera. I am aware of the one at
<https://github.com/hunner/hiera-ldap> but it''s not what I was
looking
for.
You can find mine at <http://forge.ircam.fr/p/hiera-ldap-backend/>.
How to use it
============
Basically, the hiera.yaml file should look like that:
---
:backends:
- ldap
:ldap:
:server: ldap.example.com
:port: 389
:base: dc=example,dc=com
:attribute: hieraData
:name: cn
:hierarchy:
- %{::fqdn}
- common
The first three lines in the :ldap section should be obvious. The next
two are the names of the attributes containing, in order, the Hiera data
itself (as "key=value" strings) and the lookup key. So, for instance,
to
set the value of variable "foo" to "bar" on host
"myhost.example.com",
your LDAP entry would look like that:
dn: cn=myhost.example.com, ou=hosts, dc=example, dc=com
cn: myhost.example.com
hieraData: foo=bar
It''s up to you to add support for the hieraData attribute in your LDAP
schema; the schema snippet I use looks like that:
attributetype ( 1.3.6.1.4.1.7568.1.1.49.1 NAME ''hieraData'' SUP
name )
objectclass ( 1.3.6.1.4.1.7568.1.2.43.1 NAME ''hieraSource'' SUP
top STRUCTURAL
DESC ''Hiera configuration source''
MAY ( cn $ hieraData ) )
I have not yet tested the backend live with Puppet (waiting for my
schema changes to get pulled by all my LDAP servers) but it works with
the hiera command line.
Feedback welcome, of course. :-) I guess I should mention I''m a
beginner
with both Ruby and Hiera, so my code is probably far from optimal.
--
A
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.