feat: verification ldap schema

roles/usermanagement/files/verfication.schema

@@ -0,0 +1,23 @@
+ attributetype ( 1.2.6.1.4.1
+       NAME 'emailVerified'
+       EQUALITY booleanMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+       SINGLE-VALUE )
+
+ attributetype ( 1.2.6.1.4.2
+       NAME 'signalVerified'
+       EQUALITY booleanMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+       SINGLE-VALUE )
+
+ attributetype (  1.2.6.1.4.3
+       NAME 'phoneVerified'
+       EQUALITY booleanMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+       SINGLE-VALUE )
+
+objectclass (  1.2.6.1.4.100 NAME 'verfication'
+	DESC 'Class for various verification states'
+	SUP top
+    AUXILIARY
+	MAY ( emailVerified $ signalVerified $ phoneVerified ) )

roles/usermanagement/tasks/ldap.yaml

@@ -43,6 +43,22 @@
     state: started
     enabled: yes
 
+- name: LDAP master conf
+  template:
+    src: ldap.conf
+    dest: /etc/ldap/ldap.conf
+    owner: openldap
+  notify:
+    - restart slapd
+
+- name: LDAP extra schemas
+  copy:
+    src: verification.schema
+    dest: /etc/ldap/schema/verification.schema
+    owner: openldap
+  notify:
+    - restart slapd
+
 - meta: flush_handlers
 
 - name: Wait for LDAP to become ready
@@ -51,12 +67,6 @@
     timeout: 30
     delay: 5
 
-- name: LDAP (client) conf
-  template:
-    src: ldap.conf
-    dest: /etc/ldap/ldap.conf
-    owner: openldap
-
 - name: Create LDAP root (1)
   ldap_entry:
     dn: "{{ ldap_suffix }}"

roles/usermanagement/templates/slapd.conf

@@ -8,6 +8,7 @@ include /etc/ldap/schema/core.schema
 include /etc/ldap/schema/cosine.schema
 include /etc/ldap/schema/inetorgperson.schema
 include /etc/ldap/schema/nis.schema
+include /etc/ldap/schema/verification.schema
 
 database    bdb
 suffix      "{{ ldap_suffix }}"