small fixes and cleanups

tasks/setup.yml

@@ -8,6 +8,16 @@
         - openldap-servers
         - openldap-clients
 
+    - name: Ensure base directories exists at '{{ ldap_proxy_base_dir }}'
+      file:
+        path: "{{ item }}"
+        state: directory
+        owner: root
+        group: root
+      with_items:
+        - "{{ ldap_proxy_base_dir }}"
+        - "{{ ldap_proxy_acl_file | dirname }}"
+
     - name: Deploy environment file
       template:
         src: "etc/sysconfig/slapd.j2"
@@ -17,19 +27,19 @@
         mode: 0644
       notify:  __slapd_restart
 
-    - name: Deploy config file
+    - name: Deploy config file to '{{ ldap_proxy_base_dir }}/slapd.conf'
       template:
         src: "etc/openldap/slapd.conf.j2"
-        dest: "/etc/openldap/slapd.conf"
+        dest: "{{ ldap_proxy_base_dir }}/slapd.conf"
         owner: root
         group: root
         mode: 0644
       notify:  __slapd_restart
 
-    - name: Deploy access control file
+    - name: Deploy access control file '{{ ldap_proxy_acl_file }}'
       template:
         src: "etc/openldap/slapd.access.j2"
-        dest: "/etc/openldap/slapd.access"
+        dest: "{{ ldap_proxy_acl_file }}"
         owner: root
         group: root
         mode: 0644

templates/etc/openldap/slapd.access.j2

@@ -2,6 +2,6 @@
 {% for acl in ldap_proxy_acls %}
 access to {{ acl.access_to | join(' ') }}
 {% for item in acl.access_by %}
-    {{ item }}
+    by {{ item }}
 {% endfor %}
 {% endfor %}

templates/etc/openldap/slapd.conf.j2

@@ -40,7 +40,7 @@ rebind-as-user
 uri                     "{{ ldap_proxy_server }}"
 suffix                  "{{ ldap_proxy_server_suffix }}"
 
-### ACL definition #########################################
+### ACL definition ############################################################
 include                 "{{ ldap_proxy_acl_file }}"
 
 ### Logging ###################################################################