conf nslcd

linux/base-config-debian/roles/base-config-debian-os/handlers/main.yaml

@@ -4,3 +4,9 @@
   service:
     name: "{{ exim_daemon }}"
     state: restarted
+
+# restart nslcd service to apply changes
+- name: restart nslcd
+  service:
+    name: "{{ nslcd_daemon }}"
+    state: restarted

linux/base-config-debian/roles/base-config-debian-os/tasks/main.yaml

@@ -166,9 +166,26 @@
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 # configure centralized authentication [nslcd]
 # paso1 - Copy
-
+- name: copy file nslcd.conf
+  copy:
+    src: nslcd.conf
+    dest: /etc/nslcd.conf
+    owner: root
+    group: nslcd
+    mode: '0640'
+    backup: yes
+#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   
 # paso2 - lineinfile password with vault
-
+- name: add password with ansible vault to file nslcd.conf
+  lineinfile:
+    dest: /etc/nslcd.conf
+    regexp: "{{item.regexp}}"
+    line: "{{item.line}}"
+    state: present
+  with_items: 
+    - regexp: "^bindpw"
+      line: "bindpw {{ x }}"
+  notify: restart nslcd
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
@@ -180,12 +197,11 @@
       set superusers="{{ user_grub }}"
       password_pbkdf2 {{ user_grub }} {{ code_grub }}
   register: grub_register
-
+#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 # update grub
 - name: update grub config
   command: update-grub
   when: grub_register.changed
-
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

linux/base-config-debian/roles/base-config-debian-os/vars/main.yaml

@@ -2,4 +2,12 @@
 exim_configuration_file: /etc/exim4/update-exim4.conf.conf
 exim_daemon: exim4
 user_grub: admin
-code_grub: grub.pbkdf2.sha512.10000.C91C8756466E7DB535C77DB7FBDBF3D33A39A0712DE3A9AFD38BE2229139E86F23C4E007E6B76DDFDBBE4B2B32764B4EFFECF208C70BA9FECC6BB3FF68A6BA05.8EA3857B795AF29FF5C6E003E31EC4D79B84813175C7A56A8A12F3F30A19B501D7127C0307277FB37073EE0246BCFDA9BD4EDDC3A1EE8176D25CD37B7FB07AF7
+code_grub: grub.pbkdf2.sha512.10000.C91C8756466E7DB535C77DB7FBDBF3D33A39A0712DE3A9AFD38BE2229139E86F23C4E007E6B76DDFDBBE4B2B32764B4EFFECF208C70BA9FECC6BB3FF68A6BA05.8EA3857B795AF29FF5C6E003E31EC4D79B84813175C7A56A8A12F3F30A19B501D7127C0307277FB37073EE0246BCFDA9BD4EDDC3A1EE8176D25CD37B7FB07AF7
+nslcd_daemon: nslcd
+bindpw_password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          30343461633538323832316231383362626636653864353535346461353937313131336135396162
+          3866623238353638323961363239373236393339333134380a313561363030306165393965396234
+          65316535626434333331633438613639633163643765633064363833303461363834653864646464
+          3133313233353730620a343536316266393637623563313563613332646630643632366439343764
+          30383935303161646339393361393130613266663337373364626635646430326465