---
# Install LDAP client packages
- name: Install LDAP client packages
  apt:
    update_cache: true
    name:
      - libnss-ldapd
    state: present
  register: apt_result
  retries: 3
  until: apt_result is succeeded

# Configure /etc/nslcd.conf
- name: Configure nslcd
  template:
    src: nslcd.conf.j2
    dest: /etc/nslcd.conf
    mode: 0600
  notify: Restart nslcd service

# Configure /etc/nsswitch.conf
- name: Configure NSS to use LDAP
  lineinfile:
    dest: /etc/nsswitch.conf
    regexp: "^{{ item }}:"
    line: "{{ item }}:         files systemd ldap"
  loop:
    - passwd
    - group
  notify: Restart nslcd service

- name: Configure NSS to use LDAP
  lineinfile:
    dest: /etc/nsswitch.conf
    regexp: "^{{ item }}:"
    line: "{{ item }}:         files ldap"
  loop:
    - shadow
    - networks
  notify: Restart nslcd service

- name: Configure NSS to use LDAP
  lineinfile:
    dest: /etc/nsswitch.conf
    regexp: "^{{ item }}:"
    line: "{{ item }}:         files ldap dns"
  loop:
    - hosts
  notify: Restart nslcd service