cookbooks/openldap/README.md

   1 openldap Cookbook
   2 =================
   3
   4 This cookbook sets up OpenLDAP client, server and nss-ldapd.
   5
   6 Requirements
   7 ------------
   8
   9 None.
  10
  11 Attributes
  12 ----------
  13
  14 #### openldap::default
  15 |Key|Type|Description, example|Default|
  16 |:--|:--|:--|:--|
  17 |`['openldap']['with_ssl_cert_cookbook']`|Boolean|make it work with ssl_cert cookbook. (ver. 0.1.1 or later)|`false`|
  18 |`['openldap']['ssl_cert']['ca_name']`|String|CA name used by ssl_cert (ver. 0.1.1 or later)|`nil`|
  19 |`['openldap']['ssl_cert']['common_name']`|String|Server common name useed by ssl_cert. (ver. 0.1.1 or later)|`node['fqdn']`|
  20 |`['openldap']['client']['URI']`|String|ldap://ldap.example.com ldap://ldap-master.example.com:666|`nil`|
  21 |`['openldap']['client']['BASE']`|String|dc=example,dc=com|`nil`|
  22 |`['openldap']['client']['SIZELIMIT']`|String|12|`nil`|
  23 |`['openldap']['client']['TIMELIMIT']`|String|15|`nil`|
  24 |`['openldap']['client']['DEREF']`|String|never|`nil`|
  25 |`['openldap']['client']['TLS_CACERT']`|String|/etc/ssl/certs/cacert.pem|`nil`|
  26 |`['openldap']['client']['TLS_REQUEST']`|String|never,allow,try,demand*|`nil`|
  27 |`['openldap']['client']['TLS_CHECKPEER']`|String|yes*,no|`nil`|
  28 |`['openldap']['client']['SASL_MECH']`|String|GSSAPI|`nil`|
  29 |`['openldap']['client']['<ldap.conf key>']`|String|other ldap.conf key||
  30 |`['openldap']['nss-ldapd']['uri']`|Strig||`ldap://127.0.0.1/`|
  31 |`['openldap']['nss-ldapd']['base']`|String||`dc=example,dc=net`|
  32 |`['openldap']['nss-ldapd']['<nscd.conf key>']`|String|other nscd.conf key||
  33 |`['openldap']['ldap_lookup_nameservices']`|Array|['passwd', 'group']|`empty`|
  34
  35 Usage
  36 -----
  37
  38 Just include `openldap::recipe` in your node's `run_list`:
  39
  40 ```json
  41 {
  42   "name":"my_node",
  43   "run_list": [
  44     "recipe[openldap::client]",
  45     "recipe[openldap::server]",
  46     "recipe[openldap::nss-ldapd]"
  47   ]
  48 }
  49 ```
  50
  51 #### with ssl_cert cookbook
  52
  53 If node['openldap']['with_ssl_cert_cookbook'] is true, node['openldap']['client']['TLS_CACERT'] and node['openldap']['nss-ldapd']['tls_cacertfile'] are overridden by the file path based on ['openldap']['ssl_cert']['ca_name'] attribute.
  54
  55 License and Authors
  56 -------------------
  57 - Author:: whitestar at osdn.jp
  58
  59 ```text
  60 Copyright 2013-2016, whitestar
  61
  62 Licensed under the Apache License, Version 2.0 (the "License");
  63 you may not use this file except in compliance with the License.
  64 You may obtain a copy of the License at
  65
  66     http://www.apache.org/licenses/LICENSE-2.0
  67
  68 Unless required by applicable law or agreed to in writing, software
  69 distributed under the License is distributed on an "AS IS" BASIS,
  70 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  71 See the License for the specific language governing permissions and
  72 limitations under the License.
  73 ```