---
- name: Install ldap packages
  ansible.builtin.apt:
    name: "{{ item }}"
    state: present
    update_cache: true
  loop:
    - ldap-utils
    - libnss-ldap
    - libpam-ldap
    - nslcd
    - nslcd-utils
    - pynslcd
    - slapd
    - sssd-ldap

- name: Copy ldap cert(s) into place
  ansible.builtin.copy:
    src: "{{ item }}"
    dest: "/etc/ldap/{{ item }}"
    owner: ldap
    group: ldap
    mode: 0440
  loop:
    - ca.pem
    - ldap.key
    - ldap.pem

- name: Copy ldap config into place
  ansible.builtin.copy:
    src: nslcd.conf
    dest: /etc/nslcd.conf
    owner: root
    group: root
    mode: 0600

- name: Enable services
  ansible.builtin.service:
    name: "{{ item }}"
    enabled: yes
  loop:
    - nslcd