Optimized openldap role

roles/svc-db-openldap/tasks/03_users.yml

@@ -4,7 +4,7 @@
 - name: Ensure LDAP users exist
   community.general.ldap_entry:
     dn:           "{{ ldap.user.attributes.id }}={{ item.key }},{{ ldap.dn.ou.users }}"
-    server_uri:   "{{ ldap_server_uri }}"
+    server_uri:   "{{ openldap_server_uri }}"
     bind_dn:      "{{ ldap.dn.administrator.data }}"
     bind_pw:      "{{ ldap.bind_credential }}"
     objectClass:  "{{ ldap.user.objects.structural }}"
@@ -30,7 +30,7 @@
 - name: Ensure required objectClass values and mail address are present
   community.general.ldap_attrs:
     dn: "{{ ldap.user.attributes.id }}={{ item.key }},{{ ldap.dn.ou.users }}"
-    server_uri: "{{ ldap_server_uri }}"
+    server_uri: "{{ openldap_server_uri }}"
     bind_dn: "{{ ldap.dn.administrator.data }}"
     bind_pw: "{{ ldap.bind_credential }}"
     attributes:
@@ -46,7 +46,7 @@
 - name: "Ensure container for application roles exists"
   community.general.ldap_entry:
     dn: "{{ ldap.dn.ou.roles }}"
-    server_uri: "{{ ldap_server_uri }}"
+    server_uri: "{{ openldap_server_uri }}"
     bind_dn:  "{{ ldap.dn.administrator.data }}"
     bind_pw:  "{{ ldap.bind_credential }}"
     objectClass: organizationalUnit

roles/svc-db-openldap/tasks/04_update.yml

@@ -1,6 +1,6 @@
 - name: Gather all users with their current objectClass list
   community.general.ldap_search:
-    server_uri: "{{ ldap_server_uri }}"
+    server_uri: "{{ openldap_server_uri }}"
     bind_dn:    "{{ ldap.dn.administrator.data }}"
     bind_pw:    "{{ ldap.bind_credential }}"
     dn:         "{{ ldap.dn.ou.users }}"
@@ -14,7 +14,7 @@
 
 - name: Add only missing auxiliary classes
   community.general.ldap_attrs:
-    server_uri: "{{ ldap_server_uri }}"
+    server_uri: "{{ openldap_server_uri }}"
     bind_dn:    "{{ ldap.dn.administrator.data }}"
     bind_pw:    "{{ ldap.bind_credential }}"
     dn:         "{{ item.dn }}"

roles/svc-db-openldap/tasks/ldifs_creation.yml

@@ -1,7 +1,7 @@
-- name: "Create LDIF files at {{ ldif_host_path }}{{ folder }}"
+- name: "Create LDIF files at {{ openldap_ldif_host_path }}{{ folder }}"
   template:
     src: "{{ item }}"
-    dest: "{{ ldif_host_path }}{{ folder }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
+    dest: "{{ openldap_ldif_host_path }}{{ folder }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
     mode: '770'
   loop: >-
     {{

roles/svc-db-openldap/tasks/main.yml

@@ -22,14 +22,14 @@
     name: "{{ applications | get_app_conf(application_id, 'network.name', True) }}"
     state: present
     ipam_config:
-      - subnet: "{{ networks.local['svc-db-openldap'].subnet }}"
+      - subnet: "{{ networks.local[application_id].subnet }}"
 
 - meta: flush_handlers
 
 - name: "Wait for LDAP to be available"
   wait_for:
     host: "127.0.0.1"
-    port: "{{ ports.localhost.ldap['svc-db-openldap'] }}"
+    port: "{{ ports.localhost.ldap[application_id] }}"
     delay: 5
     timeout: 120
     state: started
@@ -40,12 +40,12 @@
     - applications | get_app_conf(application_id, 'network.local', True)
     - applications | get_app_conf(application_id, 'provisioning.credentials', True)
 
-- name: "create directory {{ldif_host_path}}{{item}}"
+- name: "create directory {{openldap_ldif_host_path}}{{item}}"
   file:
-    path: "{{ldif_host_path}}{{item}}"
+    path: "{{openldap_ldif_host_path}}{{item}}"
     state: directory
     mode: 0755
-  loop: "{{ldif_types}}"
+  loop: "{{openldap_ldif_types}}"
 
 - name: "Import LDIF Configuration"
   include_tasks: ldifs_creation.yml

roles/svc-db-openldap/tasks/schemas/nextcloud.yml

@@ -13,9 +13,9 @@
       - "( 1.3.6.1.4.1.99999.2 NAME 'nextcloudUser' DESC 'Auxiliary class for Nextcloud attributes' AUXILIARY MAY ( {{ ldap.user.attributes.nextcloud_quota }} ) )"
   command: >
     ldapsm
-      -s {{ ldap_server_uri }}
-      -D '{{ ldap_bind_dn }}'
-      -W '{{ ldap_bind_pw }}'
+      -s {{ openldap_server_uri }}
+      -D '{{ openldap_bind_dn }}'
+      -W '{{ openldap_bind_pw }}'
       -n {{ schema_name }}
       {% for at in attribute_defs %}
       -a "{{ at }}"

roles/svc-db-openldap/tasks/schemas/openssh_lpk.yml

@@ -21,9 +21,9 @@
 
   command: >
     ldapsm
-      -s {{ ldap_server_uri }}
-      -D '{{ ldap_bind_dn }}'
-      -W '{{ ldap_bind_pw }}'
+      -s {{ openldap_server_uri }}
+      -D '{{ openldap_bind_dn }}'
+      -W '{{ openldap_bind_pw }}'
       -n {{ schema_name }}
       {% for at in attribute_defs %}
       -a "{{ at }}"