Init new ldap server role

2026-01-23 16:26:39 -07:00
parent d18353d2ae
commit 7a377c09e0
7 changed files with 153 additions and 80 deletions
--- a/ansible/roles/openldap_server/tasks/main.yaml
+++ b/ansible/roles/openldap_server/tasks/main.yaml
@@ -1,80 +1,5 @@
- name: Install epel
-  package:
-    name: epel-release
-    state: present
-
- name: Install openldap server and other required packages
-  package:
-    name:
-      - openldap-servers
-      - openldap-clients
-      - openldap-devel
-      - cyrus-sasl-devel
-      - openssl
-      - openssl-devel
-    state: present
-
- name: Permanently enable ldap service firewalld
-  ansible.posix.firewalld:
-    service: ldap
-    state: enabled
-    permanent: true
-    immediate: true
-    offline: true
-
- name: Permanently enable ldaps service firewalld
-  ansible.posix.firewalld:
-    service: ldaps
-    state: enabled
-    permanent: true
-    immediate: true
-    offline: true
-
- name: Create ldifs directory
-  file:
-    path: /etc/openldap/ldifs
-    state: directory
-    mode: '0700'
-    owner: ldap
-    group: ldap
-
- name: Copy default configuration ldif
-  copy:
-    src: /usr/share/openldap-servers/slapd.ldif
-    dest: /etc/openldap/ldifs/slapd.ldif
-    owner: ldap
-    group: ldap
-    mode: '0600'
-    force: false
-    remote_src: true
-
- name: Set upldap.conf base
-  lineinfile:
-    path: /etc/openldap/ldap.conf
-    regexp: '^#BASE'
-    line: 'BASE: dc=ldap,dc=home,dc=jthan,dc=io'
-
- name: Setup ldap.conf URIs
-  lineinfile:
-    path: /etc/openldap/ldap.conf
-    regexp: '^#URI'
-    line: 'URI: ldap://ldap.home.jthan.io'
-
- name: Set olcSuffix for domain
-  lineinfile:
-    path: /etc/openldap/ldifs/slapd.ldif
-    regexp: '^olcSuffix:'
-    line: 'olcSuffix: dc=ldap,dc=home,dc=jthan,dc=io'
-
- name: Set olcRootDN
-  lineinfile:
-    path: /etc/openldap/ldifs/slapd.ldif
-    regexp: '^olcRootDN:'
-    line: 'olcRootDN: cn=Manager,dc=ldap,dc=home,dc=jthan,dc=io'
-
-#- name: Start and enable slapd
-#  service:
-#    name: slapd
-#    state: started
-#    enabled: true
-
+- import_tasks: install.yaml
+- import_tasks: schemas.yaml
+- import_tasks: config.yaml
+- import_tasks: tls.yaml
+- import_tasks: acls.yaml