On Fri, Feb 15, 2013 at 11:25 AM, Lynn Root lr...@redhat.com wrote:
Hi all -
I'm curious if anyone has written Puppet manifests for managing an IPA
domain. If so, I'd like to pester you to take a peek at those manifests.
More curious on the overall automated management process than anything
specific.
I did find a post [1] on IPA managing the certs that Puppet uses - but
perhaps someone else has gone a bit deeper!
I use puppet to push various things related to IPA. For example, I
have a lot of AIX hosts, so I use puppet to push ipa.crt, sshd_config,
ssh_config, ldap.cfg, ntpd.conf, netsvc (AIX's nsswitch.conf,) and
some other things that I'm not thinking of at the moment. I do some
of this for Linux hosts too, just to keep things in sync (resolv.conf,
the ssh configs, PAM configs, etc.)
Pretty basic stuff, I either push the whole config file or add lines
to it. Nothing fancy.
Here's a listing of my custom modules directory, it should give some
idea of what I'm doing:
aix_dot_profile
aix_etc_profile
aix_hacmp_facts
aix_inittab
aix_ldap
aix_ldap_startup
aix_ldap_temp_fix
aix_methods_cfg
aix_ntp_conf
aix_puppet_conf
aix_puppet_startup
aix_rc_local
aix_sendmail
aix_snmpdv3_conf
apache
cloud_provisioner
dashboard
dnsmasq
etc_hosts
firewall
ipa_cert
ipa_resolv_conf
krb5_aix
motd
mysql
netsvc
nsswitch_sudoers
ntp
pam_mkhomedir_linux
passenger
perldbi_link
resolv_conf
ruby
sane_env_aix
sendmail
ssh_config
sshd
sshd_config
sshd_deny_oracle
sudo_ldap
vmwaretools
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
