{%- from "linux/map.jinja" import ldap with context -%}
# /etc/nslcd.conf
# nslcd configuration file. See nslcd.conf(5)
# for details.

# The user and group nslcd should run as.
uid {{ ldap.uid }}
gid {{ ldap.gid }}

{%- if ldap.enabled %}

{%- if ldap.uri is defined %}
# The location at which the LDAP server(s) should be reachable.
uri {{ ldap.uri }}
{%- endif %}

{%- if ldap.base is defined %}
# The search base that will be used for all queries.
base {{ ldap.base }}
{%- endif %}

# The LDAP protocol version to use.
ldap_version {{ ldap.version }}

{%- if ldap.binddn is defined %}
# The DN to bind with for normal lookups.
binddn {{ ldap.binddn }}
{%- if ldap.bindpw is defined %}
bindpw {{ ldap.bindpw }}
{%- endif %}
{%- endif %}

{%- if ldap.rootpwmoddn is defined %}
# The DN used for password modifications by root.
rootpwmoddn {{ ldap.rootpwmoddn }}
{%- endif %}

# SSL options
#ssl off
#tls_reqcert never
#tls_cacertfile /etc/ssl/certs/ca-certificates.crt

# The search scope.
scope {{ ldap.scope }}

{%- if ldap.pagesize is defined %}
pagesize {{ ldap.pagesize }}
{%- endif %}
{%- if ldap.referrals is defined %}
referrals {{ ldap.referrals }}
{%- endif %}

{%- if ldap.filter is defined %}
# Filters
{%- for key, value in ldap.filter.items() %}
filter {{ key }} {{ value }}
{%- endfor %}
{%- endif %}
{%- if ldap.map is defined %}
# Mappings
{%- for map_name,map in ldap.map.items() %}
{%- for key, value in map.items() %}
map {{ map_name }} {{ key }} {{ value }}
{%- endfor %}
{%- endfor %}
{%- endif %}

{%- endif %}