5f08a7522e
Signed-off-by: Hadrien Patte <hadrien.patte@protonmail.com>
58 lines
1.2 KiB
YAML
58 lines
1.2 KiB
YAML
---
|
|
# slapd is OpenLDAP server
|
|
- name: Install LDAP server
|
|
apt:
|
|
name: slapd
|
|
state: present
|
|
update_cache: yes
|
|
|
|
# What is written after is really not a nice way to install a schema
|
|
# because the LDAP is being flushed away always...
|
|
# This is a problem in re2o installation method that may be fixed in the future.
|
|
|
|
# Much nicer than install_re2o.sh way
|
|
- name: Build schema
|
|
template:
|
|
src: schema.ldiff.j2
|
|
dest: /etc/ldap/schema.ldiff
|
|
mode: 0600
|
|
|
|
# Downtime!
|
|
- name: Stop LDAP server
|
|
service:
|
|
name: slapd
|
|
state: stopped
|
|
|
|
# Cry a bit
|
|
- name: Remove old data
|
|
file: path={{ item }} state=absent
|
|
with_items:
|
|
- /etc/ldap/slapd.d
|
|
- /var/lib/ldap
|
|
|
|
# Cry a lot
|
|
- name: Recreate structure
|
|
file: path={{ item }} state=directory
|
|
with_items:
|
|
- /etc/ldap/slapd.d
|
|
- /var/lib/ldap
|
|
|
|
# Install schema as root
|
|
# We can't do a `become_user` here
|
|
- name: Install LDAP schema
|
|
command: 'slapadd -n 0 -l /etc/ldap/schema.ldiff -F /etc/ldap/slapd.d'
|
|
|
|
# then fix permissions
|
|
- name: Fix permissions
|
|
file:
|
|
path: "{{ item }}"
|
|
owner: openldap
|
|
group: openldap
|
|
recurse: yes
|
|
with_items:
|
|
- '/var/lib/ldap'
|
|
- '/etc/ldap/slapd.d'
|
|
|
|
# Save the day
|
|
- name: Start LDAP server
|
|
service: name=slapd state=started
|