ansible/roles/ldap_client/templates/nslcd.conf.j2

63 lines
1.7 KiB
Text
Raw Permalink Normal View History

2019-02-19 11:10:05 +01:00
# {{ ansible_managed }}
# The user and group nslcd should run as.
uid nslcd
gid nslcd
# The location at which the LDAP server(s) should be reachable.
{% if 'fleming_vm' in group_names or 'fleming_pve' in group_names %}
{% for uri in groups['ldap_replica_fleming'] %}
2020-03-22 19:06:38 +01:00
uri ldap://{{ uri }}
{% endfor %}
{% endif %}
2020-11-09 18:53:36 +01:00
{% if 'rives_vm' in group_names or 'rives_pve' in group_names %}
{% for uri in groups['ldap_replica_rives'] %}
uri ldap://{{ uri }}
{% endfor %}
{% endif %}
{% if 'pacaterie_vm' in group_names or 'pacaterie_pve' in group_names %}
{% for uri in groups['ldap_replica_pacaterie'] %}
uri ldap://{{ uri }}
{% endfor %}
{% endif %}
{% if 'edc_vm' in group_names or 'edc_pve' in group_names or 'edc_server' in group_names %}
{% for uri in groups['ldap_replica_edc'] %}
2020-03-22 19:06:38 +01:00
uri ldap://{{ uri }}
{% endfor %}
{% endif %}
{% if 'gs_vm' in group_names or 'gs_pve' in group_names %}
{% for uri in groups['ldap_replica_gs'] %}
2020-03-22 19:06:38 +01:00
uri ldap://{{ uri }}
{% endfor %}
{% endif %}
2020-11-03 14:21:26 +01:00
{% if 'ovh_vm' in group_names or 'ovh_container' in group_names or 'ovh_pve' in group_names %}
{% for uri in groups['ldap_replica_ovh'] %}
uri ldap://{{ uri }}
{% endfor %}
{% endif %}
uri {{ ldap_master_uri }}
# The search base that will be used for all queries.
base {{ ldap_base }}
base passwd cn=Utilisateurs,{{ ldap_base }}
base shadow cn=Utilisateurs,{{ ldap_base }}
base group ou=posix,ou=groups,{{ ldap_base }}
# The LDAP protocol version to use.
ldap_version 3
# The DN to bind with for normal lookups.
binddn {{ ldap_nslcd_bind_dn }}
bindpw {{ ldap_nslcd_passwd }}
# The DN used for password modifications by root.
#rootpwmoddn cn=admin,dc=example,dc=com
# SSL options
#ssl off
#tls_reqcert never
tls_cacertfile /etc/ssl/certs/ca-certificates.crt
# The search scope.
#scope sub