Class: HttpdConfigmapGenerator::Ipa
- Inherits:
-
Base
- Object
- Base
- HttpdConfigmapGenerator::Ipa
show all
- Defined in:
- lib/httpd_configmap_generator/ipa.rb
Constant Summary
collapse
- IPA_INSTALL_COMMAND =
"/usr/sbin/ipa-client-install".freeze
- IPA_GETKEYTAB =
"/usr/sbin/ipa-getkeytab".freeze
- AUTH =
{
:type => "external",
:subtype => "ipa"
}.freeze
Constants inherited
from Base
Base::APACHE_USER, Base::HTTP_KEYTAB, Base::IPA_COMMAND, Base::KERBEROS_CONFIG_FILE, Base::LDAP_ATTRS, Base::PAM_CONFIG, Base::SSSD_CONFIG, Base::TIMESTAMP_FORMAT
Base::Network::HOSTNAME_COMMAND
Instance Attribute Summary
Attributes inherited from Base
#opts
Instance Method Summary
collapse
Methods inherited from Base
#debug_msg, #err_msg, #info_msg, #initialize, #run_configure, #validate_options
Methods included from Base::Pam
#configure_pam
#domain_from_host, #fetch_network_file, #host_reachable?, #update_hostname
#enable_kerberos_dns_lookups
#cp_template, #create_target_directory, #delete_target_file, #file_binary?, #path_join, #rm_file, #template_directory
#config_file_backup
#command_run, #command_run!, #log_command_error
Instance Method Details
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
# File 'lib/httpd_configmap_generator/ipa.rb', line 55
def configure(opts)
opts[:host] = get_canonical_hostname(opts[:host])
update_hostname(opts[:host])
command_run!(IPA_INSTALL_COMMAND,
:params => [
"-N", :force_join, :fixed_primary, :unattended, {
:realm= => realm,
:domain= => domain,
:server= => opts[:ipa_server],
:principal= => opts[:ipa_principal],
:password= => opts[:ipa_password]
}
])
configure_ipa_http_service
configure_pam
configure_sssd
enable_kerberos_dns_lookups
config_map = ConfigMap.new(opts)
config_map.generate(AUTH[:type], realm, persistent_files)
config_map.save(opts[:output])
rescue => err
log_command_error(err)
raise err
end
|
80
81
82
|
# File 'lib/httpd_configmap_generator/ipa.rb', line 80
def configured?
File.exist?(SSSD_CONFIG)
end
|
#domain ⇒ Object
96
97
98
99
100
101
|
# File 'lib/httpd_configmap_generator/ipa.rb', line 96
def domain
@domain ||= opts[:ipa_domain] if opts[:ipa_domain].present?
@domain ||= domain_from_host(opts[:ipa_server]) if opts[:ipa_server].present?
@domain ||= super
@domain
end
|
#optional_options ⇒ Object
21
22
23
24
25
26
27
|
# File 'lib/httpd_configmap_generator/ipa.rb', line 21
def optional_options
super.merge(
:ipa_principal => { :description => "IPA Server Principal", :default => "admin" },
:ipa_domain => { :description => "Domain of IPA Server" },
:ipa_realm => { :description => "Realm of IPA Server" }
)
end
|
#persistent_files ⇒ Object
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
# File 'lib/httpd_configmap_generator/ipa.rb', line 29
def persistent_files
%w(
/etc/http.keytab
/etc/ipa/ca.crt
/etc/ipa/default.conf
/etc/ipa/nssdb/cert8.db
/etc/ipa/nssdb/key3.db
/etc/ipa/nssdb/pwdfile.txt
/etc/ipa/nssdb/secmod.db
/etc/krb5.conf
/etc/krb5.keytab
/etc/nsswitch.conf
/etc/openldap/ldap.conf
/etc/pam.d/fingerprint-auth-ac
/etc/pam.d/httpd-auth
/etc/pam.d/password-auth-ac
/etc/pam.d/postlogin-ac
/etc/pam.d/smartcard-auth-ac
/etc/pam.d/system-auth-ac
/etc/pki/ca-trust/source/ipa.p11-kit
/etc/sssd/sssd.conf
/etc/sysconfig/authconfig
/etc/sysconfig/network
)
end
|
#realm ⇒ Object
89
90
91
92
93
94
|
# File 'lib/httpd_configmap_generator/ipa.rb', line 89
def realm
@realm ||= opts[:ipa_realm] if opts[:ipa_realm].present?
@realm ||= domain
@realm ||= super
@realm = @realm.upcase
end
|
#required_options ⇒ Object
12
13
14
15
16
17
18
19
|
# File 'lib/httpd_configmap_generator/ipa.rb', line 12
def required_options
super.merge(
:host => { :description => "Application Domain",
:short => "-h" },
:ipa_server => { :description => "IPA Server FQDN" },
:ipa_password => { :description => "IPA Server Password" }
)
end
|
84
85
86
87
|
# File 'lib/httpd_configmap_generator/ipa.rb', line 84
def unconfigure
return unless configured?
command_run(IPA_INSTALL_COMMAND, :params => [:uninstall, :unattended])
end
|