role slapd: ajout

2019-07-03 16:53:55 +02:00
commit 1157035e24
11 changed files with 200 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -0,0 +1,56 @@
+---
+# tasks file for /etc/ansible/roles/slapd
+- name: OS specific vars
+  include_vars: "{{ ansible_distribution }}.yml"
+
+- name: install
+  package:
+    name: "{{ ldap_packages }}"
+    state: present
+
+- name: activate service
+  service:
+    name: "{{ ldap_service }}"
+    state: started
+    enabled: yes
+
+- name: reconfigure slapd
+  ldap_attr:
+    dn: olcDatabase={2}hdb,cn=config
+    name: "{{ item.key }}"
+    values: "{{ item.value }}"
+    state: exact
+  with_dict:
+    olcRootDN: "{{ ldap_admin_dn }}"
+    olcRootPW: "{{ ldap_admin_password }}"
+    olcSuffix: "{{ ldap_suffix }}"
+
+- name: check if schema already loaded
+  command: ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=schema,cn=config  -LLL olcObjectClasses='*0.9.2342.19200300.100.4.13 NAME*' dn
+  register: result
+
+- name: import mandatory schema
+  command: "ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif"
+  when: not result.stdout.find( 'cosine,cn=schema,cn=config' )
+
+- name: create suffix
+  ldap_entry:
+    server_uri: ldap://localhost
+    bind_dn: "{{ ldap_admin_dn }}"
+    bind_pw: "{{ ldap_admin_password }}"
+    dn: "{{ ldap_suffix }}"
+    objectClass: domain
+    attributes:
+      dc: "{{ ldap_domain }}"
+
+- name: configure client
+  template:
+    src: ldap.conf
+    dest: /etc/openldap/ldap.conf
+    mode: 0644
+
+- name: create passwd file
+  copy:
+    dest: /root/.ldap.secrets
+    mode: 0600
+    content: "{{ ldap_admin_password }}"