lilik_playbook/roles/login/tasks/main.yaml

- name: install login packages
  apt:
    name: "{{ item }}"
    state: present
    update_cache: yes
    cache_valid_time: 3600
    install_recommends: '{{ install_recommends | default("no") }}'
  with_items:
    - git
    - python3
    - python3-ldap3
    - python3-flask

- name: clone login repository
  git:
    repo: http://projects.lilik.it/lilik/lilik_users3.git
    dest: /srv/login
  notify:
    - restart login

- name: add login user
  user:
    name: login
    system: yes
    home: /srv/login

- name: slurp slap secret file
  slurp:
    src: /etc/slapd.secret
  register: slapdsecret
  failed_when: false
  changed_when: false
  delegate_to: ldap

- set_fact:
    ldap_password: "{{ slapdsecret['content'] | b64decode }}"

- name: add login config
  template:
    src: config.py.j2
    dest: /srv/login/config.py
    mode: 440
    owner: login
    group: login

  register: add_login_startup_script
  notify:
    - restart login

- name: add login init script
  template: src=login.j2 dest=/etc/init.d/login mode=755
  register: add_login_startup_script
  notify:
    - restart login

- name: reload systemd
  systemd:
    daemon_reload: yes
    name: login
  when: add_login_startup_script.changed

- include_role:
    name: service
  vars:
    service_name: login
    service_packages: null