---

applications:
  ldap-domain1:
    charm: cs:~openstack-charmers/ldap-test-fixture
    num_units: 1
    series: bionic
    bindings:
      "": oam
    to:
      - lxd:100
  ldap-domain2:
    charm: cs:~openstack-charmers/ldap-test-fixture
    num_units: 1
    series: bionic
    bindings:
      "": oam
    to:
      - lxd:101
  ldap-domain3:
    charm: cs:~openstack-charmers/ldap-test-fixture
    num_units: 1
    series: bionic
    bindings:
      "": oam
    to:
      - lxd:102
  keystone-ldap-domain1:
    charm: cs:keystone-ldap
    options:
      ldap-user: cn=admin,dc=test,dc=com
      ldap-password: crapper
      ldap-suffix: dc=test,dc=com
      domain-name: domain1
      ldap-config-flags: >-
        {
         use_pool: true,
         pool_size: 10,
         pool_retry_max: 1,
         user_tree_dn: "ou=users,dc=test,dc=com",
         user_objectclass: "posixAccount",
         user_id_attribute: uid,
         user_name_attribute: uid,
         user_attribute_ignore: userPassword,
         query_scope: sub,
         group_name_attribute: cn,
         group_member_attribute: memberUid,
         group_desc_attribute: description,
         group_tree_dn: "ou=groups,dc=test,dc=com",
         group_id_attribute: cn,
         group_objectclass: "posixGroup",
         group_members_are_ids: true,
        }
  keystone-ldap-domain2:
    charm: cs:keystone-ldap
    options:
      ldap-user: cn=admin,dc=test,dc=com
      ldap-password: crapper
      ldap-suffix: dc=test,dc=com
      domain-name: domain2
      ldap-config-flags: >-
        {
         use_pool: true,
         pool_size: 10,
         pool_retry_max: 1,
         user_tree_dn: "ou=users,dc=test,dc=com",
         user_objectclass: "posixAccount",
         user_id_attribute: uid,
         user_name_attribute: uid,
         user_attribute_ignore: userPassword,
         query_scope: sub,
         group_name_attribute: cn,
         group_member_attribute: member,
         group_desc_attribute: description,
         group_tree_dn: "ou=groups,dc=test,dc=com",
         group_id_attribute: cn,
         group_objectclass: "groupOfNames",
         group_members_are_ids: false,
        }
  keystone-ldap-domain3:
    charm: cs:keystone-ldap
    options:
      ldap-user: cn=admin,dc=test,dc=com
      ldap-password: crapper
      ldap-suffix: dc=test,dc=com
      domain-name: domain3
      ldap-config-flags: >-
        {
         use_pool: true,
         pool_size: 10,
         pool_retry_max: 1,
         user_tree_dn: "ou=users,dc=test,dc=com",
         user_objectclass: "posixAccount",
         user_id_attribute: uid,
         user_name_attribute: uid,
         user_attribute_ignore: userPassword,
         query_scope: sub,
         group_name_attribute: cn,
         group_member_attribute: uniqueMember,
         group_desc_attribute: description,
         group_tree_dn: "ou=groups,dc=test,dc=com",
         group_id_attribute: cn,
         group_objectclass: "groupOfUniqueNames",
        }

relations:
  - [ "keystone:domain-backend", "keystone-ldap-domain1:domain-backend" ]
  - [ "keystone:domain-backend", "keystone-ldap-domain2:domain-backend" ]
  - [ "keystone:domain-backend", "keystone-ldap-domain3:domain-backend" ]