From f53a0cbcb2975a46ca8e0ab56388d1e0bbf205b5 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Fri, 9 Sep 2016 18:05:13 +0200
Subject: [PATCH] library/roles/smartgears/r_connector: install a list of
 packages needed to do ldap authentication via pam.

---
 smartgears/r_connector/defaults/main.yml | 22 ++++++++++++++++++++++
 smartgears/r_connector/tasks/main.yml    |  4 ++++
 2 files changed, 26 insertions(+)

diff --git a/smartgears/r_connector/defaults/main.yml b/smartgears/r_connector/defaults/main.yml
index 51e5d7ac..4f241dc6 100644
--- a/smartgears/r_connector/defaults/main.yml
+++ b/smartgears/r_connector/defaults/main.yml
@@ -10,3 +10,25 @@ r_connector_usershome: /home/
 r_connector_userconfig: userconfig.csv
 r_connector_adduserscript: /usr/local/bin/rusersadd
 r_connector_rstudio_cookie_key: /var/lib/rstudio-server/secure-cookie-key
+r_connector_deb_pkgs:
+  - ldap-utils
+  - nslcd
+  - libnss-ldapd
+  - libpam-ldapd
+  - nscd
+
+#   nslcd/ldap-bindpw: (password omitted)
+# * nslcd/ldap-base: dc=d4science,dc=org
+#   nslcd/ldap-sasl-mech:
+#   nslcd/ldap-sasl-realm:
+# * nslcd/ldap-reqcert: demand
+#   nslcd/ldap-sasl-authzid:
+#   nslcd/ldap-starttls: false
+#   nslcd/ldap-auth-type: none
+#   nslcd/ldap-sasl-krb5-ccname: /var/run/nslcd/nslcd.tkt
+#   nslcd/ldap-sasl-secprops:
+#   nslcd/ldap-sasl-authcid:
+# * nslcd/ldap-uris: ldaps://ldap.d4science.org/
+#   nslcd/ldap-binddn:
+# * libnss-ldapd/nsswitch: passwd
+#   libnss-ldapd/clean_nsswitch: false
diff --git a/smartgears/r_connector/tasks/main.yml b/smartgears/r_connector/tasks/main.yml
index 00dda471..54c67c04 100644
--- a/smartgears/r_connector/tasks/main.yml
+++ b/smartgears/r_connector/tasks/main.yml
@@ -28,6 +28,10 @@
       become: False
       template: src=rusersadd.j2 dest={{ r_connector_adduserscript }} owner=root group=root mode=0555
 
+    - name: Install the packages required to enable the LDAP PAM authentication
+      apt: pkg={{ item }} state=present update_cache=yes cache_valid_time=1800
+      with_items: '{{ r_connector_deb_pkgs }}'
+
   become: True
   become_user: '{{ smartgears_user }}'
   when: r_connector_install