---
- name: Install slapd
  apt:
    name:
      - ldap-utils
      - libio-socket-ssl-perl
      - slapd
    update_cache: true
    install_recommends: false
  register: apt_result
  retries: 3
  until: apt_result is succeeded

- name: Check if installation was done
  stat:
    path: /root/.delete_me_to_reset_ldap_configuration
  register: installation

- name: Stop slapd
  when: not installation.stat.exists
  systemd:
    name: slapd
    state: stopped

- name: Delete old slapd configuration and data
  when: not installation.stat.exists
  file:
    path: '{{ item }}'
    state: absent
  loop:
    - /etc/ldap/slapd.d
    - /var/lib/ldap

- name: Create slapd configuration and data directory
  file:
    path: '{{ item }}'
    state: directory
    owner: openldap
    group: openldap
    mode: 0700
  loop:
    - /etc/ldap/slapd.d
    - /var/lib/ldap

- name: Copy ldiff files
  template:
    src: 'ldap/{{ item }}.ldiff.j2'
    dest: '/tmp/{{ item }}.ldiff'
    owner: openldap
    group: openldap
    mode: 0600
  loop:
    - db
    - schema
    - consumer_simple_sync

- name: Initialize re2o-ldap schema
  when: not installation.stat.exists
  shell: slapadd -n 0 -l /tmp/schema.ldiff -F /etc/ldap/slapd.d/
  become_user: openldap

- name: Initialize re2o-ldap database
  when: not installation.stat.exists
  shell: slapadd -n 1 -l /tmp/db.ldiff
  become_user: openldap

- name: Start slapd
  when: not installation.stat.exists
  systemd:
    name: slapd
    state: started

- name: Enable data replication
  when: not installation.stat.exists
  shell: ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /tmp/consumer_simple_sync.ldiff

- name: Touch installation marker
  when: not installation.stat.exists
  file:
    path: /root/.delete_me_to_reset_ldap_configuration
    state: touch
    owner: root
    group: root
    mode: 0600