From 6bce31ab19da86bc43fa3c8b7c1ca65a8aa691f2 Mon Sep 17 00:00:00 2001
From: Juan Ferrer Toribio <juan@verdnatura.es>
Date: Wed, 2 Oct 2024 13:34:54 +0200
Subject: [PATCH] refs #8025 Fix: Get NSLCD password from Passbolt

---
 inventories/group_vars/all.yml          | 2 ++
 playbooks/passbolt.yml                  | 3 ---
 roles/debian-guest/templates/nslcd.conf | 2 +-
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/inventories/group_vars/all.yml b/inventories/group_vars/all.yml
index c53863f..d14f1d3 100644
--- a/inventories/group_vars/all.yml
+++ b/inventories/group_vars/all.yml
@@ -1,4 +1,6 @@
 ansible_host: "{{inventory_hostname_short}}.{{host_domain}}"
+passbolt: 'anatomicjc.passbolt.passbolt'
+passbolt_inventory: 'anatomicjc.passbolt.passbolt_inventory'
 sysadmin_mail: sysadmin@verdnatura.es
 sysadmin_group: sysadmin
 smtp_server: smtp.verdnatura.es
diff --git a/playbooks/passbolt.yml b/playbooks/passbolt.yml
index 4412a1c..698704a 100644
--- a/playbooks/passbolt.yml
+++ b/playbooks/passbolt.yml
@@ -1,9 +1,6 @@
 - name: Fetch passbolt password
   hosts: all
   gather_facts: no
-  vars:
-    passbolt: 'anatomicjc.passbolt.passbolt'
-    passbolt_inventory: 'anatomicjc.passbolt.passbolt_inventory'
   tasks:
   - debug:
       msg: "Password: {{ lookup(passbolt, 'test').password }}"
diff --git a/roles/debian-guest/templates/nslcd.conf b/roles/debian-guest/templates/nslcd.conf
index ba36843..a204607 100644
--- a/roles/debian-guest/templates/nslcd.conf
+++ b/roles/debian-guest/templates/nslcd.conf
@@ -8,7 +8,7 @@ idle_timelimit 60
 
 base {{ ldap_base }}
 binddn cn=nss,ou=admins,{{ ldap_base }}
-bindpw {{ nslcd_password }}
+bindpw {{ lookup(passbolt, 'nslcd').password }}
 pagesize 500
 
 filter group (&(objectClass=posixGroup)(cn={{ sysadmin_group }}))