- name: Install epel
  package:
    name: epel-release
    state: present

- name: Install openldap server and other required packages
  package:
    name:
      - openldap-servers
      - openldap-clients
      - openldap-devel
      - cyrus-sasl-devel
      - openssl
      - openssl-devel
    state: present

- name: Permanently enable ldap service firewalld
  ansible.posix.firewalld:
    service: ldap
    state: enabled
    permanent: true
    immediate: true
    offline: true

- name: Permanently enable ldaps service firewalld
  ansible.posix.firewalld:
    service: ldaps
    state: enabled
    permanent: true
    immediate: true
    offline: true

- name: Create ldifs directory
  file:
    path: /etc/openldap/ldifs
    state: directory
    mode: '0700'
    owner: ldap
    group: ldap

- name: Copy default configuration ldif
  copy:
    src: /usr/share/openldap-servers/slapd.ldif
    dest: /etc/openldap/ldifs/slapd.ldif
    owner: ldap
    group: ldap
    mode: '0600'
    force: false
    remote_src: true

- name: Set olcSuffix for domain
  lineinfile:
    path: /etc/openldap/ldifs/slapd.ldif
    regexp: '^olcSuffix:'
    line: 'olcSuffix: dc=ldap,dc=home,dc=jthan,dc=io'

- name: Set olcRootDN
  lineinfile:
    path: /etc/openldap/ldifs/slapd.ldif
    regexp: '^olcRootDN:'
    line: 'olcRootDN: cn=Manager, dc=ldap,dc=home,dc=jthan,dc=io'

#- name: Start and enable slapd
#  service:
#    name: slapd
#    state: started
#    enabled: true