Add support for using multiple LDAP servers

98b27162 · Jonathan Gazeley · eb77d6cc · 98b27162 · 98b27162 · 98b27162
Commit 98b27162 authored 9 years ago by Jonathan Gazeley
--- a/README.md
+++ b/README.md
@@ -374,8 +374,8 @@ Password for the `identity` account. Required.
 Unless overridden in another section, the dn from which all searches will start from. Required.

 ##### `server`
-Hostname of IP address of the LDAP server. Note that this needs to match the name(s) in the LDAP server
-certificate, if you're using ldaps. Default: `localhost`
+Array of hostnames or IP addresses of the LDAP server(s). Note that this needs to match the name(s) in the LDAP
+server certificate, if you're using ldaps. Default: [`localhost`]

 ##### `port`
 Port to connect to the LDAP server on. Default: `389`

--- a/manifests/ldap.pp
+++ b/manifests/ldap.pp
@@ -3,7 +3,7 @@ define freeradius::ldap (
  $identity,
  $password,
  $basedn,
-  $server      = 'localhost',
+  $server      = ['localhost'],
  $port        = 389,
  $uses        = 0,
  $idle        = 60,

--- a/templates/ldap.fr2.erb
+++ b/templates/ldap.fr2.erb
@@ -30,7 +30,11 @@ ldap <%= @name %> {
 	#
 	#  Note that this needs to match the name in the LDAP
 	#  server certificate, if you're using ldaps.
-	server = "<%= @server %>"
+	#
+	#
+
+<% @server.each do |srv| -%>	server = "<%= srv %>"
+<% end -%>
 	identity = "<%= @identity %>"
 	password = <%= @password %>
 	basedn = "<%= @basedn %>"

--- a/templates/ldap.fr3.erb
+++ b/templates/ldap.fr3.erb
@@ -16,7 +16,10 @@ ldap <%= @name %> {
 	#  - ldaps:// (LDAP over SSL)
 	#  - ldapi:// (LDAP over Unix socket)
 	#  - ldapc:// (Connectionless LDAP)
-	server = '<%= @server %>'
+
+<% @server.each do |srv| -%>	server = '<%= srv %>'
+<% end -%>
+#	server = '<%= @server %>'
 #	server = 'ldap.rrdns.example.org'
 #	server = 'ldap.rrdns.example.org'