#
# LDAP related stuff (Salt managed)
#

apply Service "ldaps" {
        import "generic-service"

	check_command = "ldap"

	vars.ldap_address = host.vars.ldap_fqdn
	vars.ldap_base = "dc=ffho,dc=net"
	vars.ldap_ssl = true
	vars.ldap_v3 = true

	assign where host.vars.ldap_fqdn && "ldap-master" in host.vars.roles
	assign where host.vars.ldap_fqdn && "ldap-replica" in host.vars.roles
}

apply Service "ldap_syncrepl_extended" {
        import "generic-service"

	check_command = "syncrepl_extended"

	vars.provider = "ldaps://ldap-master.srv.in.ffho.net"
	vars.consumer = "ldaps://" + host.vars.ldap_fqdn
	vars.base_dn = "dc=ffho,dc=net"
	vars.bind_dn = "uid=sync-check,ou=accounts,dc=ffho,dc=net"
	vars.bind_password = LdapSyncReplBindPassword

	assign where host.vars.ldap_fqdn && "ldap-replica" in host.vars.roles
}