From 99b8524c16cc99ceeaf1ebf588f2fc0f2c0fbe0a Mon Sep 17 00:00:00 2001
From: Cullum Smith <cullum@sacredheartsc.com>
Date: Sat, 12 Oct 2024 08:14:59 -0400
Subject: add a bunch of hostclasses

---
 lib/60-ldap     | 18 ++++++++++++++----
 lib/60-postgres | 24 ++++++++++++++++++++++++
 2 files changed, 38 insertions(+), 4 deletions(-)
 create mode 100644 lib/60-postgres

(limited to 'lib')

diff --git a/lib/60-ldap b/lib/60-ldap
index d262849..249fed0 100644
--- a/lib/60-ldap
+++ b/lib/60-ldap
@@ -11,7 +11,7 @@ ldap_add(){
       if [ "${BOXCONF_LDAP_SASL:-}" = true ]; then
         ldapadd -Q "$@"
       else
-        ldapadd -ZZ -D "$boxconf_dn" -w "$boxconf_password" "$@"
+        ldapadd -ZZ -x -D "$boxconf_dn" -w "$boxconf_password" "$@"
       fi
     }
   fi
@@ -25,7 +25,7 @@ ldap_modify(){
     if [ "${BOXCONF_LDAP_SASL:-}" = true ]; then
       ldapmodify -Q "$@"
     else
-      ldapmodify -ZZ -D "$boxconf_dn" -w "$boxconf_password" "$@"
+      ldapmodify -ZZ -x -D "$boxconf_dn" -w "$boxconf_password" "$@"
     fi
   }
 }
@@ -36,7 +36,7 @@ ldap_delete(){
   if [ "${BOXCONF_LDAP_SASL:-}" = true ]; then
     ldapdelete -Q "$@"
   else
-    ldapdelete -ZZ -D "$boxconf_dn" -w "$boxconf_password" "$@"
+    ldapdelete -ZZ -x -D "$boxconf_dn" -w "$boxconf_password" "$@"
   fi
 }
 
@@ -46,7 +46,7 @@ ldap_search(){
   if [ "${BOXCONF_LDAP_SASL:-}" = true ]; then
     ldapsearch -QLLL "$@"
   else
-    ldapsearch -o ldif_wrap=no -LLLZZ -D "$boxconf_dn" -w "$boxconf_password" "$@"
+    ldapsearch -o ldif_wrap=no -x -LLLZZ -D "$boxconf_dn" -w "$boxconf_password" "$@"
   fi
 }
 
@@ -86,3 +86,13 @@ ldap_dn_exists(){
   # $1 = DN
   ldap_search -s base -b "$1" dn > /dev/null 2>&1
 }
+
+ldap_passwd(){
+  # Set the userPassword attribute on a DN.
+  # $1 = DN, $2 = password
+  if [ "${BOXCONF_LDAP_SASL:-}" = true ]; then
+    ldappasswd -Q -s "$2" "$1"
+  else
+    ldappasswd -ZZ -x -D "$boxconf_dn" -w "$boxconf_password" -s "$2" "$1"
+  fi
+}
diff --git a/lib/60-postgres b/lib/60-postgres
new file mode 100644
index 0000000..af37c27
--- /dev/null
+++ b/lib/60-postgres
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+postgres_run(){
+  PGSSLMODE=require PGPASSWORD="$boxconf_password" psql \
+    --no-align \
+    --echo-all \
+    --tuples-only \
+    --username="$boxconf_username" \
+    -v ON_ERROR_STOP=1 \
+    "$@"
+}
+postgres_create_role(){
+  # $1 = postgres_host, $2 = username
+  cat <<EOF | postgres_run -h "${1}" -d postgres
+SELECT 'CREATE ROLE "${2}" WITH LOGIN' WHERE NOT EXISTS (SELECT FROM pg_roles WHERE rolname = '${2}')\\gexec
+EOF
+}
+
+postgres_create_database(){
+  # $1 = postgres_host, $2 = dbname, $3 = owner
+  cat <<EOF | postgres_run -h "${1}" -d postgres
+SELECT 'CREATE DATABASE "${2}" OWNER "${3:-postgres}"' WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = '${2}')\\gexec
+EOF
+}
-- 
cgit v1.2.3