From 610b7967633b424a1bd4f23f1ad5600fb1337624 Mon Sep 17 00:00:00 2001
From: transcaffeine <transcaffeine@finally.coffee>
Date: Tue, 6 May 2025 23:22:50 +0200
Subject: [PATCH] feat: add playbook for managing LDAP directory contents

---
 playbooks/ldap.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 playbooks/ldap.yml

diff --git a/playbooks/ldap.yml b/playbooks/ldap.yml
new file mode 100644
index 0000000..d7b4fed
--- /dev/null
+++ b/playbooks/ldap.yml
@@ -0,0 +1,21 @@
+---
+- name: Configure LDAP directory information tree
+  hosts: "{{ ldap_hosts | default('ldap') }}"
+  become: "{{ ldap_become | default(false) }}"
+  gather_facts: "{{ ldap_gather_facts | default(false) }}"
+  vars:
+    _state: "{{ ldap_state | default('present') }}"
+    _ldap_bind_info: &ldap_bind_info
+      server_uri: "{{ ldap_server_uri }}"
+      bind_dn: "{{ ldap_bind_dn }}"
+      bind_pw: "{{ ldap_bind_pw }}"
+  tasks:
+    - name: Ensure org units in '{{ ldap_base_dn }}' are {{ _state }}
+      community.general.ldap_entry:
+        <<: *ldap_bind_info
+        dn: "ou={{ org_unit }},{{ ldap_base_dn }}"
+        objectClass: "organizationalUnit"
+        state: "{{ _state }}"
+      loop: "{{ ldap_org_units | default([], true) }}"
+      loop_control:
+        loop_var: org_unit