xoxys.ldap_proxy/templates/etc/openldap/slapd.conf.j2

#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
### Schema includes ###########################################################
include         /etc/openldap/schema/corba.schema
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/duaconf.schema
include         /etc/openldap/schema/dyngroup.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/java.schema
include         /etc/openldap/schema/misc.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/openldap.schema
include         /etc/openldap/schema/ppolicy.schema
include         /etc/openldap/schema/collective.schema
{% for schema in ldap_proxy_custom_schemas %}
include         /etc/openldap/schema/{{ schema | basename }}
{% endfor %}

## Module paths ##############################################################
modulepath              /usr/lib64/openldap/
modulepath              /usr/lib64/openldap
moduleload              back_ldap
moduleload              rwm
moduleload              memberof.la

# Main settings ###############################################################
pidfile                 /var/run/openldap/slapd.pid
argsfile                /var/run/openldap/slapd.args

TLSCertificateFile      {{ ldap_proxy_tls_cert_path }}
TLSCertificateKeyFile   {{ ldap_proxy_tls_key_path }}
TLSCACertificateFile    {{ ldap_proxy_tls_ca_path }}
TLSCipherSuite          HIGH:MEDIUM:!aNULL:!MD5:!RC4
TLSProtocolMin          3.1

### Database definition (Proxy to AD) #########################################
database                ldap
{% if ldap_proxy_readonly_enabled %}
readonly                yes
{% endif %}
lastmod                 off
rebind-as-user
uri                     "{{ ldap_proxy_server }}"
suffix                  "{{ ldap_proxy_server_suffix }}"

overlay                 memberof

### ACL definition ############################################################
include                 "{{ ldap_proxy_acl_file }}"

### Logging ###################################################################
loglevel                {{ ldap_proxy_loglevel }}