From 6ba80c468f57f886d418ff91adc2c1023b525dd3 Mon Sep 17 00:00:00 2001
From: David Coutadeur <david.coutadeur@worteks.com>
Date: Tue, 3 Dec 2024 18:38:13 +0100
Subject: [PATCH] update ansible role for compatibility with OpenLDAP 2.5 (#16)

---
 README.md                                  | 6 ++++++
 defaults/main.yml                          | 5 ++++-
 tasks/ldaptoolbox-repository.yml           | 2 +-
 templates/var/backups/openldap/config.ldif | 3 +++
 4 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index b12696b..b8eb292 100644
--- a/README.md
+++ b/README.md
@@ -73,6 +73,12 @@ If you want the certificates to be deployed by ansible, you can enable it by add
 ldaptoolbox_openldap_deploy_certificates: true
 ```
 
+You can also configure the OpenLDAP version to install. Currently, only 2.5 and 2.6 are supported. The default is 2.6. You can change this in your playbook with:
+
+```
+ldaptoolbox_openldap_version: "2.5"
+```
+
 
 Give a look at `playbook/group_vars/prod.yml`, `playbook/host_vars/master1.yml` and `playbook/host_vars/master2.yml` for variable customization
 You can also use `--extra-vars variable=value` at the command line for overloading any variable.
diff --git a/defaults/main.yml b/defaults/main.yml
index 2344d35..ac5589a 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -3,6 +3,9 @@
 # Defaults variables for OpenLDAP role
 ################################################################################
 
+# default OpenLDAP version
+ldaptoolbox_openldap_version: "2.6"
+
 # Deploy certificate
 ldaptoolbox_openldap_deploy_certificates: false
 
@@ -12,7 +15,7 @@ ldaptoolbox_openldap_apt_key_url: "https://ltb-project.org/documentation/_static
 ldaptoolbox_openldap_apt_key_id: "3FC3FD92ABA3975D2BEB95A70AC51F926D45BFC5"
 ldaptoolbox_openldap_apt_repo_filename: "ltb-project-openldap"
 ldaptoolbox_openldap_apt_keyrings_path: /usr/share/keyrings
-ldaptoolbox_openldap_apt_repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project-openldap.gpg] http://ltb-project.org/debian/openldap26/bookworm bookworm main"
+ldaptoolbox_openldap_apt_repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project-openldap.gpg] http://ltb-project.org/debian/openldap{{ '25' if ldaptoolbox_openldap_version == '2.5' else '26' }}/bookworm bookworm main"
 ldaptoolbox_openldap_apt_validate_certs: "true"
 
 # Packages
diff --git a/tasks/ldaptoolbox-repository.yml b/tasks/ldaptoolbox-repository.yml
index 007d36d..ec55bfe 100755
--- a/tasks/ldaptoolbox-repository.yml
+++ b/tasks/ldaptoolbox-repository.yml
@@ -35,7 +35,7 @@
       content: |
         [ltb-project]
         name=LTB project packages
-        baseurl=https://ltb-project.org/rpm/openldap26/$releasever/$basearch
+        baseurl=https://ltb-project.org/rpm/openldap{{ '25' if ldaptoolbox_openldap_version == '2.5' else '26' }}/$releasever/$basearch
         enabled=1
         gpgcheck=1
         gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project-security
diff --git a/templates/var/backups/openldap/config.ldif b/templates/var/backups/openldap/config.ldif
index ac53b3d..cbaad06 100644
--- a/templates/var/backups/openldap/config.ldif
+++ b/templates/var/backups/openldap/config.ldif
@@ -21,9 +21,12 @@ olcIndexHash64: FALSE
 olcIndexIntLen: 4
 olcListenerThreads: 1
 olcLocalSSF: 71
+{% if ldaptoolbox_openldap_version == '2.5' %}
+{% else %}
 olcLogFile: {{ ldaptoolbox_openldap_olcLogFile }}
 olcLogFileOnly: TRUE
 olcLogFileRotate: {{ ldaptoolbox_openldap_olcLogFileRotate }}
+{% endif %}
 olcLogLevel: {{ ldaptoolbox_openldap_olcLogLevel }}
 olcMaxFilterDepth: 1000
 olcPidFile: /usr/local/openldap/var/run/slapd.pid