Configure the LDAP provider.

(Hence the SyncProv overlay.)
author: Guilhem Moulin <guilhem@fripost.org> 2013-12-02 06:03:28 +0100
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:51:06 +0200
commit: 175f9f0272ab50a3bd6567ece06f8a5655866b08 (patch)
tree: baa4d09f88b41307b6306d861eafed65a356f381 /roles/LDAP-provider
parent: dd155fee24fcb05dad7ea9df241ce138ad7083b0 (diff)
2 files changed, 25 insertions, 0 deletions
diff --git a/roles/LDAP-provider/files/etc/ldap/syncprov.ldif b/roles/LDAP-provider/files/etc/ldap/syncprov.ldif
new file mode 100644
index 0000000..42f06a0
--- /dev/null
+++ b/roles/LDAP-provider/files/etc/ldap/syncprov.ldif
@@ -0,0 +1,13 @@
+# References:
+# - http://www.openldap.org/doc/admin24/replication.html#Syncrepl
+# - http://www.zytrax.com/books/ldap/ch7/#ol-syncrepl-rap
+# - man 5 slapo-syncprov
+
+dn: olcOverlay=syncprov,olcDatabase={*}hdb,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcSyncProvConfig
+olcOverlay: syncprov
+# contextCSN saved to database every 50 updates or 5
+# minutes
+olcSpCheckpoint: 50 5
+olcSpReloadHint: TRUE
diff --git a/roles/LDAP-provider/tasks/main.yml b/roles/LDAP-provider/tasks/main.yml
new file mode 100644
index 0000000..64c8e30
--- /dev/null
+++ b/roles/LDAP-provider/tasks/main.yml
@@ -0,0 +1,12 @@
+- name: Copy the syncprov overlay configuration
+  copy: src=etc/ldap/syncprov.ldif
+        dest=/etc/ldap/fripost/syncprov.ldif
+        owner=root group=root
+        mode=0644
+
+- name: Load and configure the syncprov overlay
+  openldap: module=syncprov state=present
+            suffix=o=mailHosting,dc=fripost,dc=org
+            target=/etc/ldap/fripost/syncprov.ldif
+
+# TODO: authz constraint
author	Guilhem Moulin <guilhem@fripost.org>	2013-12-02 06:03:28 +0100
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:51:06 +0200
commit	175f9f0272ab50a3bd6567ece06f8a5655866b08 (patch)
tree	baa4d09f88b41307b6306d861eafed65a356f381 /roles/LDAP-provider
parent	dd155fee24fcb05dad7ea9df241ce138ad7083b0 (diff)