add openssh

2026-01-25 00:02:38 -07:00
parent 63da7e8ae4
commit 6e2486166b
4 changed files with 24 additions and 96 deletions
--- a/ansible/roles/openldap_server/tasks/schemas.yaml
+++ b/ansible/roles/openldap_server/tasks/schemas.yaml
@@ -32,24 +32,24 @@
 #    group: ldap
 #    mode: '0600'
 #
-#- name: Copy openssh schema into place
-#  copy:
-#    src: files/openssh.ldif
-#    dest: /etc/openldap/schema/openssh.ldif
-#    owner: ldap
-#    group: ldap
-#    mode: '0600'
+- name: Copy openssh schema into place
+  copy:
+    src: files/openssh.ldif
+    dest: /etc/openldap/schema/openssh.ldif
+    owner: ldap
+    group: ldap
+    mode: '0600'

-#- name: Ensure custom LDAP schemas (sudo + openssh) are loaded
-#  ansible.builtin.command: >
-#    ldapadd -Y EXTERNAL -H ldapi:/// -f {{ item.file }}
-#  args:
-#    creates: "/etc/openldap/schema/.{{ item.name }}_loaded"
-#  loop:
-#    - { name: "sudo", file: "/etc/openldap/schema/sudo.ldif" }
-#    - { name: "openssh", file: "/etc/openldap/schema/openssh.ldif" }
-#  loop_control:
-#    label: "{{ item.name }}"
+- name: Ensure custom LDAP schemas (sudo + openssh) are loaded
+  ansible.builtin.command: >
+    ldapadd -Y EXTERNAL -H ldapi:/// -f {{ item.file }}
+  args:
+    creates: "/etc/openldap/schema/.{{ item.name }}_loaded"
+  loop:
+    #- { name: "sudo", file: "/etc/openldap/schema/sudo.ldif" }
+    - { name: "openssh", file: "/etc/openldap/schema/openssh.ldif" }
+  loop_control:
+    label: "{{ item.name }}"

 # Touch marker files for idempotency (optional but recommended)
 - name: Ensure marker files exist