Puppet Class: grafana::auth::ldap
- Inherits:
- ::grafana::params
- Defined in:
- manifests/auth/ldap.pp
Overview
Configures Grafana for LDAP authentication.
52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 |
# File 'manifests/auth/ldap.pp', line 52
class grafana::auth::ldap (
Bodgitlib::LDAP::DN $bind_dn,
Array[Bodgitlib::Host, 1] $hosts,
Array[Bodgitlib::LDAP::DN, 1] $search_base_dns,
Bodgitlib::LDAP::Filter $search_filter,
Grafana::LDAP::Attributes $attributes = {
'name' => 'givenName',
'surname' => 'sn',
'username' => 'cn',
'member_of' => 'memberOf',
'email' => 'email',
},
Optional[String] $bind_password = undef,
Stdlib::Absolutepath $conf_file = $::grafana::params::ldap_toml,
Optional[Array[Grafana::LDAP::Mappings, 1]] $group_mappings = undef,
Optional[Array[Bodgitlib::LDAP::DN, 1]] $group_search_base_dns = undef,
Optional[Bodgitlib::LDAP::Filter] $group_search_filter = undef,
Optional[String] $group_search_filter_user_attribute = undef,
Bodgitlib::Port $port = 389,
Optional[Stdlib::Absolutepath] $root_ca_cert = undef,
Optional[Boolean] $ssl_skip_verify = undef,
Optional[Boolean] $start_tls = undef,
Optional[Boolean] $use_ssl = undef,
Optional[Boolean] $verbose_logging = undef,
) inherits ::grafana::params {
if ! defined(Class['::grafana']) {
fail('You must include the grafana base class before using the grafana::auth::ldap class')
}
file { $conf_file:
ensure => file,
owner => 0,
group => $::grafana::group,
mode => '0640',
content => template("${module_name}/ldap.toml.erb"),
require => Class['::grafana::config'],
before => Grafana_ini_setting['auth.ldap/config_file'],
notify => Class['::grafana::service'],
}
$config = {
'auth.ldap/enabled' => true,
'auth.ldap/config_file' => $conf_file,
}
$config.each |String $setting, Any $value| {
grafana_ini_setting { $setting:
value => $value,
require => Class['::grafana::config'],
notify => Class['::grafana::service'],
}
}
}
|