From 98b271626c0f8dc3049cfad597aa60ebe0e8d8f4 Mon Sep 17 00:00:00 2001
From: Jonathan Gazeley <jonathan.gazeley@bristol.ac.uk>
Date: Wed, 18 Nov 2015 16:30:31 +0000
Subject: [PATCH] Add support for using multiple LDAP servers

---
 README.md              | 4 ++--
 manifests/ldap.pp      | 2 +-
 templates/ldap.fr2.erb | 6 +++++-
 templates/ldap.fr3.erb | 5 ++++-
 4 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index e2b07d2..b763339 100644
--- a/README.md
+++ b/README.md
@@ -374,8 +374,8 @@ Password for the `identity` account. Required.
 Unless overridden in another section, the dn from which all searches will start from. Required.
 
 ##### `server`
-Hostname of IP address of the LDAP server. Note that this needs to match the name(s) in the LDAP server
-certificate, if you're using ldaps. Default: `localhost`
+Array of hostnames or IP addresses of the LDAP server(s). Note that this needs to match the name(s) in the LDAP
+server certificate, if you're using ldaps. Default: [`localhost`]
 
 ##### `port`
 Port to connect to the LDAP server on. Default: `389`
diff --git a/manifests/ldap.pp b/manifests/ldap.pp
index 0c284dd..b77d051 100644
--- a/manifests/ldap.pp
+++ b/manifests/ldap.pp
@@ -3,7 +3,7 @@ define freeradius::ldap (
   $identity,
   $password,
   $basedn,
-  $server      = 'localhost',
+  $server      = ['localhost'],
   $port        = 389,
   $uses        = 0,
   $idle        = 60,
diff --git a/templates/ldap.fr2.erb b/templates/ldap.fr2.erb
index 4030043..acea08a 100644
--- a/templates/ldap.fr2.erb
+++ b/templates/ldap.fr2.erb
@@ -30,7 +30,11 @@ ldap <%= @name %> {
 	#
 	#  Note that this needs to match the name in the LDAP
 	#  server certificate, if you're using ldaps.
-	server = "<%= @server %>"
+	#
+	#
+
+<% @server.each do |srv| -%>	server = "<%= srv %>"
+<% end -%>
 	identity = "<%= @identity %>"
 	password = <%= @password %>
 	basedn = "<%= @basedn %>"
diff --git a/templates/ldap.fr3.erb b/templates/ldap.fr3.erb
index e42ef92..5db9b6f 100644
--- a/templates/ldap.fr3.erb
+++ b/templates/ldap.fr3.erb
@@ -16,7 +16,10 @@ ldap <%= @name %> {
 	#  - ldaps:// (LDAP over SSL)
 	#  - ldapi:// (LDAP over Unix socket)
 	#  - ldapc:// (Connectionless LDAP)
-	server = '<%= @server %>'
+
+<% @server.each do |srv| -%>	server = '<%= srv %>'
+<% end -%>
+#	server = '<%= @server %>'
 #	server = 'ldap.rrdns.example.org'
 #	server = 'ldap.rrdns.example.org'
 
-- 
GitLab