|
45 | 45 | Integer $krb5_renew_interval = 0, |
46 | 46 | Optional[Enum['never','try','demand']] $krb5_use_fast = undef, |
47 | 47 | ) { |
48 | | - # Build configuration content for the Kerberos provider |
49 | | - $_content = [ |
50 | | - '# sssd::provider::krb5', |
51 | | - ] |
52 | | - |
53 | | - # Add conditional parameters if defined in the correct order |
54 | | - if $debug_level { |
55 | | - $_debug_level_entries = ["debug_level = ${debug_level}"] |
56 | | - } else { |
57 | | - $_debug_level_entries = [] |
58 | | - } |
59 | | - |
60 | | - $_debug_timestamps_entries = $debug_timestamps ? { |
61 | | - true => ['debug_timestamps = true'], |
62 | | - false => ['debug_timestamps = false'], |
63 | | - } |
64 | | - |
65 | | - $_debug_microseconds_entries = $debug_microseconds ? { |
66 | | - true => ['debug_microseconds = true'], |
67 | | - false => ['debug_microseconds = false'], |
68 | | - } |
69 | | - |
70 | | - if $krb5_server { |
71 | | - $_krb5_server_entries = ["krb5_server = ${krb5_server}"] |
72 | | - } else { |
73 | | - $_krb5_server_entries = [] |
74 | | - } |
75 | | - |
76 | | - $_krb5_realm_entries = ["krb5_realm = ${krb5_realm}"] |
77 | | - |
78 | | - if $krb5_kpasswd { |
79 | | - $_krb5_kpasswd_entries = ["krb5_kpasswd = ${krb5_kpasswd}"] |
80 | | - } else { |
81 | | - $_krb5_kpasswd_entries = [] |
82 | | - } |
83 | | - |
84 | | - if $krb5_ccachedir { |
85 | | - $_krb5_ccachedir_entries = ["krb5_ccachedir = ${krb5_ccachedir}"] |
86 | | - } else { |
87 | | - $_krb5_ccachedir_entries = [] |
88 | | - } |
89 | | - |
90 | | - if $krb5_ccname_template { |
91 | | - $_krb5_ccname_template_entries = ["krb5_ccname_template = ${krb5_ccname_template}"] |
92 | | - } else { |
93 | | - $_krb5_ccname_template_entries = [] |
94 | | - } |
95 | | - |
96 | | - $_krb5_auth_timeout_entries = ["krb5_auth_timeout = ${krb5_auth_timeout}"] |
97 | | - |
98 | | - $_krb5_validate_entries = $krb5_validate ? { |
99 | | - true => ['krb5_validate = true'], |
100 | | - false => ['krb5_validate = false'], |
101 | | - } |
102 | | - |
103 | | - if $krb5_keytab { |
104 | | - $_krb5_keytab_entries = ["krb5_keytab = ${krb5_keytab}"] |
105 | | - } else { |
106 | | - $_krb5_keytab_entries = [] |
107 | | - } |
108 | | - |
109 | | - $_krb5_store_password_if_offline_entries = $krb5_store_password_if_offline ? { |
110 | | - true => ['krb5_store_password_if_offline = true'], |
111 | | - false => ['krb5_store_password_if_offline = false'], |
112 | | - } |
113 | | - |
114 | | - if $krb5_renewable_lifetime { |
115 | | - $_krb5_renewable_lifetime_entries = ["krb5_renewable_lifetime = ${krb5_renewable_lifetime}"] |
116 | | - } else { |
117 | | - $_krb5_renewable_lifetime_entries = [] |
118 | | - } |
119 | | - |
120 | | - if $krb5_lifetime { |
121 | | - $_krb5_lifetime_entries = ["krb5_lifetime = ${krb5_lifetime}"] |
122 | | - } else { |
123 | | - $_krb5_lifetime_entries = [] |
124 | | - } |
125 | | - |
126 | | - $_krb5_renew_interval_entries = ["krb5_renew_interval = ${krb5_renew_interval}"] |
127 | | - |
128 | | - if $krb5_use_fast { |
129 | | - $_krb5_use_fast_entries = ["krb5_use_fast = ${krb5_use_fast}"] |
130 | | - } else { |
131 | | - $_krb5_use_fast_entries = [] |
132 | | - } |
133 | | - |
134 | | - # Combine all configuration entries in the expected order |
135 | | - $_all_entries = $_content + $_debug_level_entries + $_debug_timestamps_entries + $_debug_microseconds_entries + $_krb5_server_entries + $_krb5_realm_entries + $_krb5_kpasswd_entries + $_krb5_ccachedir_entries + $_krb5_ccname_template_entries + $_krb5_auth_timeout_entries + $_krb5_validate_entries + $_krb5_keytab_entries + $_krb5_store_password_if_offline_entries + $_krb5_renewable_lifetime_entries + $_krb5_lifetime_entries + $_krb5_renew_interval_entries + $_krb5_use_fast_entries |
136 | | - |
137 | | - $_final_content = "${_all_entries.join("\n")}" |
| 48 | + # Build configuration lines in order (matching expected test output) |
| 49 | + # Debug settings |
| 50 | + $debug_level_line = $debug_level ? { undef => [], default => ["debug_level = ${debug_level}"] } |
| 51 | + $debug_timestamps_line = ["debug_timestamps = ${debug_timestamps}"] |
| 52 | + $debug_microseconds_line = ["debug_microseconds = ${debug_microseconds}"] |
| 53 | + |
| 54 | + # Kerberos server settings |
| 55 | + $krb5_server_line = $krb5_server ? { undef => [], default => ["krb5_server = ${krb5_server}"] } |
| 56 | + $krb5_realm_line = ["krb5_realm = ${krb5_realm}"] |
| 57 | + $krb5_kpasswd_line = $krb5_kpasswd ? { undef => [], default => ["krb5_kpasswd = ${krb5_kpasswd}"] } |
| 58 | + |
| 59 | + # Cache settings |
| 60 | + $krb5_ccachedir_line = $krb5_ccachedir ? { undef => [], default => ["krb5_ccachedir = ${krb5_ccachedir}"] } |
| 61 | + $krb5_ccname_template_line = $krb5_ccname_template ? { undef => [], default => ["krb5_ccname_template = ${krb5_ccname_template}"] } |
| 62 | + |
| 63 | + # Authentication settings |
| 64 | + $krb5_auth_timeout_line = ["krb5_auth_timeout = ${krb5_auth_timeout}"] |
| 65 | + $krb5_validate_line = ["krb5_validate = ${krb5_validate}"] |
| 66 | + $krb5_keytab_line = $krb5_keytab ? { undef => [], default => ["krb5_keytab = ${krb5_keytab}"] } |
| 67 | + $krb5_store_password_if_offline_line = ["krb5_store_password_if_offline = ${krb5_store_password_if_offline}"] |
| 68 | + |
| 69 | + # Lifetime settings |
| 70 | + $krb5_renewable_lifetime_line = $krb5_renewable_lifetime ? { undef => [], default => ["krb5_renewable_lifetime = ${krb5_renewable_lifetime}"] } |
| 71 | + $krb5_lifetime_line = $krb5_lifetime ? { undef => [], default => ["krb5_lifetime = ${krb5_lifetime}"] } |
| 72 | + $krb5_renew_interval_line = ["krb5_renew_interval = ${krb5_renew_interval}"] |
| 73 | + |
| 74 | + # Advanced settings |
| 75 | + $krb5_use_fast_line = $krb5_use_fast ? { undef => [], default => ["krb5_use_fast = ${krb5_use_fast}"] } |
| 76 | + |
| 77 | + # Combine all lines in order |
| 78 | + $config_lines = ( |
| 79 | + $debug_level_line + |
| 80 | + $debug_timestamps_line + |
| 81 | + $debug_microseconds_line + |
| 82 | + $krb5_server_line + |
| 83 | + $krb5_realm_line + |
| 84 | + $krb5_kpasswd_line + |
| 85 | + $krb5_ccachedir_line + |
| 86 | + $krb5_ccname_template_line + |
| 87 | + $krb5_auth_timeout_line + |
| 88 | + $krb5_validate_line + |
| 89 | + $krb5_keytab_line + |
| 90 | + $krb5_store_password_if_offline_line + |
| 91 | + $krb5_renewable_lifetime_line + |
| 92 | + $krb5_lifetime_line + |
| 93 | + $krb5_renew_interval_line + |
| 94 | + $krb5_use_fast_line |
| 95 | + ) |
| 96 | + |
| 97 | + # Join all configuration lines |
| 98 | + $content = $config_lines.join("\n") |
138 | 99 |
|
139 | 100 | sssd::config::entry { "puppet_provider_${name}_krb5": |
140 | 101 | content => epp( |
141 | 102 | "${module_name}/generic.epp", |
142 | 103 | { |
143 | 104 | 'title' => "domain/${title}", |
144 | | - 'content' => $_final_content, |
| 105 | + 'content' => "# sssd::provider::krb5\n${content}", |
145 | 106 | }, |
146 | 107 | ), |
147 | 108 | } |
|
0 commit comments