From: Stephen Gran <steve@lobefin.net>
Date: Sun, 31 May 2015 14:33:26 +0000 (+0100)
Subject: fix ldap.conf for jessie hosts
X-Git-Url: https://git.donarmstrong.com/?p=dsa-puppet.git;a=commitdiff_plain;h=318f35099edc97f19ac8d9130af0303308701bb3

fix ldap.conf for jessie hosts

Signed-off-by: Stephen Gran <steve@lobefin.net>
---

diff --git a/modules/debian-org/files/ldap.conf b/modules/debian-org/files/ldap.conf
deleted file mode 100644
index e60b6a91..00000000
--- a/modules/debian-org/files/ldap.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-##
-## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
-##
-
-#
-# LDAP Defaults
-#
-
-# See ldap.conf(5) for details
-# This file should be world readable but not world writable.
-
-#BASE	dc=example,dc=com
-#URI	ldap://ldap.example.com ldap://ldap-master.example.com:666
-
-#SIZELIMIT	12
-#TIMELIMIT	15
-#DEREF		never
-
-URI             ldap://db.debian.org
-BASE            dc=debian,dc=org
-
-TLS_CACERT      /etc/ssl/servicecerts/db.debian.org.crt
-TLS_REQCERT     hard
diff --git a/modules/debian-org/manifests/init.pp b/modules/debian-org/manifests/init.pp
index 8b0d62b5..2c295df2 100644
--- a/modules/debian-org/manifests/init.pp
+++ b/modules/debian-org/manifests/init.pp
@@ -283,7 +283,7 @@ class debian-org {
 	}
 	file { '/etc/ldap/ldap.conf':
 		require => Package['debian.org'],
-		source  => 'puppet:///modules/debian-org/ldap.conf',
+		content  => template('debian-org/ldap.conf.erb'),
 	}
 	file { '/etc/pam.d/common-session':
 		require => Package['debian.org'],
diff --git a/modules/debian-org/templates/ldap.conf.erb b/modules/debian-org/templates/ldap.conf.erb
new file mode 100644
index 00000000..1a6828de
--- /dev/null
+++ b/modules/debian-org/templates/ldap.conf.erb
@@ -0,0 +1,28 @@
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+##
+
+#
+# LDAP Defaults
+#
+
+# See ldap.conf(5) for details
+# This file should be world readable but not world writable.
+
+#BASE	dc=example,dc=com
+#URI	ldap://ldap.example.com ldap://ldap-master.example.com:666
+
+#SIZELIMIT	12
+#TIMELIMIT	15
+#DEREF		never
+
+URI             ldap://db.debian.org
+BASE            dc=debian,dc=org
+
+<% if @lsbmajdistrelease >= 8 -%>
+TLS_CACERT      /etc/ssl/ca-debian/ca-certificates.crt
+<% else -%>
+TLS_CACERT      /etc/ssl/servicecerts/db.debian.org.crt
+<% end -%>
+TLS_REQCERT     hard