ansible/roles/ldap_replica/tasks/main.yml
2020-11-04 19:36:40 +01:00

68 lines
1.3 KiB
YAML

---
# slapd is OpenLDAP server
- name: Install LDAP server
apt:
name: slapd
state: present
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
# What is written after is really not a nice way to install a schema
# because the LDAP is being flushed away always...
# This is a problem in re2o installation method that may be fixed in the future.
# Much nicer than install_re2o.sh way
- name: Build schema
template:
src: schema.ldiff.j2
dest: /etc/ldap/schema.ldiff
mode: 0600
# Downtime!
- name: Stop LDAP server
service:
name: slapd
state: stopped
# Cry a bit
- name: Remove old data
file:
path: "{{ item }}"
state: absent
loop:
- /etc/ldap/slapd.d
- /var/lib/ldap
# Cry a lot
- name: Recreate structure
file:
path: "{{ item }}"
state: directory
mode: 0755
loop:
- /etc/ldap/slapd.d
- /var/lib/ldap
# Install schema as root
# We can't do a `become_user` here
- name: Install LDAP schema
command: slapadd -n 0 -l /etc/ldap/schema.ldiff -F /etc/ldap/slapd.d
# then fix permissions
- name: Fix permissions
file:
path: "{{ item }}"
owner: openldap
group: openldap
recurse: true
loop:
- /var/lib/ldap
- /etc/ldap/slapd.d
# Save the day
- name: Start LDAP server
service:
name: slapd
state: started