Skip to content
This repository has been archived by the owner on Dec 31, 2024. It is now read-only.

Latest commit

 

History

History
150 lines (98 loc) · 6.81 KB

CHANGELOG.md

File metadata and controls

150 lines (98 loc) · 6.81 KB

[Current]

  • 435a443 - (Joshua Hoblitt) Update README.md
  • c305f77 - (Joshua Hoblitt) Update README.md
  • 49b24b6 - (Joshua Hoblitt) add additional details to README
  • 85d55f5 - (Joshua Hoblitt) manage dirsrv (non-instance) service

The dirsrv service defaults to being disabled so no 389 instances will automatically start on boot.

  • ae69463 - (Joshua Hoblitt) convert whitespace in net.ipv4.ip_local_port_range to a tab

To match the output from sysctl to avoid:

Notice: /Stage[main]/Port389::Tune/Sysctl[net.ipv4.ip_local_port_range]/value:
changed live value from '1024   65000' to '1024 65000'
  • 46d5fd7 - (Joshua Hoblitt) disable system tuning by default
  • 94bffa9 - (Joshua Hoblitt) fill in README
  • 376d79e - (Joshua Hoblitt) add dep on jhoblitt/nsstools >= 1.0.2
  • 05cd337 - (Joshua Hoblitt) modify redhat_instance provider tests to work with 2.7.x

The init service provider in older puppet releases didn't auto-magically exclude service sysv init script names. The redhat_instance service provider isn't intended to be general purposes so testing for the service name blacklisting can be safely removed.

  • ba78c67 - (Joshua Hoblitt) update rspec to work with ruby 1.8.7
  • 799be3f - (Joshua Hoblitt) replace usage of port389_nsstools_add_cert() with nsstools_add_cert()
  • f2c31d2 - (Joshua Hoblitt) remove port389_nsstools_add_cert() function

Exported and renamed to nsstools_add_cert() in:

https://github.com/jhoblitt/puppet-nsstools/commit/58cf67dadade00a7ebe19a31d5d01e72d4fa5570
  • 93e211f - (Joshua Hoblitt) adapt to nssdb -> nstools rename + API changes
  • 91aac90 - (Joshua Hoblitt) resolve or suppress lint warnings
  • 22f7644 - (Joshua Hoblitt) remove rspec-system boilerplate
  • fe451e5 - (Joshua Hoblitt) add rspec coverage of admin server ssl setup

XXX need to test admin service resource but it's not obvious if this should be tested under the port389 class or the port389::instance type.

  • b94efdc - (Joshua Hoblitt) change default password(s) to 'password'

To match the example password used in the documentation.

  • 3fd51c6 - (Joshua Hoblitt) simplify instance ssl setup and tidy file ownership/permissions
  • e143e1b - (Joshua Hoblitt) update admin server ssl support

This should be almost a complete implementation now but it's not in a working state as sslv2/sslv3 handshakes to port 9830 are hanging.

  • 3b4e9de - (Joshua Hoblitt) change Modulefile dep on mcanevet/openldap to camptocamp/openldap

It appears that this module maybe be in the process of being renamed:

https://github.com/mcanevet/puppet-openldap/issues/17
  • 6357541 - (Joshua Hoblitt) add admin server ssl support
  • 36d5e18 - (Joshua Hoblitt) add all instance ssl params to port389 base class

To allow them to all be set globally.

  • a9ddc1a - (Joshua Hoblitt) validate private class/type params
  • fd6113d - (Joshua Hoblitt) facter nssdb setup into it's own type

Split the nssdb setup out of the port389::instance::ssl type into it's own port389::certs type.

  • ff24ac3 - (Joshua Hoblitt) add .bundle to .gitignore
  • e8ea305 - (Joshua Hoblitt) add service resource management
  • 6112159 - (Joshua Hoblitt) update Gemfile rspec-puppet to point to upstream git

The patch needed to properly test the port389_nssd_add_cert() function has been merged:

rodjek/rspec-puppet#155 https://github.com/rodjek/rspec-puppet/commit/03e94422fb9bbdd950d5a0bec6ead5d76e06616b

  • 5f97fe9 - (Joshua Hoblitt) add redhat_instance service type provider

This provider is a subclass of the core redhat service provider. It is of limited use and is intended for service scripts that support managing multiple service instances via additional arguments to the init script.

This is needed to function with 389's sysvinit script. It appears that this type of kluedge will not be nessicary for the systemd service files.

  • b5f5e99 - (Joshua Hoblitt) add initial per instance ssl configuration

These params have been addded to the port389::instance define

  • ssl_server_port

  • ssl_cert

  • ssl_key

  • ssl_ca_certs

  • dbb1c5e - (Joshua Hoblitt) add work around for broken package yum provider on RedHat

As of puppet 3.4.2, the yum provider for the package type does not handle 'purged' correctly and shows activity on every run.

  • bb7c059 - (Joshua Hoblitt) add warning() when an instance is defined but base class is set to absent
  • 546cba1 - (Joshua Hoblitt) add ensure param to port389 class

Controls package installation state via these values:

  • {present, latest, absent, purge }

On el6.x, the purg statee will manually rm -f all [known] 389 related files as this is not handled by the 389 rpms.

  • c58e434 - (Joshua Hoblitt) add schema_file param to port389::instance define

This param controls SchemaFile entrie(s) in the setup.inf file.

  • 1361895 - (Joshua Hoblitt) remove datacat module from .fixtures.yml (unused)
  • 7df13c2 - (Joshua Hoblitt) add initial implementation port389::instance define

The rspec coverage of this define is unfortunately light as is both has many parameters and required many to be added to the port389 class.

  • 7369ad4 - (Joshua Hoblitt) add port389_domain2dn function

Converts a DNS style domain string into a string suitable for use as a LDAP DN by constructing 'dc=' elements for each domain component.

Example:

foo.example.org

Would become:

dc=foo,dc=example,dc=org
  • c2ff177 - (Joshua Hoblitt) convert .fixtures.yml to use all https URLs

Travis CI is choking on ssh+git style repo URLs

  • a547d03 - (Joshua Hoblitt) add port389::tune class

This class sets recommending 389/RedHat Directory Server tuning limits.d and sysctl values.

  • e984464 - (Joshua Hoblitt) add basic port389::install class
  • 2374d20 - (Joshua Hoblitt) Merge puppet-module_skel
  • 80d1393 - (Joshua Hoblitt) first commit