From b1fbff5b1c4546ffaad59e9dfcc30799b688ea56 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <patrick@puiterwijk.org>
Date: Tue, 2 Jun 2020 20:38:47 +0200
Subject: [PATCH] Add LDIF file to fix SASL limits

We keep hitting this otherwise because of our directory size

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
---
 roles/ipa/server/files/fix_sasl.ldif | 9 +++++++++
 roles/ipa/server/tasks/main.yml      | 6 ++++++
 2 files changed, 15 insertions(+)
 create mode 100644 roles/ipa/server/files/fix_sasl.ldif

diff --git a/roles/ipa/server/files/fix_sasl.ldif b/roles/ipa/server/files/fix_sasl.ldif
new file mode 100644
index 0000000000..b87be52781
--- /dev/null
+++ b/roles/ipa/server/files/fix_sasl.ldif
@@ -0,0 +1,9 @@
+dn: cn=config
+changetype: modify
+replace: nsslapd-maxsasliosize
+nsslapd-maxsasliosize: 50000000
+
+dn: cn=config
+changetype: modify
+replace: nsslapd-sasl-max-buffer-size
+nsslapd-sasl-max-buffer-size: 50000000
diff --git a/roles/ipa/server/tasks/main.yml b/roles/ipa/server/tasks/main.yml
index 48616335f2..cfd486b6ac 100644
--- a/roles/ipa/server/tasks/main.yml
+++ b/roles/ipa/server/tasks/main.yml
@@ -19,6 +19,12 @@
   - ipa/server
   - config
 
+- name: Copy LDIF file for working around annoying IPA bug in initial sync
+  copy: src=fix_sasl.ldif dest=/usr/share/ipa/fix_sasl.ldif
+  tags:
+  - ipa/server
+  - config
+
 - name: install IPA
   command: ipa-server-install
            --realm={{ipa_realm}}