- name: Load memberof module from file in OpenLDAP container
  shell: >
    docker exec -i openldap ldapmodify -Y EXTERNAL -H ldapi:/// -f {{ldif_docker_path}}01_member_of_configuration.ldif
  listen: "Import LDIF files"
  ignore_errors: true # @todo check if this works

- name: Refint Module Activation for OpenLDAP
  shell: >
    docker exec -i openldap ldapadd -Y EXTERNAL -H ldapi:/// -f {{ldif_docker_path}}02_member_of_configuration.ldif
  listen: "Import LDIF files"
  register: ldapadd_result
  failed_when: ldapadd_result.rc not in [0, 68]
  ignore_errors: true # @todo check if this works

- name: Refint Overlay Configuration for OpenLDAP
  shell: >
    docker exec -i openldap modify -Y EXTERNAL -H ldapi:/// -f {{ldif_docker_path}}02_member_of_configuration.ldif
  listen: "Import LDIF files"
  register: ldapadd_result
  failed_when: ldapadd_result.rc not in [0, 68]
  ignore_errors: true # @todo check if this works

- name: "Import users, groups, etc. to LDAP"
  shell: >
    docker exec -i openldap ldapadd -x -D "{{ldap.dn.bind}}" -w "{{ldap.bind_credential}}" -c -f "{{ldif_docker_path}}/import/{{ item | basename | regex_replace('\\.j2$', '') }}"
  register: ldapadd_result
  changed_when: "'adding new entry' in ldapadd_result.stdout"
  # Allow return code 0 (all entries added) or 68 (entry already exists)
  failed_when: ldapadd_result.rc not in [0, 68]
  listen: "Import LDIF files"
  ignore_errors: true
  loop: "{{ lookup('fileglob', role_path ~ '/templates/ldif/import/*.j2', wantlist=True) }}"