From 175f9f0272ab50a3bd6567ece06f8a5655866b08 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Mon, 2 Dec 2013 06:03:28 +0100
Subject: Configure the LDAP provider.

(Hence the SyncProv overlay.)
---
 roles/LDAP-provider/files/etc/ldap/syncprov.ldif | 13 +++++++++++++
 roles/LDAP-provider/tasks/main.yml               | 12 ++++++++++++
 2 files changed, 25 insertions(+)
 create mode 100644 roles/LDAP-provider/files/etc/ldap/syncprov.ldif
 create mode 100644 roles/LDAP-provider/tasks/main.yml

(limited to 'roles/LDAP-provider')

diff --git a/roles/LDAP-provider/files/etc/ldap/syncprov.ldif b/roles/LDAP-provider/files/etc/ldap/syncprov.ldif
new file mode 100644
index 0000000..42f06a0
--- /dev/null
+++ b/roles/LDAP-provider/files/etc/ldap/syncprov.ldif
@@ -0,0 +1,13 @@
+# References:
+# - http://www.openldap.org/doc/admin24/replication.html#Syncrepl
+# - http://www.zytrax.com/books/ldap/ch7/#ol-syncrepl-rap
+# - man 5 slapo-syncprov
+
+dn: olcOverlay=syncprov,olcDatabase={*}hdb,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcSyncProvConfig
+olcOverlay: syncprov
+# contextCSN saved to database every 50 updates or 5
+# minutes
+olcSpCheckpoint: 50 5
+olcSpReloadHint: TRUE
diff --git a/roles/LDAP-provider/tasks/main.yml b/roles/LDAP-provider/tasks/main.yml
new file mode 100644
index 0000000..64c8e30
--- /dev/null
+++ b/roles/LDAP-provider/tasks/main.yml
@@ -0,0 +1,12 @@
+- name: Copy the syncprov overlay configuration
+  copy: src=etc/ldap/syncprov.ldif
+        dest=/etc/ldap/fripost/syncprov.ldif
+        owner=root group=root
+        mode=0644
+
+- name: Load and configure the syncprov overlay
+  openldap: module=syncprov state=present
+            suffix=o=mailHosting,dc=fripost,dc=org
+            target=/etc/ldap/fripost/syncprov.ldif
+
+# TODO: authz constraint
-- 
cgit v1.2.3