On Mar 20, 2014, at 1:26 PM, John <sami.st...@gmail.com> wrote:
> Below is a my current config,.pp file.... I'm trying to create a condition
> that says
>
> if (/etc/ldap.conf contains the string host1.mydomain.com or
> host2.mydomain.com)
> Then install an sshd_ldap.erb template
> else if (/etc/ldap.conf contains the string hostB.mydomain.com or
> hostA.mydomain.com)
> Then install an sshd_freeIPA.erb template
> else install a standard template.
>
> The code does not work as written. Any advice to suggestions would be
> greatly appreciated.
>
> Thanks in advance.
>
> class ssh::config inherits ssh {
> file_content { '/etc/ldap.conf':
> ensure => file,
> }
I understand what you're trying to do here, but you seem to have made up some
puppet code that it won't know how to handle. You're trying to define a
variable by using puppet's resource language. That's not going to work.
What you'll need to do is write a custom facter fact, e.g. 'ldapserver', that
will contain the name(s) of the configured ldap server(s). I do this in my
environment with the following code, which I place into a puppet module named
'custom' (as documented here
http://docs.puppetlabs.com/guides/plugins_in_modules.html):
# ldapservers.rb
Facter.add(:ldapservers) do
setcode do
osfam = Facter.value('osfamily')
case osfam
when /RedHat/
%x{authconfig --test | grep -Fwm 1 'LDAP server' | awk -F\\"
'{gsub("ldap:","");gsub("/","");print $2}'}.chomp
when /Debian/
%x{awk '/^uri/{print $2,$3}' /etc/ldap.conf}.chomp
end
end
end
With this fact in place, you can use a selector instead of an if statement to
make your code much more concise:
class ssh::config inherits ssh {
$ssh_type = $::ldapservers ? {
/host(1|2).mydomain.com/ => "ldap",
/host(B|A).mydomain.com/ => "ipa",
default => "standard",
}
file { '/etc/ssh/sshd_config':
ensure => present,
owner => $owner,
group => $group,
mode => '0644',
backup => false,
content => template("sshd_config_${$ssh_type}.erb"),
}
file { '/etc/ssh/ssh_config':
ensure => present,
owner => $owner,
group => $group,
mode => '0644',
backup => false,
content => template("ssh_config_${$ssh_type}.erb"),
}
}
> if $file_content == "host1.mydomain.com || host2.mydomain.com"
> {
> file { '/etc/ssh/sshd_config':
> ensure => present,
> owner => $owner,
> group => $group,
> mode => '0644',
> backup => false,
> content => template("sshd_config_ldap.erb"),
> }
> file { '/etc/ssh/ssh_config':
> ensure => present,
> owner => $owner,
> group => $group,
> mode => '0644',
> backup => false,
> content => template("ssh_config_ldap.erb"),
> }
> }
> elsif $file_content == "hostB.mydomain.com || hostA.mydomain.com"
> {
> file { '/etc/ssh/sshd_config':
> ensure => present,
> owner => $owner,
> group => $group,
> mode => '0644',
> backup => false,
> content => template("sshd_config_ipa.erb"),
> }
> file { '/etc/ssh/ssh_config':
> ensure => present,
> owner => $owner,
> group => $group,
> mode => '0644',
> backup => false,
> content => template("ssh_config_ipa.erb"),
> }
> }
> else
> {
> file { '/etc/ssh/sshd_config':
> ensure => present,
> owner => $owner,
> group => $group,
> mode => '0644',
> backup => false,
> content => template("sshd_config_standard.erb"),
> }
> file { '/etc/ssh/ssh_config':
> ensure => present,
> owner => $owner,
> group => $group,
> mode => '0644',
> backup => false,
> content => template("ssh_config_standard.erb"),
> }
> }
> }
--
Peter Bukowinski
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/B87E3C1D-B65E-4895-B7D8-C70B6F7E162F%40gmail.com.
For more options, visit https://groups.google.com/d/optout.
