From 68d903e31c316d6e775f9b30ca4c6c0356261865 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Sun, 19 Sep 2021 19:19:41 +0000
Subject: [PATCH] ldap-server: Autodetect ldap data directory

---
 host_vars/ldap01.home.foo.sh.yml    |  1 -
 roles/ldap-server/defaults/main.yml |  3 ++-
 roles/ldap-server/tasks/main.yml    | 10 ++++++++--
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/host_vars/ldap01.home.foo.sh.yml b/host_vars/ldap01.home.foo.sh.yml
index 97d238e..f10956d 100644
--- a/host_vars/ldap01.home.foo.sh.yml
+++ b/host_vars/ldap01.home.foo.sh.yml
@@ -7,5 +7,4 @@ network_interfaces:
 datadisks:
   - 10
 
-ldap_datadir: /export/ldap
 ldap_master: true
diff --git a/roles/ldap-server/defaults/main.yml b/roles/ldap-server/defaults/main.yml
index f0092d2..b62db2b 100644
--- a/roles/ldap-server/defaults/main.yml
+++ b/roles/ldap-server/defaults/main.yml
@@ -1,4 +1,5 @@
 ---
 ldap_server_cert: "{% if ldap_master is defined %}ldap01.foo.sh{% else %}\
  ldap.foo.sh{% endif %}"
-ldap_datadir: /srv/ldap
+ldap_datadir: "{% if ansible_local['export'] %}/export/ldap{% else %}/srv/ldap{% endif %}"
+ldap_backupdir: "{% if ansible_local['export'] %}/export/backup{% else %}/srv/backup{% endif %}"
diff --git a/roles/ldap-server/tasks/main.yml b/roles/ldap-server/tasks/main.yml
index 6e39073..0203a5d 100644
--- a/roles/ldap-server/tasks/main.yml
+++ b/roles/ldap-server/tasks/main.yml
@@ -12,6 +12,7 @@
   sefcontext:
     path: "{{ ldap_datadir }}(/.*)?"
     setype: slapd_db_t
+
 - name: create ldap data directory
   file:
     path: "{{ ldap_datadir }}"
@@ -21,6 +22,7 @@
     group: ldap
     seuser: _default
     setype: _default
+
 - name: link ldap data directory
   file:
     path: /srv/ldap
@@ -34,17 +36,18 @@
 - import_role:
     name: sftpuser
   vars:
-    chroot: /export/backup
+    chroot: /srv/backup
     user: backup
     publickeys: "{{ backup_publickeys }}"
 
 - name: create backup directory
   file:
-    path: /export/backup
+    path: "{{ ldap_backupdir }}"
     state: directory
     mode: 0750
     owner: root
     group: backup
+
 - name: link backup directory
   file:
     path: /srv/backup
@@ -53,6 +56,8 @@
     owner: root
     group: "{{ ansible_wheel }}"
     follow: false
+  when: ldap_backupdir != "/srv/backup"
+
 - name: copy backup script
   copy:
     dest: /usr/local/sbin/ldap-backup
@@ -60,6 +65,7 @@
     mode: 0755
     owner: root
     group: "{{ ansible_wheel }}"
+
 - name: create backup cron job
   cron:
     name: ldap-backup