Page MenuHomeSoftware Heritage
Files F8394780

authmethod.pp
No OneTemporary
Actions

authmethod.pp
View Options

# == Define: icingaweb2::config::authmethod
#
# Manage Icinga Web 2 authentication methods. Auth methods may be chained by setting proper ordering. Some backends
# require additional resources.
#
# === Parameters
#
# [*backend*]
# Select between 'external', 'ldap', 'msldap' or 'db'. Each backend may require other settings.
#
# [*resource*]
# The name of the resource defined in resources.ini.
#
# [*ldap_user_class*]
# LDAP user class. Only valid if `backend` is `ldap`.
#
# [*ldap_user_name_attribute*]
# LDAP attribute which contains the username. Only valid if `backend` is `ldap`.
#
# [*ldap_filter*]
# LDAP search filter. Only valid if `backend` is `ldap`.
#
# [*ldap_base_dn*]
# LDAP base DN. Only valid if `backend` is `ldap`.
#
# [*domain*]
# Domain for domain-aware authentication
#
# [*order*]
# Multiple authentication methods can be chained. The order of entries in the authentication configuration determines
# the order of the authentication methods. Defaults to `01`
#
# === Examples
#
# Create a 'db' authentication method and reference to 'my-sql' resource:
#
# icingaweb2::config::authmethod {'db-auth':
# backend => 'db',
# resource => 'my-sql',
# order => '02',
# }
#
define icingaweb2::config::authmethod(
Enum['external', 'ldap', 'msldap', 'db'] $backend = undef,
Optional[String] $resource = undef,
Optional[String] $ldap_user_class = undef,
Optional[String] $ldap_user_name_attribute = undef,
Optional[String] $ldap_filter = undef,
Optional[String] $ldap_base_dn = undef,
Optional[String] $domain = undef,
Pattern[/^\d+$/] $order = '01',
) {
$conf_dir = $::icingaweb2::params::conf_dir
case $backend {
'external': {
$settings = {
'backend' => $backend,
}
}
'ldap': {
$settings = {
'backend' => $backend,
'resource' => $resource,
'user_class' => $ldap_user_class,
'user_name_attribute' => $ldap_user_name_attribute,
'filter' => $ldap_filter,
'base_dn' => $ldap_base_dn,
'domain' => $domain,
}
}
'msldap', 'db': {
$settings = {
'backend' => $backend,
'resource' => $resource,
'domain' => $domain,
}
}
default: {
fail('The backend type you provided is not supported.')
}
}
icingaweb2::inisection { "authmethod-${title}":
section_name => $title,
target => "${conf_dir}/authentication.ini",
settings => delete_undef_values($settings),
order => $order,
}
}

File Metadata

Mime Type
text/plain
Expires
Jun 4 2025, 7:29 PM (9 w, 4 d ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3399197

Event Timeline

About · Developer information · Legal