[Service]
ExecStartPre=
ExecStartPre=-/usr/sbin/slapadd -F /etc/openldap/slapd.d -v -b cn=config -l /etc/ldap/secrets/config.ldif
{% for schema in ldap_schemas %}
ExecStartPre=-/usr/sbin/slapadd -F /etc/openldap/slapd.d -v -b cn=config -l {{ schema }}
{% endfor %}
ExecStartPre=-/usr/sbin/slapadd -F /etc/openldap/slapd.d -c -v -l /etc/ldap/secrets/users.ldif
User=ldap
Group=ldap
ExecStart=
# remove none tls port
ExecStart=+/usr/sbin/slapd -u ldap -h ldaps:///
#waiting for ldap server...
ExecStartPost=/usr/bin/timeout 90 bash -c 'while ! 3<> /dev/tcp/localhost/636; do sleep 1; done'
ExecStartPost=+-/usr/bin/ldapmodify -D {{ ldap_user }} -y /usr/local/lib/secrets/admin_ldap.pwd -v -f /usr/local/lib/secrets/config_acl.ldif
ExecStartPost=+-/usr/bin/ldapmodify -D {{ ldap_user }} -y /usr/local/lib/secrets/admin_ldap.pwd -v -f /usr/local/lib/secrets/users_mod.ldif