Optimized ldap integration

roles/docker-funkwhale/templates/env.j2

@@ -109,8 +109,8 @@ DJANGO_SECRET_KEY={{funkwhale_django_secret}}
 
 LDAP_ENABLED        =   True
 LDAP_SERVER_URI     =   "{{ldap.server.uri}}"
-LDAP_BIND_DN        =   "{{ldap.dn.administrator}}"
-LDAP_BIND_PASSWORD  =   "{{applications.ldap.administrator_database_password}}"
+LDAP_BIND_DN        =   "{{ldap.dn.bind}}"
+LDAP_BIND_PASSWORD  =   "{{ldap.dn.bind_credential}}"
 LDAP_SEARCH_FILTER  =   "(|(cn={0})(mail={0}))"
 LDAP_START_TLS      =   False
 LDAP_ROOT_DN        =   "{{ldap.dn.root}}"

roles/docker-keycloak/templates/realm-export.json.j2

@@ -1941,7 +1941,7 @@
             "true"
           ],
           "bindCredential": [
-            "**********"
+            "{{ldap.bind_credential}}"
           ],
           "changedSyncPeriod": [
             "-1"
@@ -1950,7 +1950,7 @@
             "uid"
           ],
           "bindDn": [
-            "{{ldap.dn.administrator}}"
+            "{{ldap.dn.bind}}"
           ],
           "lastSync": [
             "1737578007"
@@ -1965,7 +1965,7 @@
             "false"
           ],
           "connectionUrl": [
-            "ldap://openldap"
+            "{{ldap.dn.server.uri}}"
           ],
           "syncRegistrations": [
             "true"

roles/docker-ldap/handlers/main.yml

@@ -19,7 +19,7 @@
 
 - name: "Import Access Roles to OpenLDAP"
   shell: >
-    docker exec -i openldap ldapadd -x -D "{{ldap.dn.administrator}}" -w "{{applications.ldap.administrator_database_password}}" -c -f "{{ldif_docker_path}}04_access_profiles.ldif"
+    docker exec -i openldap ldapadd -x -D "{{ldap.dn.bind}}" -w "{{ldap.dn.bind_credential}}" -c -f "{{ldif_docker_path}}04_access_profiles.ldif"
   register: ldapadd_result
   changed_when: "'adding new entry' in ldapadd_result.stdout"
   # Allow return code 0 (all entries added) or 68 (entry already exists)

roles/docker-ldap/templates/docker-compose.yml.j2

@@ -34,7 +34,7 @@ services:
       - '{{ldif_host_path}}:{{ldif_docker_path}}:ro'                      # Mounting all ldif files for import
     healthcheck:
       test: >
-        ldapsearch -x -H ldap://localhost:{{ldap_docker_port}} -b "{{ldap.dn.root}}" -D "{{ldap.dn.administrator}}" -w "{{applications.ldap.administrator_database_password}}"
+        ldapsearch -x -H ldap://localhost:{{ldap_docker_port}} -b "{{ldap.dn.root}}" -D "{{ldap.dn.bind}}" -w "{{ldap.dn.bind_credential}}"
       interval: 30s
       timeout: 10s
       retries: 3

roles/docker-ldap/templates/env.j2

@@ -12,7 +12,7 @@ LDAP_PASSWORDS=             ' '                             # Comma separated li
 LDAP_ROOT=                  {{ldap.dn.root}}                # LDAP baseDN (or suffix) of the LDAP tree. Default: dc=example,dc=org
 
 ## Admin
-LDAP_ADMIN_DN=              {{ldap.dn.administrator}}       # Not well documented. Don't know if this has an effect
+LDAP_ADMIN_DN=              {{ldap.dn.bind}}
 LDAP_CONFIG_ADMIN_ENABLED=  yes
 LDAP_CONFIG_ADMIN_USERNAME= {{applications.ldap.administrator_username}}
 LDAP_CONFIG_ADMIN_PASSWORD= {{applications.ldap.administrator_password}}

roles/docker-ldap/templates/lam.env.j2

@@ -9,5 +9,5 @@ LAM_CONFIGURATION_DATABASE= files
 # LDAP Configuration
 LDAP_SERVER=                {{ldap.server.domain}}                                  # domain of LDAP database root entry
 LDAP_BASE_DN=               {{ldap.dn.root}}                                        # LDAP base DN to overwrite value generated by LDAP_DOMAIN
-LDAP_USER=                  {{ldap.dn.administrator}}                               # LDAP admin user (set as login user for LAM)
-LDAP_ADMIN_PASSWORD=        {{applications.ldap.administrator_database_password}}   # LDAP admin password
+LDAP_USER=                  {{ldap.dn.bind}}                                        # LDAP admin user (set as login user for LAM)
+LDAP_ADMIN_PASSWORD=        {{ldap.dn.bind_credential}}                             # LDAP admin password