From b68e3abadac109bc152cbd3a56668d4143b89afd Mon Sep 17 00:00:00 2001
From: Robin Schneider <ypid@riseup.net>
Date: Thu, 23 Mar 2017 11:56:01 +0100
Subject: [PATCH] Derive LDAP port from ldap_method

---
 CHANGES.rst             |  2 ++
 defaults/main.yml       | 10 +++++-----
 docs/external-users.rst |  4 ++--
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/CHANGES.rst b/CHANGES.rst
index c9d0233..79bab40 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -58,6 +58,8 @@ Changed
 - Fix typo in variable name by renaming ``owncloud__theme_entitiy_name`` to
   :envvar:`owncloud__theme_entity_name`. [jbicha]
 
+- Derive LDAP port from :envvar:`owncloud__ldap_port`. [ypid_]
+
 Removed
 ~~~~~~~
 
diff --git a/defaults/main.yml b/defaults/main.yml
index d7d48b0..05f9823 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1049,14 +1049,14 @@ owncloud__ldap_password_file: '{{ secret + "/credentials/" + owncloud__ldap_host
 owncloud__ldap_password: '{{ lookup("password", owncloud__ldap_password_file) }}'
 
 
-# .. envvar:: owncloud__ldap_port
+# .. envvar:: owncloud__ldap_method
 #
-owncloud__ldap_port: '636'
+owncloud__ldap_method: 'ssl'
 
 
-# .. envvar:: owncloud__ldap_method
+# .. envvar:: owncloud__ldap_port
 #
-owncloud__ldap_method: 'ssl'
+owncloud__ldap_port: '{{ 636 if (owncloud__ldap_method in ["ssl", "tls"]) else 389 }}'
 
 
 # .. envvar:: owncloud__ldap_user_display_name
@@ -1199,7 +1199,7 @@ owncloud__ldap_expert_username_attr: ''
 # .. envvar:: owncloud__ldap_conf_map
 #
 owncloud__ldap_conf_map:
-  ldapHost: '{{ "ldaps://" if (owncloud__ldap_method == "ssl") else "" }}{{ owncloud__ldap_host }}'
+  ldapHost: '{{ "ldaps://" if (owncloud__ldap_method in ["ssl", "tls"]) else "" }}{{ owncloud__ldap_host }}'
   ldapPort: '{{ owncloud__ldap_port }}'
   ldapAgentName: '{{ owncloud__ldap_binddn }}'
   ldapBase: '{{ owncloud__ldap_basedn }}'
diff --git a/docs/external-users.rst b/docs/external-users.rst
index e4ff8cb..1962fc4 100644
--- a/docs/external-users.rst
+++ b/docs/external-users.rst
@@ -46,11 +46,11 @@ FIXME: Figure out how that can be configured.
    # Note that those recommendations might deviate from ownCloud
    # recommendations but those are the settings which are proven to work.
    owncloud__ldap_create_user: False
-   owncloud__ldap_port: '389'
+   owncloud__ldap_method: 'plain'
    owncloud__ldap_expert_username_attr: 'sAMAccountName'
 
    owncloud__ldap_conf_map:
-     ldapHost: '{{ "ldaps://" if (owncloud__ldap_method == "ssl") else "" }}{{ owncloud__ldap_host }}'
+     ldapHost: '{{ "ldaps://" if (owncloud__ldap_method in ["ssl", "tls"]) else "" }}{{ owncloud__ldap_host }}'
      ldapPort: '{{ owncloud__ldap_port }}'
      ldapAgentName: '{{ owncloud__ldap_binddn }}'
      ldapBase: '{{ owncloud__ldap_basedn }}'