#!/bin/sh

# Sudoers
#--------

/usr/sbin/addsudo /usr/sbin/slapadd app-openldap-core

# Set default sysconfig
#----------------------

CHECK=`grep ^BIND_POLICY /etc/sysconfig/ldap 2>/dev/null`

if [ -z "$CHECK" ]; then
    logger -p local6.notice -t installer "app-openldap-core - updating LDAP sysconfig"
    cp /usr/clearos/apps/openldap/deploy/ldap.sysconfig /etc/sysconfig/ldap
fi

# Grab bootstrap certificates from Certificate Manager
#-----------------------------------------------------

KEY_SOURCE=/etc/pki/CA/bootstrap.key
KEY=/etc/openldap/cacerts/key.pem

if [ ! -s "$KEY" ]; then
    logger -p local6.notice -t installer "app-openldap-core - prepping server key"
    cp $KEY_SOURCE $KEY
    chown root.ldap $KEY
    chmod 640 $KEY
fi

CRT_SOURCE=/etc/pki/CA/bootstrap.crt
CRT=/etc/openldap/cacerts/cert.pem

if [ ! -s "$CRT" ]; then
    logger -p local6.notice -t installer "app-openldap-core - prepping server certificate"
    cp $CRT_SOURCE $CRT
    chown root.ldap $CRT
    chmod 640 $CRT
fi

# Restart LDAP in case of schema changes
#---------------------------------------

/sbin/service slapd condrestart >/dev/null 2>&1
