From 07becb2a13ebefcd111bddb59bf2084dcf6b0362 Mon Sep 17 00:00:00 2001
From: Stefan Machmeier <stefan-machmeier@outlook.com>
Date: Fri, 14 Jun 2024 11:01:33 +0200
Subject: [PATCH] Add LDAP integration

---
 osvars/Debian.yml      |  1 +
 osvars/Ubuntu.yml      |  1 +
 tasks/perl-modules.yml |  4 ++++
 templates/auth.conf.j2 | 18 ++++++++++++++++++
 4 files changed, 24 insertions(+)

diff --git a/osvars/Debian.yml b/osvars/Debian.yml
index 7eb3bad..90dbb25 100644
--- a/osvars/Debian.yml
+++ b/osvars/Debian.yml
@@ -10,6 +10,7 @@ sympa_gettext_package: gettext
 sympa_openssldev_package: libssl-dev
 sympa_expatdev_package: libexpat1-dev
 sympa_xml2dev_package: libxml2-dev
+sympa_ldap_package: libnet-ldap-perl
 sympa_zlibdev_package: zlib1g-dev
 
 sympa_package_command: /usr/bin/sympa
diff --git a/osvars/Ubuntu.yml b/osvars/Ubuntu.yml
index 20e5f43..b69b1b6 100644
--- a/osvars/Ubuntu.yml
+++ b/osvars/Ubuntu.yml
@@ -9,6 +9,7 @@ sympa_cpanm_package: cpanminus
 sympa_openssldev_package: libssl-dev
 sympa_expatdev_package: libexpat1-dev
 sympa_xml2dev_package: libxml2-dev
+sympa_ldap_package: libnet-ldap-perl
 sympa_zlibdev_package: zlib1g-dev
 
 sympa_rsyslog_unix_user: syslog
diff --git a/tasks/perl-modules.yml b/tasks/perl-modules.yml
index d8b9ffb..72afa1c 100644
--- a/tasks/perl-modules.yml
+++ b/tasks/perl-modules.yml
@@ -23,6 +23,10 @@
   package:
     name: "{{ sympa_xml2dev_package }}"
 
+- name: Install LDAP library
+  package:
+    name: "{{ sympa_ldap_package }}"
+
 - name: Workaround for XML::LibXML installation problem on CentOS 7
   package:
     name: perl-XML-LibXML
diff --git a/templates/auth.conf.j2 b/templates/auth.conf.j2
index 66d413c..6005622 100644
--- a/templates/auth.conf.j2
+++ b/templates/auth.conf.j2
@@ -14,3 +14,21 @@
 user_table
 	regexp .*
 {% endif %}
+
+# LDAP
+{% if sympa_config_ldap is defined %}
+ldap
+    host                        {{ sympa_config_ldap.host}}
+    timeout                     {{ sympa_config_ldap.timeout | default('20') }}
+    bind_dn                     {{ sympa_config_ldap.bind_dn }}
+    bind_password               {{ sympa_config_ldap.bind_password }}
+    suffix                      {{ sympa_config_ldap.base_dn }}
+    get_dn_by_uid_filter        {{ sympa_config_ldap.get_dn_by_uid_filter }}
+    get_dn_by_email_filter      {{ sympa_config_ldap.get_dn_by_email_filter }}
+    alternative_email_attribute {{ sympa_config_ldap.alternative_email_attribute | default('mail') }}
+    email_attribute             {{ sympa_config_ldap.email_attribute | default('mail') }}
+    scope                       {{ sympa_config_ldap.scope | default('sub') }}
+    authentication_info_url     {{ sympa_config_ldap.authentication_info_url }}
+    use_tls                     {{ sympa_config_ldap.use_tls }}
+    ca_verify                   {{ sympa_config_ldap.ca_verify | default('none') }}
+{% endif %}
\ No newline at end of file