summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/LDAP-provider/tasks/main.yml2
-rw-r--r--roles/common-LDAP/tasks/main.yml14
2 files changed, 12 insertions, 4 deletions
diff --git a/roles/LDAP-provider/tasks/main.yml b/roles/LDAP-provider/tasks/main.yml
index 0ba4f26..fa212a0 100644
--- a/roles/LDAP-provider/tasks/main.yml
+++ b/roles/LDAP-provider/tasks/main.yml
@@ -1,5 +1,5 @@
- name: Load and configure the syncprov overlay
- openldap: module=syncprov state=present
+ openldap: module=syncprov
suffix=dc=fripost,dc=org
target=etc/ldap/syncprov.ldif
local=file
diff --git a/roles/common-LDAP/tasks/main.yml b/roles/common-LDAP/tasks/main.yml
index 85ad831..e86fa45 100644
--- a/roles/common-LDAP/tasks/main.yml
+++ b/roles/common-LDAP/tasks/main.yml
@@ -112,17 +112,25 @@
- amavis
- name: Load amavis' schema
- openldap: target=/etc/ldap/schema/amavis.schema state=present
+ openldap: target=/etc/ldap/schema/amavis.schema
format=slapd.conf name=amavis
tags:
- ldap
- name: Load Fripost' schema
- openldap: target=/etc/ldap/schema/fripost.ldif state=present
+ openldap: target=/etc/ldap/schema/fripost.ldif
tags:
- ldap
# We assume a clean (=stock) cn=config
- name: Configure the LDAP database
openldap: target=etc/ldap/database.ldif.j2 local=template
- state=present
+
+# On read-only replicates, you might have to temporarily switch back to
+# read-write, delete the SyncRepl, and delete the DN manually:
+# sudo ldapdelete -Y EXTERNAL -H ldapi:// cn=admin,dc=fripost,dc=org
+- name: Remove cn=admin,dc=fripost,dc=org
+ openldap: name="cn=admin,dc=fripost,dc=org" delete=entry
+
+- name: Remove the rootDN under the 'config' database
+ openldap: name="olcDatabase={0}config,cn=config" delete=olcRootDN,olcRootPW
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 05:20:36 +0000