The STNS module handles installing, configuring, and running STNS and libnss_stns on stns.jp.
The STNS module requires the following puppet modules:
- puppetlabs-stdlib: version 4.0 or newer.
- puppetlabs-apt: version 2.0 or newer (only Debian-based distributions).
To install the STNS server with default parameters, declare the stns::server
class.
include ::stns::server
To install the STNS client (libnss_stns and libpam_stns) with default parameters, declare the stns::client
class.
include ::stns::client
class { '::stns::server':
port => 1104,
user => 'sample',
password => 's@mp1e',
package_ensure => latest,
}
# Configures users and groups
stns::server::users {
'foo':
id => 1001,
group_id => 1001,
directory => '/home/foo',
shell => '/bin/bash';
'bar':
id => 1002,
group_id => 1001,
directory => '/home/bar',
shell => '/bin/bash';
}
stns::server::groups { 'sample':
id => 1001,
users => [
'foo',
'bar',
],
}
class { '::stns::client':
api_end_point => [
'http://stns1.example.jp:1104',
'http://stns2.example.jp:1104',
],
user => 'sample',
password => 's@mp1e',
wrapper_path => '/usr/local/bin/stns-query-wrapper',
chain_ssh_wrapper => '/usr/libexec/openssh/ssh-ldap-wrapper',
ssl_verify => true,
request_timeout => 3,
http_proxy => 'http://proxy.example.com:1104',
package_ensure => latest,
handle_nsswitch => true,
handle_sshd_config => true,
}
---
stns::server::port: 1104
stns::server::user: sample
stns::server::password: s@mp1e
stns::server::package_ensure: latest
stns::client::api_end_point:
- 'http://stns1.example.jp:1104'
- 'http://stns2.example.jp:1104'
stns::client::user: sample
stns::client::password: s@mp1e
stns::client::wrapper_path: '/usr/local/bin/stns-query-wrapper'
stns::client::chain_ssh_wrapper: null
stns::client::ssl_verify: true
stns::client::request_timeout: 3
stns::client::http_proxy: 'http://proxy.example.com:1104'
stns::client::package_ensure: latest
stns::client::handle_nsswitch: true
stns::client::handle_sshd_config: true
stns::server
: Installs and configures STNS.stns::client
: Installs and configures libnss_stns and libpam_stns.
stns::repo
: Setup STNS repository.stns::server::install
: Installs STNS package.stns::server::config
: Configures STNS.stns::server::server
: Manages service.stns::client::install
: Installs packages for libnss_stns and libpam_stns.stns::client::config
: Configures
stns::server::users
: Specifies a STNS users configuration file.stns::server::groups
: Specifies a STNS groups configuration file.
port
: Specifies a listen port listen. Valid options: a number of a port number. Default: 1104.user
: Specifies a user for authentication. Valid options: a string containing a valid username. Default: 'undef'.password
: Specifies a password for authentication. Valid options: a string containing a valid password. Default: 'undef'.package_ensure
: What state the packages should be in.
api_end_point
: Valid options: Default: 'http://localhost:1104'.user
: Specifies a user for authentication. Valid options: a string containing a valid username. Default: 'undef'.password
: Specifies a password for authentication. Valid options: a string containing a valid password. Default: 'undef'.wrapper_path
: Valid options: absolute path. Default: '/usr/local/bin/stns-query-wrapper'.chain_ssh_wrapper
: Default: 'undef'.ssl_verify
: Enables SSL verification. Valid options: a boolean. Default: true.request_timeout
: Wrapper Command Timeout. Valid options: a number. Default: 3.http_proxy
: Valid options: a string. Default: 'undef'.package_ensure
: What state the packages should be in.handle_nsswitch
: Configure nsswitch.conf to use STNS. Valid options: a boolean. Default: false.handle_sshd_config
: Configure sshd_config to use STNS. Valid options: a boolean. Default: false.
id
: Specifies the user ID. Valid options: a number type. Default: undef.group_id
: Specifies the user's primary group. Valid options: a number type. Default: undef.directory
: Specifies the home directory of the user. Valid options: a string containing a valid path. Default:/home/<resource title>
.shell
: Specifies the user's login shell. Valid options: a string containing a valid path. Default:/bin/bash
.keys
: Specify user attributes in an array of key = value pairs. Valid options: a string containing a valid key = value pairs. Default: undef.link_users
: Valid options: a string containing a valid password. Default: undef.
id
: Specifies the group ID. Valid options: a number type. Default: undef.users
: Specifies the members of the group. Valid options: a string containing a valid password. Default: undef.
This module has been tested on:
- RedHat Enterprise Linux 5, 6, 7
- CentOS 5, 6, 7
- Scientific Linux 5, 6, 7
- Debian 7, 8
- Ubuntu 12.04, 14.04, 16.04
The STNS puppet module contains tests for both rspec-puppet (unit tests) and beaker-rspec (acceptance tests) to verify functionality. For detailed information on using these tools, please see their respective documentation.
- Unit tests:
$ bundle install
$ bundle exec rake
- Acceptance tests:
# Set your DOCKER_HOST variable
$ eval "$(docker-machine env default)"
# List available beaker nodesets
$ bundle exec rake beaker_nodes
centos6
centos7
jessie
trusty
# Run beaker acceptance tests
$ BEAKER_set=centos7 bundle exec rake beaker
You can run smoke tests using Vagrant:
$ vagrant up <vm> --provision