ansible/roles/ldap-replica/tasks/main.yml

58 lines
1.2 KiB
YAML
Raw Normal View History

---
# slapd is OpenLDAP server
- name: Install LDAP server
apt:
name: slapd
state: present
update_cache: yes
# What is written after is really not a nice way to install a schema
# because the LDAP is being flushed away always...
# This is a problem in re2o installation method that may be fixed in the future.
# Much nicer than install_re2o.sh way
- name: Build schema
template:
src: schema.ldiff.j2
dest: /etc/ldap/schema.ldiff
mode: 0600
# Downtime!
- name: Stop LDAP server
service: name=slapd state=stopped
# Cry a bit
- name: Remove old data
file: path={{ item }} state=absent
with_items:
- /etc/ldap/slapd.d
- /var/lib/ldap
# Cry a lot
- name: Recreate structure
file: path={{ item }} state=directory
with_items:
- /etc/ldap/slapd.d
- /var/lib/ldap
# Install schema as root
# We can't do a `become_user` here
- name: Install LDAP schema
command: 'slapadd -n 0 -l /etc/ldap/schema.ldiff -F /etc/ldap/slapd.d'
# then fix permissions
- name: Fix permissions
file:
path: "{{ item }}"
owner: openldap
group: openldap
recurse: yes
with_items:
- '/var/lib/ldap'
- '/etc/ldap/slapd.d'
# Save the day
- name: Start LDAP server
service: name=slapd state=started