Enable multiple ldap trees and servers for authentication (sous-chefs#7)

* Enable multiple ldap trees and servers for authentication _Added an attribute node['grafana']['ldap_multi_tree_auth']; when it is set to true, it is possible to configure to configure several ldap servers by using default['grafana']['ldap'][0], default['grafana']['ldap'][1]['[servers]']['host'], etc. instead of default['grafana']['ldap']['[servers]'] with the same syntax. _Added a function format_multi_config in GrafanaCookbook::IniHelper to handle configurations 'multiple' like the one above. * loop over keys instead of a counter * loop over keys instead of a counter * use a seperate tree for multi ldap server config
jfwm2 · Mar 23, 2017 · 31700ac · 31700ac
1 parent 8858b3d
commit 31700ac
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 1 deletion.
diff --git a/attributes/ldap_config.rb b/attributes/ldap_config.rb
@@ -1,4 +1,9 @@
 default['grafana']['ldap_verbose_logging'] = false
+default['grafana']['ldap_multi_tree_auth'] = false
+# When the ldap_multi_tree_auth attribute is set to true, it is possible to configure
+# several ldap servers by using default['grafana']['ldap']['multiconfig']['first_server'],
+# default['grafana']['ldap']['multiconfig']['first_server']['[servers]']['host'], etc. instead of
+# default['grafana']['ldap']['[servers]'] with the same syntax.
 
 default['grafana']['ldap']['[servers]']['host'] = {
   comment: 'Ldap server host',

diff --git a/libraries/ini_helper.rb b/libraries/ini_helper.rb
@@ -1,5 +1,13 @@
 module GrafanaCookbook
   module IniHelper
+    def self.format_multi_config(multi_config)
+      output = []
+      multi_config.keys.each do |conf|
+        output << format_config(multi_config[conf])
+      end
+      output.join "\n"
+    end
+
     def self.format_config(config)
       output = []
       config.each do |section, groups|

diff --git a/recipes/_ldap_config.rb b/recipes/_ldap_config.rb
@@ -1,9 +1,10 @@
 ldap = node['grafana']['ldap'].dup
 verbose_logging = node['grafana']['ldap_verbose_logging']
+multi_tree_auth = node['grafana']['ldap_multi_tree_auth']
 
 template node['grafana']['ini']['auth.ldap']['config_file']['value'] do
   source 'ldap.toml.erb'
-  variables verbose_logging: verbose_logging, config: ldap
+  variables verbose_logging: verbose_logging, config: ldap, multi_config: multi_tree_auth
   owner 'root'
   group 'root'
   mode '0644'

diff --git a/templates/default/ldap.toml.erb b/templates/default/ldap.toml.erb
@@ -8,4 +8,8 @@
 # Set to true to log user information returned from LDAP
 verbose_logging = <%= @verbose_logging %>
 
+<% if @multi_config != true %>
 <%= GrafanaCookbook::IniHelper.format_config @config %>
+<% else %>
+<%= GrafanaCookbook::IniHelper.format_multi_config @config['multiconfig'] %>
+<% end %>