- name: Install epel
  package:
    name: epel-release
    state: present

- name: Install openldap server and other required packages
  package:
    name:
      - openldap-servers
      - openldap-clients
      - openldap-devel
      - cyrus-sasl-devel
      - openssl
      - openssl-devel
      - python3-ldap
    state: present
  notify: restart slapd

- name: Permanently enable ldap service firewalld
  ansible.posix.firewalld:
    service: ldap
    state: enabled
    permanent: true
    immediate: true
    offline: true

- name: Permanently enable ldaps service firewalld
  ansible.posix.firewalld:
    service: ldaps
    state: enabled
    permanent: true
    immediate: true
    offline: true

- name: Create ldifs directory
  file:
    path: /etc/openldap/ldifs
    state: directory
    mode: '0700'
    owner: ldap
    group: ldap

- name: Set up ldap.conf base
  lineinfile:
    path: /etc/openldap/ldap.conf
    regexp: '^#BASE'
    line: 'BASE: dc=ldap,dc=home,dc=jthan,dc=io'

- name: Setup ldap.conf URIs
  lineinfile:
    path: /etc/openldap/ldap.conf
    regexp: '^#URI'
    line: 'URI: ldap://ldap.home.jthan.io'

- name: Enable slapd
  service:
    name: slapd
    state: started
    enabled: yes