67 lines
1.3 KiB
YAML
67 lines
1.3 KiB
YAML
---
|
|
# slapd is OpenLDAP server
|
|
- name: Install LDAP server
|
|
apt:
|
|
name: slapd
|
|
state: present
|
|
update_cache: true
|
|
register: apt_result
|
|
retries: 3
|
|
until: apt_result is succeeded
|
|
|
|
# What is written after is really not a nice way to install a schema
|
|
# because the LDAP is being flushed away always...
|
|
# This is a problem in re2o installation method that may be fixed in the future.
|
|
|
|
# Much nicer than install_re2o.sh way
|
|
- name: Build schema
|
|
template:
|
|
src: schema.ldiff.j2
|
|
dest: /etc/ldap/schema.ldiff
|
|
mode: 0600
|
|
|
|
# Downtime!
|
|
- name: Stop LDAP server
|
|
service:
|
|
name: slapd
|
|
state: stopped
|
|
|
|
# Cry a bit
|
|
- name: Remove old data
|
|
file:
|
|
path: "{{ item }}"
|
|
state: absent
|
|
loop:
|
|
- /etc/ldap/slapd.d
|
|
- /var/lib/ldap
|
|
|
|
# Cry a lot
|
|
- name: Recreate structure
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
loop:
|
|
- /etc/ldap/slapd.d
|
|
- /var/lib/ldap
|
|
|
|
# Install schema as root
|
|
# We can't do a `become_user` here
|
|
- name: Install LDAP schema
|
|
command: slapadd -n 0 -l /etc/ldap/schema.ldiff -F /etc/ldap/slapd.d
|
|
|
|
# then fix permissions
|
|
- name: Fix permissions
|
|
file:
|
|
path: "{{ item }}"
|
|
owner: openldap
|
|
group: openldap
|
|
recurse: true
|
|
loop:
|
|
- /var/lib/ldap
|
|
- /etc/ldap/slapd.d
|
|
|
|
# Save the day
|
|
- name: Start LDAP server
|
|
service:
|
|
name: slapd
|
|
state: started
|