fix and test ansible vault passwd ldap

roles/config-freeradius-totp/files/ldap

@@ -1,8 +1,7 @@
-{% raw %}
 ldap {
 	server = 'ldap.verdnatura.es'
 	identity = 'cn=admin,dc=verdnatura,dc=es'
-	password = {{ bindradiusldap_password }}
+	password = blablabla
 	base_dn = 'dc=verdnatura,dc=es'
 	user_dn = "LDAP-UserDn"
 	update {
@@ -59,4 +58,3 @@ ldap {
 		idle_timeout = 60
 	}
 }
-{% endraw %}

roles/config-freeradius-totp/tasks/main.yaml

@@ -45,14 +45,33 @@
 
 # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 # config default file /etc/freeradius/3.0/mods-available/ldap
-- name: config ldap file
-  ansible.builtin.template:
-    src: ldap.j2
+#- name: config ldap file
+#  ansible.builtin.template:
+#    src: ldap.j2
+#    dest: "{{ freeradius_mod_ldap }}"
+#    owner: freerad
+#    group: freerad
+#    mode: '0640'
+#    backup: yes
+# paso1 - copy
+- name: copy file ldap
+  copy:
+    src: ldap
     dest: "{{ freeradius_mod_ldap }}"
     owner: freerad
     group: freerad
     mode: '0640'
     backup: yes
+# paso2 - lineinfile password with vault
+- name: add password with ansible vault to file ldap
+  lineinfile:
+    dest: "{{ freeradius_mod_ldap }}"
+    regexp: "{{item.regexp}}"
+    line: "{{item.line}}"
+    state: present
+  with_items: 
+    - regexp: "^	password ="
+      line: "	password = {{ bindradiusldap_password }}"
 # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
 # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++