Include default replication options

The README is a little misleading, it specifies defaults for `REPLICATION_CONFIG_SYNCPROV` and `REPLICATION_DB_SYNCPROV`. This patch adds those defaults. I originally wanted to put these in `/assets/defaults/10-openldap`, but `$BASE_DN` is not known when that file is loaded, so they are included in `configure_ldap_server()` Note: `starttls=critical` is removed from the option string, I think it should not be hardcoded (convention over configuration)
tiredofit · Sep 26, 2020 · 3d8c96a · 3d8c96a
1 parent d214889
commit 3d8c96a
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/install/assets/functions/10-openldap b/install/assets/functions/10-openldap
@@ -525,14 +525,14 @@ EOF
 
         i=1
         replhosts=$(echo $REPLICATION_HOSTS | tr " " "\n")
+        get_ldap_base_dn
         for replhost in $replhosts; do
           sed -i "s|<REPLICATION_HOSTS>|olcServerID: $i $replhost\n<REPLICATION_HOSTS>|g" /assets/slapd/config/replication/replication-enable.ldif
-          sed -i "s|<REPLICATION_HOSTS_CONFIG_SYNC_REPL>|olcSyncRepl: rid=00$i provider=$replhost ${REPLICATION_CONFIG_SYNCPROV}\n<REPLICATION_HOSTS_CONFIG_SYNC_REPL>|g" /assets/slapd/config/replication/replication-enable.ldif
-          sed -i "s|<REPLICATION_HOSTS_DB_SYNC_REPL>|olcSyncRepl: rid=10$i provider=$replhost ${REPLICATION_DB_SYNCPROV}\n<REPLICATION_HOSTS_DB_SYNC_REPL>|g" /assets/slapd/config/replication/replication-enable.ldif
+          sed -i "s|<REPLICATION_HOSTS_CONFIG_SYNC_REPL>|olcSyncRepl: rid=00$i provider=$replhost ${REPLICATION_CONFIG_SYNCPROV:-"binddn=\"cn=config\" bindmethod=simple credentials=$CONFIG_PASS searchbase=\"cn=config\" type=refreshAndPersist retry=\"5 5 60 +\" timeout=1"}\n<REPLICATION_HOSTS_CONFIG_SYNC_REPL>|g" /assets/slapd/config/replication/replication-enable.ldif
+          sed -i "s|<REPLICATION_HOSTS_DB_SYNC_REPL>|olcSyncRepl: rid=10$i provider=$replhost ${REPLICATION_DB_SYNCPROV:-"binddn=\"cn=admin,$BASE_DN\" bindmethod=simple credentials=$ADMIN_PASS searchbase=\"$BASE_DN\" type=refreshAndPersist interval=00:00:00:10 retry=\"5 5 60 +\" timeout=1"}\n<REPLICATION_HOSTS_DB_SYNC_REPL>|g" /assets/slapd/config/replication/replication-enable.ldif
           ((i++))
         done
 
-        get_ldap_base_dn
         sed -i "/<REPLICATION_HOSTS>/d" /assets/slapd/config/replication/replication-enable.ldif
         sed -i "/<REPLICATION_HOSTS_CONFIG_SYNC_REPL>/d" /assets/slapd/config/replication/replication-enable.ldif
         sed -i "/<REPLICATION_HOSTS_DB_SYNC_REPL>/d" /assets/slapd/config/replication/replication-enable.ldif