2021-05-16 20:55:22 +00:00
|
|
|
- name: ensure directories exist
|
|
|
|
file:
|
|
|
|
path: "{{ item }}"
|
|
|
|
state: directory
|
|
|
|
mode: '0755'
|
|
|
|
loop:
|
|
|
|
- "{{ data_folder }}/openldap"
|
|
|
|
- "{{ data_folder }}/openldap/data"
|
|
|
|
- "{{ data_folder }}/openldap/slapd.d"
|
2021-05-16 21:46:45 +00:00
|
|
|
- "{{ data_folder }}/openldap/ldifs"
|
2021-05-16 20:55:22 +00:00
|
|
|
# - name: copy slapd.conf
|
|
|
|
# template:
|
|
|
|
# src: slapd.conf.j2
|
|
|
|
# dest: "{{ data_folder }}/openldap/slapd.d/slapd.conf"
|
|
|
|
# mode: '0755'
|
2021-05-16 21:46:45 +00:00
|
|
|
- name: copy user ldif
|
|
|
|
template:
|
|
|
|
src: lukas.ldif.j2
|
|
|
|
dest: "{{ data_folder }}/openldap/ldifs/lukas.ldif"
|
|
|
|
mode: '0755'
|
2021-05-16 20:55:22 +00:00
|
|
|
- name: run container
|
|
|
|
docker_container:
|
|
|
|
name: "openldap"
|
|
|
|
image: osixia/openldap
|
|
|
|
command: "--loglevel debug"
|
|
|
|
networks:
|
2021-05-16 21:47:07 +00:00
|
|
|
- name: bridge
|
2021-05-16 20:55:22 +00:00
|
|
|
- name: nginx-internal
|
|
|
|
ports:
|
|
|
|
- "389:389"
|
|
|
|
- "636:636"
|
|
|
|
volumes:
|
|
|
|
- "{{ data_folder }}/openldap/data:/var/lib/ldap"
|
|
|
|
- "{{ data_folder }}/openldap/slapd.d:/etc/ldap/slapd.d"
|
2021-05-16 21:46:45 +00:00
|
|
|
- "{{ data_folder }}/openldap/ldifs:/container/service/slapd/assets/config/bootstrap/ldif/custom"
|
2021-05-16 20:55:22 +00:00
|
|
|
env:
|
|
|
|
LDAP_ORGANISATION: "Homelab"
|
|
|
|
LDAP_DOMAIN: "kucharczyk.xyz"
|
2021-05-16 21:46:45 +00:00
|
|
|
LDAP_REMOVE_CONFIG_AFTER_SETUP: "false"
|
2021-05-16 20:55:22 +00:00
|
|
|
LDAP_ADMIN_PASSWORD: !vault |
|
|
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
|
|
35623735376134353839323136623133393035343162363366643632376262393539653736326431
|
|
|
|
6635373265313033653861393463633835333639346239650a303463323063373866316162616131
|
|
|
|
66356335346631386265363462353034393735366430636634643466376435313638303938363363
|
|
|
|
3838396139663964300a633931303135376566633363303336373937373138643564636263656233
|
|
|
|
6239
|
|
|
|
state: started
|
|
|
|
restart: yes
|