summaryrefslogtreecommitdiffstats
path: root/roles/common-LDAP
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2014-07-10 02:10:20 +0200
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 02:52:56 +0200
commit520ca74cdac5bc15b0d28f7a313730655c95d9c8 (patch)
tree8d7fa3893b7a5577a0b524252e67efdc5aef4eb9 /roles/common-LDAP
parentb972b4beb773a5567eb1190e4a44a05d88193f94 (diff)
Add extra indexes on the LDAP provider.
Those will be useful for the tools.
Diffstat (limited to 'roles/common-LDAP')
-rw-r--r--roles/common-LDAP/templates/etc/ldap/database.ldif.j214
1 files changed, 11 insertions, 3 deletions
diff --git a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2
index 874bd9d..7d841b8 100644
--- a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2
+++ b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2
@@ -88,17 +88,25 @@ olcSecurity: simple_bind=128 ssf=128 update_ssf=128
#
# To reindex an existing database, you have to
# * Stop slapd sudo service slapd stop
-# * Reindex su openldap -c "slapindex -b 'dc=fripost,dc=org'"
+# * Reindex sudo -u openldap slapindex -b 'dc=fripost,dc=org'
# * Restart slapd sudo service slapd start
#
olcDbIndex: objectClass eq
# Let us make Postfix's life easier.
-{% if 'MX' in group_names or 'MDA' in group_names %}
+{% if 'LDAP-provider' in group_names %}
+olcDbIndex: fvd,fvl eq,sub
+olcDbIndex: fripostIsStatusActive eq
+{% elif 'MX' in group_names or 'MDA' in group_names %}
olcDbIndex: fripostIsStatusActive,fvd,fvl eq
{% endif %}
-{% if 'MX' in group_names %}
+{% if 'LDAP-provider' in group_names %}
+olcDbIndex: fripostOptionalMaildrop,fripostMaildrop eq,sub
+olcDbIndex: fripostCanAddAlias,fripostCanAddList,fripostOwner,fripostPostmaster,fripostListManager eq
+{% elif 'MX' in group_names %}
olcDbIndex: fripostOptionalMaildrop pres
{% endif %}
+{% if 'LDAP-provider' in group_names %}
+{% endif %}
{% if ('LDAP-provider' not in group_names and
('MX' in group_names or 'lists' in group_names)) or
'LDAP-provider' in group_names and