---
# Install LDAP client packages
- name: Install LDAP client packages
  apt:
    update_cache: true
    name:
      - nslcd
      - libnss-ldapd
      - libpam-ldapd
    state: present
  register: apt_result
  retries: 3
  until: apt_result is succeeded

# Reduce LDAP load
# For the moment it is broken on Stretch when using PHP7.3
# - name: Install LDAP cache package
#   apt:
#     name: nscd
#     state: present
#     update_cache: true

# Configure /etc/nslcd.conf
- name: Configure nslcd LDAP credentials
  template:
    src: nslcd.conf.j2
    dest: /etc/nslcd.conf
    mode: 0600
  notify: Restart nslcd service

# Configure /etc/nsswitch.conf
- name: Configure NSS to use LDAP
  lineinfile:
    dest: /etc/nsswitch.conf
    regexp: "^{{ item }}:"
    line: "{{ item }}: files ldap"
  loop:
    - passwd
    - group
    - shadow
    - sudoers
  notify: Restart nslcd service