From 10bcd7ca650703221047182765157aea9afe40f0 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Sat, 3 Mar 2018 20:24:03 +0100
Subject: [PATCH] Add parameters to the r_connector nslcd template so that we
 can choose the tls connection type

---
 smartgears/r_connector/defaults/main.yml       | 3 +++
 smartgears/r_connector/templates/nslcd.conf.j2 | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/smartgears/r_connector/defaults/main.yml b/smartgears/r_connector/defaults/main.yml
index a33b5b71..3d02f533 100644
--- a/smartgears/r_connector/defaults/main.yml
+++ b/smartgears/r_connector/defaults/main.yml
@@ -28,3 +28,6 @@ r_connector_ldap_map_common:
   - common-password
   - common-session
   - common-session-noninteractive
+
+r_connector_ssl: on 
+r_connector_tls_reqcert: demand 
\ No newline at end of file
diff --git a/smartgears/r_connector/templates/nslcd.conf.j2 b/smartgears/r_connector/templates/nslcd.conf.j2
index 0b6ebfb5..43c83a18 100644
--- a/smartgears/r_connector/templates/nslcd.conf.j2
+++ b/smartgears/r_connector/templates/nslcd.conf.j2
@@ -25,8 +25,8 @@ tls_cacertfile {{ r_connector_nslcd_cafile }}
 #rootpwmoddn cn=admin,dc=example,dc=com
 
 # SSL options
-#ssl off
-tls_reqcert demand
+ssl {{ r_connector_ssl }}
+tls_reqcert {{ r_connector_tls_reqcert }}
 
 # The search scope.
 #scope sub