slapd
Role Name
install openldap servers on CentOS - should work on RH too
TODO
make it work on CentOS8: difier form_slapd/vars/CentOS.yml : ldap_packages:
- symas-openldap-servers
- symas-openldap-clients
- python3-ldap.x86_64 ldap_service: slapd ldap_user: ldap
dans form_slapd/templates/change_suffix_and_dit_admin.ldif remplacer hdb par mdb ligne 1
dans form_slapd/tasks/main.yml remplacer hdb par mdb ligne 26 Requirements
none
Role Variables
defined in vars/main.yml and vars/CentOS.yml
- ldap_domain - example
- ldap_domain_ex - net
- ldap_suffix - constructed from variables above example.net
- ldap_admin_dn - cn=manager,{{ ldap_suffix }}
- ldap_admin_password - 123Soleil - should be in a vault ...)
- ldap_secret_file - default to /root/.ldap.secret
- ldap_packages - liste of packages - should be the only thing to change to adapt to other distro
- ldap_service - name of service unit file - slapd
- ldap_user - slapd service account
- ldap_schemas - list of additionnal schema names to load - default cosine
- ldap_replication_consumer - bool -true to setup a replication consumer
- ldap_replication_provider - bool -true to setup a replication provider
- ldap_replication_account - account used for replication
- ldap_replication_password - account password used for replication
- ldap_replication_provider_uri - ldap uri of provider server
- ldap_have_ssl - boolean - wether we use ssl or not
- ldap_ssl_dir - directory where certificates will be stored
- ldap_cache_size: 3000
- ldap_idlcache_size: 60001024 30
- ldap_checkpoint: 1024 30
- ldap_ssl_cert_path - {{ ldap_ssl_dir }}/{{ ansible_fqdn }}_fullchain.pem
- ldap_ssl_cacert_path - {{ ldap_ssl_dir }}/{{ ansible_fqdn }}_fullchain.pem
- ldap_ssl_key_path - {{ ldap_ssl_dir }}/{{ ansible_fqdn }}_privkey.pem
- ldap_ldif_files - optional list of ldif files to send to server and inject. Will be templated. need absolute path
Dependencies
None
Example Playbook
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- role: slapd
vars:
- ldap_schemas:
- cosine
- nis
- inetorgperson
- ldap_replication_consumer: false
- ldap_domain: opendoor
- ldap_domain_ex: fr
- ldap_suffix: o=od
- ldap_admin_password: 123Soleil
- ldap_replication_provider: false
- ldap_have_ssl: yes
- ldap_ssl_dir: /etc/openldap/certs/
- ldap_ssl_cert_path: "{{ ssl_certificate_file }}"
- ldap_ssl_key_path: "{{ ssl_key_file }}"
- ldap_ssl_cacert_path: "{{ ssl_ca_file }}"
- ldap_ldif_files:
- /home/tom/tmp/cyrus_postfix_ldap/Vagrant/0_branches.ldif
- /home/tom/tmp/cyrus_postfix_ldap/Vagrant/1_users.ldif
- ldap_schemas:
License
BSD Author Information
Thomas C thomas@opendoor.fr
Install
ansible-galaxy install tconstans/ansible_slapd
License
Unknown
Downloads
33
Owner