summaryrefslogtreecommitdiffstats
path: root/roles/common-LDAP
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-05-19 06:11:29 +0200
committerGuilhem Moulin <guilhem@fripost.org>2020-05-19 06:36:36 +0200
commit7249ebbf9237afe6cccb6069d8c910b4a5975cdf (patch)
treee784d680fe08acc2bb0bb68d769a4b9e5eb53cbc /roles/common-LDAP
parentc9ecd815b4b77a57589f3588eba6c7d8ddfac020 (diff)
LDAP: Update role to Debian Buster.
Diffstat (limited to 'roles/common-LDAP')
-rw-r--r--roles/common-LDAP/templates/etc/ldap/database.ldif.j25
1 files changed, 3 insertions, 2 deletions
diff --git a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2
index a154e29..1be00cb 100644
--- a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2
+++ b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2
@@ -17,8 +17,8 @@
dn: cn=config
objectClass: olcGlobal
cn: config
-olcArgsFile: /var/run/slapd/slapd.args
-olcPidFile: /var/run/slapd/slapd.pid
+olcArgsFile: /run/slapd/slapd.args
+olcPidFile: /run/slapd/slapd.pid
olcLogLevel: none
olcToolThreads: 1
{% if ansible_processor_vcpus > 4 %}
@@ -39,6 +39,7 @@ olcAuthzRegexp: "^(cn=[^,]+,ou=syncRepl),ou=LDAP,ou=SSLcerts,o=Fripost$"
"dn.exact:$1,dc=fripost,dc=org"
olcSaslSecProps: minssf=128,noanonymous,noplain,nodict
olcTLSCipherSuite: PFS:%LATEST_RECORD_VERSION:!CIPHER-ALL:+AES-128-GCM:+AES-256-GCM:!VERS-SSL3.0:!VERS-TLS1.0:!VERS-TLS1.1
+olcTLSDHParamFile: /etc/ssl/dhparams.pem
{% endif %}
olcLocalSSF: 128
# /!\ This is not portable! But we only use glibc's crypt(3), which