add firewall rules, copy default config

2026-01-21 21:54:46 -07:00
parent 1f938f0f23
commit fc3e2ef779
1 changed files with 41 additions and 0 deletions
--- a/ansible/roles/openldap_server/tasks/main.yaml
+++ b/ansible/roles/openldap_server/tasks/main.yaml
@@ -13,3 +13,44 @@
      - openssl
      - openssl-devel
    state: present
+
+- name: Permanently enable ldap service firewalld
+  ansible.posix.firewalld:
+    service: ldap
+    state: enabled
+    permanent: true
+    immediate: true
+    offline: true
+
+- name: Permanently enable ldaps service firewalld
+  ansible.posix.firewalld:
+    service: ldaps
+    state: enabled
+    permanent: true
+    immediate: true
+    offline: true
+
+- name: Create ldifs directory
+  file:
+    path: /etc/openldap/ldifs
+    state: directory
+    mode: '0700'
+    owner: ldap
+    group: ldap
+
+- name: Copy default configuration ldif
+  copy:
+    src: /usr/share/openldap-servers/slapd.ldif
+    dest: /etc/openldap/ldifs/slapd.ldif
+    owner: ldap
+    group: ldap
+    mode: '0600'
+    force: false
+    remote_src: true
+
+#- name: Start and enable slapd
+#  service:
+#    name: slapd
+#    state: started
+#    enabled: true
+