ansible/roles/ldap-replica/tasks/main.yml
Hadrien Patte b55a2ee047
Fix: add a retry statement to remote package tasks
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
2019-03-03 19:55:51 +01:00

61 lines
1.3 KiB
YAML

---
# slapd is OpenLDAP server
- name: Install LDAP server
apt:
name: slapd
state: present
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
# What is written after is really not a nice way to install a schema
# because the LDAP is being flushed away always...
# This is a problem in re2o installation method that may be fixed in the future.
# Much nicer than install_re2o.sh way
- name: Build schema
template:
src: schema.ldiff.j2
dest: /etc/ldap/schema.ldiff
mode: 0600
# Downtime!
- name: Stop LDAP server
service:
name: slapd
state: stopped
# Cry a bit
- name: Remove old data
file: path={{ item }} state=absent
with_items:
- /etc/ldap/slapd.d
- /var/lib/ldap
# Cry a lot
- name: Recreate structure
file: path={{ item }} state=directory
with_items:
- /etc/ldap/slapd.d
- /var/lib/ldap
# Install schema as root
# We can't do a `become_user` here
- name: Install LDAP schema
command: 'slapadd -n 0 -l /etc/ldap/schema.ldiff -F /etc/ldap/slapd.d'
# then fix permissions
- name: Fix permissions
file:
path: "{{ item }}"
owner: openldap
group: openldap
recurse: yes
with_items:
- '/var/lib/ldap'
- '/etc/ldap/slapd.d'
# Save the day
- name: Start LDAP server
service: name=slapd state=started