From e082523484c1a4752ddc531d0088337144e53593 Mon Sep 17 00:00:00 2001
From: Mark Janssen -- Sig-I/O Automatisering <mark@sig-io.nl>
Date: Wed, 14 May 2025 20:03:42 +0200
Subject: [PATCH] 389-ldap

---
 group_vars/ldap.yaml           | 4 ++++
 roles/389-ldap/tasks/main.yaml | 9 +++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 group_vars/ldap.yaml
 create mode 100644 roles/389-ldap/tasks/main.yaml

diff --git a/group_vars/ldap.yaml b/group_vars/ldap.yaml
new file mode 100644
index 0000000..53187b1
--- /dev/null
+++ b/group_vars/ldap.yaml
@@ -0,0 +1,4 @@
+---
+
+group_nft_input:
+  - "tcp dport { ldap, ldaps } accept # Allow LDAP traffic"
diff --git a/roles/389-ldap/tasks/main.yaml b/roles/389-ldap/tasks/main.yaml
new file mode 100644
index 0000000..eaf4383
--- /dev/null
+++ b/roles/389-ldap/tasks/main.yaml
@@ -0,0 +1,9 @@
+---
+
+- name: Install packages
+  ansible.builtin.apt:
+    state: present
+    pkg:
+      - 389-ds-base
+      - shelldap
+