Merge pull request #41 from pjfbashton/master

Allow user to specify additional options to "realm join"
walkamongus · Dec 17, 2017 · cd67f01 · cd67f01
2 parents 338d12d + 4ad224c
commit cd67f01
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 7 deletions.
diff --git a/data/common.yaml b/data/common.yaml
@@ -23,6 +23,8 @@ realmd::krb_keytab: ~
 realmd::krb_config_file: /etc/krb5.conf
 realmd::manage_krb_config: true
 realmd::krb_client_package_ensure: present
+realmd::extra_join_options: ~
+realmd::computer_name: ~
 realmd::krb_config:
   logging:
     default: FILE:/var/log/krb5libs.log

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -38,6 +38,8 @@
   Boolean $manage_krb_config,
   Variant[String, Undef] $ou,
   Hash $required_packages,
+  Variant[Array, Undef] $extra_join_options,
+  Variant[String[1, 15], Undef] $computer_name,
 ) {
 
   if $krb_ticket_join == false {

diff --git a/manifests/join/password.pp b/manifests/join/password.pp
@@ -5,18 +5,27 @@
 #
 class realmd::join::password {
 
-  $_domain    = $::realmd::domain
-  $_user      = $::realmd::domain_join_user
-  $_password  = $::realmd::domain_join_password
-  $_ou        = $::realmd::ou
+  $_domain             = $::realmd::domain
+  $_user               = $::realmd::domain_join_user
+  $_password           = $::realmd::domain_join_password
+  $_ou                 = $::realmd::ou
+  $_extra_join_options = $::realmd::extra_join_options
+
+  if $::realmd::computer_name != undef {
+    $_computer_name = $::realmd::computer_name
+  } else {
+    $_computer_name = $::hostname[0,15]
+  }
+
+  $_computer_name_arg = ["--computer-name=${_computer_name}"]
 
   if $_ou != undef {
     $_realm_args = [$_domain, '--unattended', "--computer-ou='OU=${_ou}'", "--user=${_user}"]
   } else {
     $_realm_args = [$_domain, '--unattended', "--user=${_user}"]
   }
 
-  $_args = join($_realm_args, ' ')
+  $_args = strip(join(concat($_realm_args, $_computer_name_arg, $_extra_join_options), ' '))
 
   file { '/usr/libexec':
     ensure  => 'directory',
@@ -34,7 +43,7 @@
     environment => ["AD_JOIN_PASSWORD=${_password}"],
     path        => '/usr/bin:/usr/sbin:/bin',
     command     => "/usr/libexec/realm_join_with_password realm join ${_args}",
-    unless      => "klist -k /etc/krb5.keytab | grep -i '${::hostname[0,15]}@${_domain}'",
+    unless      => "klist -k /etc/krb5.keytab | grep -i '${_computer_name}@${_domain}'",
     require     => File['/usr/libexec/realm_join_with_password'],
   }
 }
diff --git a/spec/classes/join__password_spec.rb b/spec/classes/join__password_spec.rb
@@ -22,7 +22,7 @@
           it do
             is_expected.to contain_exec('realm_join_with_password').with({
               'path'    => '/usr/bin:/usr/sbin:/bin',
-              'command' => '/usr/libexec/realm_join_with_password realm join example.com --unattended --user=user',
+              'command' => '/usr/libexec/realm_join_with_password realm join example.com --unattended --user=user --computer-name=foo',
               'unless'  => "klist -k /etc/krb5.keytab | grep -i 'foo@example.com'",
             })
           end