kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-12-02 15:39:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor user variable name from OPERNLDAP_USERS to OPENLDAP_USERS and add dynamic state handling for objectClass cleanup.

Browse Source 
See conversation: https://chatgpt.com/share/692cab28-1ce0-800f-81da-712c8ea08e5c
This commit is contained in:
Kevin Veen-Birkenbach
2025-11-30 21:38:16 +01:00
parent 0cb9b08e8f
commit 8008afe0de
3 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/svc-db-openldap/tasks/03_users.yml
View File

@@ -20,7 +20,7 @@
state: present # ↳ creates but never updates state: present # ↳ creates but never updates
async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}" async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}"
poll: "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}" poll: "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}"
loop: "{{ OPERNLDAP_USERS | dict2items }}" loop: "{{ OPENLDAP_USERS | dict2items }}"
loop_control: loop_control:
label: "{{ item.key }}" label: "{{ item.key }}"
@@ -36,10 +36,10 @@
attributes: attributes:
objectClass: "{{ LDAP.USER.OBJECTS.STRUCTURAL }}" objectClass: "{{ LDAP.USER.OBJECTS.STRUCTURAL }}"
mail: "{{ item.value.email }}" mail: "{{ item.value.email }}"
state: exact state: "{{ 'exact' if MODE_CLEANUP else 'present' }}"
async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}" async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}"
poll: "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}" poll: "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}"
loop: "{{ OPERNLDAP_USERS | dict2items }}" loop: "{{ OPENLDAP_USERS | dict2items }}"
loop_control: loop_control:
label: "{{ item.key }}" label: "{{ item.key }}"

2
roles/svc-db-openldap/templates/ldif/groups/01_rbac_roles.ldif.j2
View File

@@ -1,4 +1,4 @@
{% for dn, entry in (applications | build_ldap_role_entries(OPERNLDAP_USERS, LDAP)).items() %} {% for dn, entry in (applications | build_ldap_role_entries(OPENLDAP_USERS, LDAP)).items() %}
dn: {{ dn }} dn: {{ dn }}
{% for oc in entry.objectClass %} {% for oc in entry.objectClass %}

2
roles/svc-db-openldap/vars/main.yml
View File

@@ -36,4 +36,4 @@ OPENLDAP_PROVISION_UPDATE: "{{ applications | get_app_conf(application_id
OPENLDAP_PROVISION_RESERVED: "{{ applications | get_app_conf(application_id, 'provision.reserved') }}" OPENLDAP_PROVISION_RESERVED: "{{ applications | get_app_conf(application_id, 'provision.reserved') }}"
# Users to be processed by LDAP # Users to be processed by LDAP
OPERNLDAP_USERS: "{{ users if OPENLDAP_PROVISION_RESERVED else users | non_reserved_users }}" OPENLDAP_USERS: "{{ users if OPENLDAP_PROVISION_RESERVED else users | non_reserved_users }}"