[Ovirt-devel] [PATCH server] separate ipa common tasks freeipa::common and rename ipa_server_install to ipa_install

Joey Boggs jboggs at redhat.com
Wed May 6 20:54:09 UTC 2009 

This breaks out the common steps for a bundled/remote ipa server in to its own class to support the use of a remote ipa server. Also renames ipa_server_install to ipa_install to form a consistency for the dependencies after ipa is configured for either bundled or remote. The installer now includes the freeipa::common class by default to support either methods.


---
 installer/bin/ovirt-installer                |    1 +
 installer/modules/ovirt/manifests/freeipa.pp |   58 ++++++++++++++------------
 2 files changed, 32 insertions(+), 27 deletions(-)

diff --git a/installer/bin/ovirt-installer b/installer/bin/ovirt-installer
index 2d88886..ad4d56d 100755
--- a/installer/bin/ovirt-installer
+++ b/installer/bin/ovirt-installer
@@ -327,6 +327,7 @@ firewall_rule{"nat-forward": chain => "FORWARD", in_interface => "<%= admin_dev
 firewall_rule{"nat-postrouting": table => "nat", chain => "POSTROUTING", out_interface => "<%= guest_dev %>", protocol => "", action => "MASQUERADE"}
 <% end %>
 include postgres::bundled
+include freeipa::common
 include freeipa::bundled
 include ovirt::setup
 END_OF_TEMPLATE
diff --git a/installer/modules/ovirt/manifests/freeipa.pp b/installer/modules/ovirt/manifests/freeipa.pp
index aa806fe..796b8b4 100644
--- a/installer/modules/ovirt/manifests/freeipa.pp
+++ b/installer/modules/ovirt/manifests/freeipa.pp
@@ -18,6 +18,35 @@
 # Author: Joey Boggs <jboggs at redhat.com>
 #--
 
+class freeipa::common{
+
+        exec {"get_krb5_tkt":
+                command => "/bin/echo $freeipa_password|/usr/kerberos/bin/kinit admin",
+                require => Single_Exec[ipa_install]
+        }
+
+        single_exec {"ipa_modify_username_length":
+                command => "/usr/sbin/ipa-defaultoptions --maxusername=12",
+                require => Exec["get_krb5_tkt"]
+        }
+
+        single_exec {"ipa_add_ovirtadmin_user":
+                command => "/usr/sbin/ipa-adduser -f Ovirt -l Admin -p $freeipa_password ovirtadmin",
+                require => Single_exec[ipa_modify_username_length]
+        }
+
+        single_exec {"ipa_ovirtadmin_group":
+                command => "/usr/sbin/ipa-modgroup -a ovirtadmin admins",
+                require => Single_exec[ipa_add_ovirtadmin_user]
+        }
+
+        single_exec {"set_pw_expiration":
+                command => "/usr/sbin/ipa-moduser --setattr krbPasswordExpiration=19700101000000Z ovirtadmin",
+                require => Single_exec[ipa_ovirtadmin_group]
+        }
+
+}
+
 class freeipa::bundled{
 
 	package {"ipa-server":
@@ -36,7 +65,7 @@ class freeipa::bundled{
 
         exec {"replace_line_returns":
                 command => "/bin/sed -i -e 's/^/#/' /etc/httpd/conf.d/ipa-rewrite.conf",
-                require => Single_Exec[ipa_server_install]
+                require => Single_Exec[ipa_install]
         }
 
         file_replacement{"ipa_proxy_config_1":
@@ -59,36 +88,11 @@ class freeipa::bundled{
                 require => [Single_exec[add_guest_server_to_etc_hosts],Package[dnsmasq]]
 	}
 
-        single_exec {"ipa_server_install":
+        single_exec {"ipa_install":
                 command => "/usr/sbin/ipa-server-install -r $realm_name -p $freeipa_password -P $freeipa_password -a $freeipa_password --hostname $ipa_host -u dirsrv -U",
                 require => [Exec[set_kdc_defaults],Single_exec[dnsmasq_restart]]
         }
 
-        exec {"get_krb5_tkt":
-                command => "/bin/echo $freeipa_password|/usr/kerberos/bin/kinit admin",
-                require => Single_Exec[ipa_server_install]
-        }
-
-        single_exec {"ipa_modify_username_length":
-		command => "/usr/sbin/ipa-defaultoptions --maxusername=12",
-		require => Exec["get_krb5_tkt"]
-        }
-
-        single_exec {"ipa_add_ovirtadmin_user":
-                command => "/usr/sbin/ipa-adduser -f Ovirt -l Admin -p $freeipa_password ovirtadmin",
-                require => Single_exec[ipa_modify_username_length]
-        }
-
-        single_exec {"ipa_ovirtadmin_group":
-                command => "/usr/sbin/ipa-modgroup -a ovirtadmin admins",
-                require => Single_exec[ipa_add_ovirtadmin_user]
-        }
-
-        single_exec {"set_pw_expiration":
-                command => "/usr/sbin/ipa-moduser --setattr krbPasswordExpiration=19700101000000Z ovirtadmin",
-                require => Single_exec[ipa_ovirtadmin_group]
-        }
-
        firewall_rule{"krb5": destination_port => "88"}
        firewall_rule {"ldap": destination_port => '389'}
        firewall_rule {"freeip-636": destination_port => '636'}
-- 
1.6.0.6

More information about the ovirt-devel mailing list