Providing provider overlay

diff --git a/roles/base/tasks/main.yaml b/roles/base/tasks/main.yaml
index 9901fdc7af73bed21164a77cbe6eb2aa9904200f..28f6aabde9e95e40fedf1c874b3ac1509301a2b4 100644 (file)
--- a/roles/base/tasks/main.yaml
+++ b/roles/base/tasks/main.yaml
@@ -13,11 +13,18 @@
   changed_when: False
   register: main_database_rdn
 
+- set_fact:
+    main_database_name: "{{ main_database_rdn.stdout | regex_replace('olcDatabase=', '', ignorecase=1) }}"
+
 - name: "Failing because main database for suffix '{{ lapd_suffix }}' not found."
   fail:
     msg: "Failed to detect main database for suffix '{{ lapd_suffix }}'."
   when: main_database_rdn.rc != 0
 
 - include: 'overlays0-memberof.yaml'
+
 - include: 'config_root_account.yaml'
 
+- include: 'providers.yaml'
+  when: "'providers' in group_names"
+

diff --git a/roles/base/tasks/provider-overlay.yaml b/roles/base/tasks/provider-overlay.yaml
new file mode 100644 (file)
index 0000000..72dbbc9
--- /dev/null
+++ b/roles/base/tasks/provider-overlay.yaml
@@ -0,0 +1,55 @@
+---
+
+################################################################
+# Acticvating provider overlay
+
+- name: "Detecting, whether the provider overlay is applied on database '{{ item }}'."
+  shell: "ldapsearch -Q -Y EXTERNAL -H ldapi:/// -LLL -s sub -b 'olcDatabase={{ item }},cn=config' -o ldif-wrap=no 'objectClass=olcSyncProvConfig' olcOverlay | grep -i '^olcOverlay:' | sed -e 's/^olcOverlay:[       ]*//i'"
+  changed_when: False
+  ignore_errors: True
+  register: provider_overlay
+
+- name: "Acticvating provider overlay for database '{{ item }}'."
+  block:
+
+  - name: "Initializing LDIF file for adding provider overlay"
+    tempfile:
+      state: 'file'
+      prefix: 'overlay.provider.'
+      suffix: '.ldif'
+    register: provider_overlay_file
+
+  - name: "Get content of adding provider overlay to database '{{ item }}'."
+    template:
+      src: "templates/overlay-provider.ldif.j2"
+      dest: "{{ provider_overlay_file.path }}"
+      owner: root
+      group: root
+      mode: 0644
+
+  - name: "Get file content of adding provider overlay to database '{{ item }}'."
+    shell: "cat '{{ provider_overlay_file.path }}'"
+    register: provider_overlay_file_content
+    changed_when: False
+    no_log: True
+
+  - name: "Show content of file adding provider overlay to database '{{ item }}'."
+    debug: msg={{ provider_overlay_file_content.stdout_lines }}
+
+  - name: "Applying provider overlay to database '{{ item }}'."
+    shell: "ldapadd -Q -Y EXTERNAL -H ldapi:/// -f '{{ provider_overlay_file.path }}'"
+
+  rescue:
+    - name: "Failing base installation of OpenLDAP server because of some errors."
+      fail:
+        msg: "I caught an error"
+
+  always:
+
+    - name: "Removing file fo adding provider overlay to database '{{ item }}' ..."
+      file:
+        path: "{{ provider_overlay_file.path }}"
+        state: absent
+
+  when: provider_overlay.stdout == ''
+

diff --git a/roles/base/tasks/providers.yaml b/roles/base/tasks/providers.yaml
new file mode 100644 (file)
index 0000000..384888b
--- /dev/null
+++ b/roles/base/tasks/providers.yaml
@@ -0,0 +1,8 @@
+---
+
+- name: "Acticvating provider overlay for databases ..."
+  include_tasks: "provider-overlay.yaml"
+  loop:
+    - '{0}config'
+    - "{{ main_database_name }}"
+

diff --git a/roles/base/templates/overlay-provider.ldif.j2 b/roles/base/templates/overlay-provider.ldif.j2
new file mode 100644 (file)
index 0000000..33d5d0c
--- /dev/null
+++ b/roles/base/templates/overlay-provider.ldif.j2
@@ -0,0 +1,8 @@
+dn: olcOverlay=syncprov,olcDatabase={{ item }},cn=config
+changetype: add
+objectClass: olcConfig
+objectClass: olcOverlayConfig
+objectClass: olcSyncProvConfig
+olcOverlay: syncprov
+
+# vim: filetype=ldif