---
# slapd is OpenLDAP server
- name: Install LDAP server
  apt:
    name: slapd
    state: present
    update_cache: true
  register: apt_result
  retries: 3
  until: apt_result is succeeded

# What is written after is really not a nice way to install a schema
# because the LDAP is being flushed away always...
# This is a problem in re2o installation method that may be fixed in the future.

# Much nicer than install_re2o.sh way
- name: Build schema
  template:
    src: schema.ldiff.j2
    dest: /etc/ldap/schema.ldiff
    mode: 0600

# Downtime!
- name: Stop LDAP server
  service:
    name: slapd
    state: stopped

# Cry a bit
- name: Remove old data
  file:
    path: "{{ item }}"
    state: absent
  loop:
    - /etc/ldap/slapd.d
    - /var/lib/ldap

# Cry a lot
- name: Recreate structure
  file:
    path: "{{ item }}"
    state: directory
  loop:
    - /etc/ldap/slapd.d
    - /var/lib/ldap

# Install schema as root
# We can't do a `become_user` here
- name: Install LDAP schema
  command: slapadd -n 0 -l /etc/ldap/schema.ldiff -F /etc/ldap/slapd.d

# then fix permissions
- name: Fix permissions
  file:
    path: "{{ item }}"
    owner: openldap
    group: openldap
    recurse: true
  loop:
    - /var/lib/ldap
    - /etc/ldap/slapd.d

# Save the day
- name: Start LDAP server
  service:
    name: slapd
    state: started