From c9157bc933bc7bf11afbe0e1780b98367cb42cf3 Mon Sep 17 00:00:00 2001 From: Jonathan DeMasi Date: Sun, 25 Jan 2026 00:41:19 -0700 Subject: [PATCH] cleanup --- ansible/roles/openldap_directory/tasks/users.yaml | 2 +- ansible/roles/openldap_server/handlers/main.yaml | 4 ++-- .../roles/openldap_server/tasks/find_database.yaml | 4 ++-- ansible/roles/openldap_server/tasks/schemas.yaml | 14 +++++++------- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/ansible/roles/openldap_directory/tasks/users.yaml b/ansible/roles/openldap_directory/tasks/users.yaml index 5f806d5..b51cd3d 100644 --- a/ansible/roles/openldap_directory/tasks/users.yaml +++ b/ansible/roles/openldap_directory/tasks/users.yaml @@ -1,5 +1,5 @@ - name: Render user LDIFs - ansible.builtin.template: + template: src: user.ldif.j2 dest: "/tmp/ldap-user-{{ user.uid }}.ldif" mode: '0600' diff --git a/ansible/roles/openldap_server/handlers/main.yaml b/ansible/roles/openldap_server/handlers/main.yaml index 8d7d4dc..f448874 100644 --- a/ansible/roles/openldap_server/handlers/main.yaml +++ b/ansible/roles/openldap_server/handlers/main.yaml @@ -1,11 +1,11 @@ --- - name: restart slapd - ansible.builtin.service: + service: name: slapd state: restarted - name: reload slapd - ansible.builtin.service: + service: name: slapd state: reloaded diff --git a/ansible/roles/openldap_server/tasks/find_database.yaml b/ansible/roles/openldap_server/tasks/find_database.yaml index 7dfba5d..dbd882a 100644 --- a/ansible/roles/openldap_server/tasks/find_database.yaml +++ b/ansible/roles/openldap_server/tasks/find_database.yaml @@ -1,10 +1,10 @@ - name: Find main LDAP database DN - ansible.builtin.command: > + command: > ldapsearch -Y EXTERNAL -H ldapi:/// \ -b cn=config '(olcSuffix={{ ldap_basedn }})' dn register: ldap_db_dn changed_when: false - name: Set fact for main database DN - ansible.builtin.set_fact: + set_fact: ldap_main_db_dn: "{{ ldap_db_dn.stdout_lines | select('match','^dn:') | first | regex_replace('^dn: ','') }}" diff --git a/ansible/roles/openldap_server/tasks/schemas.yaml b/ansible/roles/openldap_server/tasks/schemas.yaml index e90fe40..5fd8a7c 100644 --- a/ansible/roles/openldap_server/tasks/schemas.yaml +++ b/ansible/roles/openldap_server/tasks/schemas.yaml @@ -1,25 +1,25 @@ --- # roles/ldap_server/tasks/schemas.yml - name: Ensure LDAP core schema is loaded - ansible.builtin.command: > + command: > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/core.ldif args: creates: /etc/openldap/schema/.core_loaded - name: Ensure LDAP cosine schema is loaded - ansible.builtin.command: > + command: > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif args: creates: /etc/openldap/schema/.cosine_loaded - name: Ensure LDAP inetorgperson schema is loaded - ansible.builtin.command: > + command: > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif args: creates: /etc/openldap/schema/.inetorgperson_loaded - name: Ensure LDAP nis schema is loaded - ansible.builtin.command: > + command: > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif args: creates: /etc/openldap/schema/.nis_loaded @@ -41,7 +41,7 @@ mode: '0600' - name: Ensure custom LDAP schemas (sudo + openssh) are loaded - ansible.builtin.command: > + command: > ldapadd -Y EXTERNAL -H ldapi:/// -f {{ item.file }} args: creates: "/etc/openldap/schema/.{{ item.name }}_loaded" @@ -53,7 +53,7 @@ # Touch marker files for idempotency (optional but recommended) - name: Ensure marker files exist - ansible.builtin.file: + file: path: "/etc/openldap/schema/.{{ item.name }}_loaded" state: touch loop: @@ -62,5 +62,5 @@ - { name: "inetorgperson" } - { name: "nis" } # - { name: "sudo" } -# - { name: "openssh" } + - { name: "openssh" }