From 1a4aec1b661b36f9ce9dd2ed709efdbf000492ef Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Tue, 28 May 2019 21:16:47 +0300
Subject: [PATCH] use variables for server settings and move from self signed
 cert to real ones

---
 roles/ldap/client/templates/ldap.conf.j2 | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/ldap/client/templates/ldap.conf.j2 b/roles/ldap/client/templates/ldap.conf.j2
index b506f12..7df7756 100644
--- a/roles/ldap/client/templates/ldap.conf.j2
+++ b/roles/ldap/client/templates/ldap.conf.j2
@@ -1,5 +1,6 @@
 
-BASE dc=foo,dc=sh
-URI ldaps://ldap01.home.foo.sh
+BASE {{ ldap_basedn }}
+URI {% for item in ldap_server %}ldaps://{{ item }} {% endfor %}
 
-TLS_CACERT {{ tls_certs }}/ca.crt
+TLS_CACERT {{ tls_certs }}/cert.pem
+TLS_REQCERT demand