Kapisi/roles/Password/tasks/daemon.yml

---
 - name: Create the base config
   become: yes
   template:
     src: slapd.ldif
     dest: /etc/openldap/slapd.ldif
     owner: ldap
     group: ldap
     mode: 0640

 - name: Create the directories
   file:
     path: "{{ item }}"
     owner: ldap
     group: ldap
     mode: 0700
   loop:
     - /var/lib/openldap/openldap-data/
     - /etc/openldap
     - /etc/openldap/users.d
     - /etc/openldap/groups.d
     - /etc/openldap/slapd.d

 - name: Initialize the instance
   become: yes
   command:
     cmd: slapadd -n 0 -F /etc/openldap/slapd.d/ -l /etc/openldap/config.ldif && chown -R ldap: /etc/openldap
     creates: /etc/openldap/slapd.d/cn=config

 - name: Ensure the service
   become: yes
   service:
     name: slapd
     state: restarted
     enabled: yes
Update for automated response around poorly behaving archlinux-keyring weekly timer; rename Sora role to Password 2024-03-07 12:27:21 -06:00			`---`
			`- name: Create the base config`
			`become: yes`
			`template:`
			`src: slapd.ldif`
			`dest: /etc/openldap/slapd.ldif`
			`owner: ldap`
			`group: ldap`
			`mode: 0640`

			`- name: Create the directories`
			`file:`
			`path: "{{ item }}"`
			`owner: ldap`
			`group: ldap`
			`mode: 0700`
			`loop:`
			`- /var/lib/openldap/openldap-data/`
			`- /etc/openldap`
			`- /etc/openldap/users.d`
			`- /etc/openldap/groups.d`
			`- /etc/openldap/slapd.d`

			`- name: Initialize the instance`
			`become: yes`
			`command:`
			`cmd: slapadd -n 0 -F /etc/openldap/slapd.d/ -l /etc/openldap/config.ldif && chown -R ldap: /etc/openldap`
			`creates: /etc/openldap/slapd.d/cn=config`

			`- name: Ensure the service`
			`become: yes`
			`service:`
			`name: slapd`
			`state: restarted`
			`enabled: yes`