Optimized LDAP_DN_BASE for hostname

2025-08-16 00:47:29 +02:00 · 2025-08-15 15:31:27 +02:00 · 2025-08-15 15:31:27 +02:00 · 411a1f8931
commit 411a1f8931
parent cc51629337
2 changed files with 9 additions and 11 deletions
--- a/group_vars/all/00_general.yml
+++ b/group_vars/all/00_general.yml
@ -28,9 +28,7 @@ WEB_PROTOCOL:           "https"       # Web protocol type. Use https or http. If
 WEB_PORT:               "{{ 443 if WEB_PROTOCOL == 'https' else 80 }}"  # Default port web applications will listen to

 # Domain
-PRIMARY_DOMAIN:         "localhost"                                                                                   # Primary Domain of the server
-PRIMARY_DOMAIN_TLD:     "{{ (PRIMARY_DOMAIN == 'localhost') | ternary('localhost', PRIMARY_DOMAIN.split('.')[-1]) }}" # Top Level Domain of the server
-PRIMARY_DOMAIN_SLD:     "{{ (PRIMARY_DOMAIN == 'localhost') | ternary('localhost', PRIMARY_DOMAIN.split('.')[-2]) }}" # Second Level Domain of the server
+PRIMARY_DOMAIN:         "localhost" # Primary Domain of the server

 # Server Tact Variables 

--- a/group_vars/all/13_ldap.yml
+++ b/group_vars/all/13_ldap.yml
@ -5,14 +5,14 @@

 # Helper Variables:
 # Keep in mind to mapp this variables if there is ever the possibility for the user to define them in the inventory
-LDAP_DN_BASE:                   "dc={{ PRIMARY_DOMAIN_SLD }},dc={{ PRIMARY_DOMAIN_TLD }}"
-_ldap_docker_network_enabled:   "{{ applications | get_app_conf('svc-db-openldap', 'network.docker') }}"
-_ldap_protocol:                 "{{ 'ldap' if _ldap_docker_network_enabled else 'ldaps' }}"
-_ldap_server_port:              "{{ ports.localhost[_ldap_protocol]['svc-db-openldap'] }}"
-_ldap_name:                     "{{ applications | get_app_conf('svc-db-openldap', 'docker.services.openldap.name') }}"
-_ldap_domain:                   "{{ PRIMARY_DOMAIN }}" # LDAP is jsut listening to a port not to a dedicated domain, so primary domain should be sufficient
-_ldap_user_id:                  "uid"
-_ldap_filters_users_all:        "(|(objectclass=inetOrgPerson))"
+LDAP_DN_BASE:                 "{{ PRIMARY_DOMAIN.split('.') | map('regex_replace', '^(.*)$', 'dc=\\1') | join(',') }}"
+_ldap_docker_network_enabled: "{{ applications | get_app_conf('svc-db-openldap', 'network.docker') }}"
+_ldap_protocol:               "{{ 'ldap' if _ldap_docker_network_enabled else 'ldaps' }}"
+_ldap_server_port:            "{{ ports.localhost[_ldap_protocol]['svc-db-openldap'] }}"
+_ldap_name:                   "{{ applications | get_app_conf('svc-db-openldap', 'docker.services.openldap.name') }}"
+_ldap_domain:                 "{{ PRIMARY_DOMAIN }}" # LDAP is jsut listening to a port not to a dedicated domain, so primary domain should be sufficient
+_ldap_user_id:                "uid"
+_ldap_filters_users_all:      "(|(objectclass=inetOrgPerson))"

 ldap:
  # Distinguished Names (DN)