From 3a23707fd32253a71cb2220777434df0f2e6f3d8 Mon Sep 17 00:00:00 2001
From: Sheppy <sheppy@atlantishq.de>
Date: Sun, 22 Dec 2024 23:29:14 +0000
Subject: [PATCH] fix: template ldap root pw

---
 group_vars/all.yaml                       | 1 +
 roles/usermanagement/templates/slapd.conf | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/group_vars/all.yaml b/group_vars/all.yaml
index 64dc886..74b5bbb 100644
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@@ -57,6 +57,7 @@ ntfy_push_target: https://push.atlantishq.de
 ntfy_api_access_token: HISTORY_PURGED_SECRET
 
 ldap_password: flanigan
+ldap_root_pw: HISTORY_PURGED_SECRET
 ldap_dc: "atlantishq"
 ldap_org: "atlantishq de"
 ldap_suffix: "dc=atlantishq,dc=de"
diff --git a/roles/usermanagement/templates/slapd.conf b/roles/usermanagement/templates/slapd.conf
index d83caf0..bfa2e7e 100644
--- a/roles/usermanagement/templates/slapd.conf
+++ b/roles/usermanagement/templates/slapd.conf
@@ -13,7 +13,7 @@ include /etc/ldap/schema/verification.schema
 database    mdb
 suffix      "{{ ldap_suffix }}"
 rootdn      "{{ ldap_bind_dn }}"
-rootpw      {SSHA}HISTORY_PURGED_SECRET
+rootpw      {SSHA}{{ ldap_root_pw }}
 
 #TLSCACertificateFile  /etc/ssl/certs/ca-certificates.crt
 #TLSCertificateFile    /etc/letsencrypt/live/ldap.atlantishq.de/cert.pem