Hi folks, I have written a small LDAP backend for Hiera. I am aware of the one at <https://github.com/hunner/hiera-ldap> but it's not what I was looking for.
You can find mine at <http://forge.ircam.fr/p/hiera-ldap-backend/>. How to use it ============= Basically, the hiera.yaml file should look like that: --- :backends: - ldap :ldap: :server: ldap.example.com :port: 389 :base: dc=example,dc=com :attribute: hieraData :name: cn :hierarchy: - %{::fqdn} - common The first three lines in the :ldap section should be obvious. The next two are the names of the attributes containing, in order, the Hiera data itself (as "key=value" strings) and the lookup key. So, for instance, to set the value of variable "foo" to "bar" on host "myhost.example.com", your LDAP entry would look like that: dn: cn=myhost.example.com, ou=hosts, dc=example, dc=com cn: myhost.example.com hieraData: foo=bar It's up to you to add support for the hieraData attribute in your LDAP schema; the schema snippet I use looks like that: attributetype ( 1.3.6.1.4.1.7568.1.1.49.1 NAME 'hieraData' SUP name ) objectclass ( 1.3.6.1.4.1.7568.1.2.43.1 NAME 'hieraSource' SUP top STRUCTURAL DESC 'Hiera configuration source' MAY ( cn $ hieraData ) ) I have not yet tested the backend live with Puppet (waiting for my schema changes to get pulled by all my LDAP servers) but it works with the hiera command line. Feedback welcome, of course. :-) I guess I should mention I'm a beginner with both Ruby and Hiera, so my code is probably far from optimal. -- A -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
