diff options
Diffstat (limited to 'roles/common-LDAP')
| -rw-r--r-- | roles/common-LDAP/tasks/main.yml | 27 | ||||
| -rw-r--r-- | roles/common-LDAP/templates/etc/ldap/database.ldif.j2 | 2 |
2 files changed, 10 insertions, 19 deletions
diff --git a/roles/common-LDAP/tasks/main.yml b/roles/common-LDAP/tasks/main.yml index 3ef02e8..5aa8a2e 100644 --- a/roles/common-LDAP/tasks/main.yml +++ b/roles/common-LDAP/tasks/main.yml @@ -26,63 +26,54 @@ # than its suffix or cn=admin,... openldap: dbdirectory=/var/lib/ldap ignoredn=cn=admin state=absent - name: Create directory /var/lib/ldap/fripost file: path=/var/lib/ldap/fripost state=directory owner=openldap group=openldap mode=0700 - name: Copy /var/lib/ldap/fripost/DB_CONFIG copy: src=var/lib/ldap/fripost/DB_CONFIG dest=/var/lib/ldap/fripost/DB_CONFIG owner=openldap group=openldap mode=0600 register: r2 notify: # Not sure if required - Restart slapd -- name: Create directory /etc/ldap/fripost - file: path=/etc/ldap/fripost - state=directory - owner=root group=root - mode=0755 - -- name: Copy fripost database definition - template: src=etc/ldap/database.ldif.j2 - dest=/etc/ldap/fripost/database.ldif - owner=root group=root - mode=0600 - - name: Copy fripost & amavis' schema copy: src=etc/ldap/schema/{{ item }} dest=/etc/ldap/schema/{{ item }} owner=root group=root mode=0644 # It'd certainly be nicer if we didn't have to deploy amavis' schema # everywhere, but we need the 'objectClass' in our replicates, hence # they need to be aware of the 'amavisAccount' class. with_items: - fripost.ldif - amavis.schema tags: - amavis -- name: Load fripost's schema and configure the database - openldap: target=/etc/ldap/{{ item }} state=present - with_items: - - schema/fripost.ldif - - fripost/database.ldif - - name: Load amavis' schema openldap: target=/etc/ldap/schema/amavis.schema state=present format=slapd.conf name=amavis tags: - ldap +- name: Load Fripost' schema + openldap: target=/etc/ldap/schema/fripost.ldif state=present + tags: + - ldap + +- name: Configure the LDAP database + openldap: target=etc/ldap/database.ldif.j2 local=template + state=present + - name: Start slapd service: name=slapd state=started when: not (r1.changed or r2.changed) - meta: flush_handlers diff --git a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 index cde9069..af31836 100644 --- a/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 +++ b/roles/common-LDAP/templates/etc/ldap/database.ldif.j2 @@ -1,22 +1,22 @@ # Fripost's LDAP database definition -# Copyright © 2013 Guilhem Moulin <guilhem@fripost.org> +# Copyright (c) 2013 Guilhem Moulin <guilhem@fripost.org> # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. dn: olcDatabase=hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDbDirectory: /var/lib/ldap/fripost olcSuffix: o=mailHosting,dc=fripost,dc=org olcLastMod: TRUE |