1 name 'ldap-client-grid'
2 description 'LDAP client role for Grid'
5 'recipe[ssl_cert::ca_certs]',
7 'recipe[openldap::nss-ldapd]'
10 #env_run_lists "prod" => ["recipe[apache2]"], "staging" => ["recipe[apache2::staging]"], "_default" => []
12 uri = 'ldap://ldap.grid.example.com/'
13 base = 'dc=grid,dc=example,dc=com'
15 #ca_cert_file = '/etc/ssl/certs/00grid_ca.crt'
19 'ca_cert_file_prefix' => '00',
20 'server_cert_file_prefix' => '01',
21 'server_key_file_prefix' => '01',
27 'with_ssl_cert_cookbook' => true,
34 # because with_ssl_cert_cookbook is set
35 #'TLS_CACERT' => ca_cert_file,
36 'TLS_REQCERT' => 'allow',
37 'TLS_CHECKPEER' => 'yes',
38 'SASL_MECH' => 'GSSAPI'
44 # because with_ssl_cert_cookbook is set
45 #'tls_cacertfile' => ca_cert_file,
46 'tls_reqcert' => 'demand'
48 'ldap_lookup_nameservices' => ['passwd', 'group']
52 #override_attributes "apache2" => { "max_children" => "50" }