From 1fed83f3c0c41c1ac7ec0f42b2ac7e51d882a601 Mon Sep 17 00:00:00 2001
From: Siroco <siroco@piperrak.cc>
Date: Wed, 17 May 2023 13:09:18 -0500
Subject: [PATCH] Update: Dockerfile && Move configuration to entrypoint

---
 Dockerfile                 | 41 ++++++++++++++++++++++++--------------
 docker-compose.yml         | 14 -------------
 docker-compose.yml.example | 38 +++++++++++++++++++++++++++++++++++
 entrypoint.sh              |  4 +++-
 slapd.sh                   |  4 ++--
 5 files changed, 69 insertions(+), 32 deletions(-)
 create mode 100644 docker-compose.yml.example

diff --git a/Dockerfile b/Dockerfile
index 9346135..ad49baa 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,11 +1,20 @@
-FROM debian:stable-slim
-
 ARG LDAP_ADMIN_PASSWORD
 ARG LDAP_DOMAIN
 ARG LDAP_ORGANISATION
 ARG LDAP_USER
 ARG LDAP_GROUP
 
+FROM debian:stable-slim
+
+ARG LDAP_ADMIN_PASSWORD
+ARG LDAP_DOMAIN
+ARG LDAP_ORGANISATION
+ARG LDAP_USER=1000
+ARG LDAP_GROUP=1000
+
+ARG UID=1000
+ARG GID=1000
+
 ENV LDAP_ADMIN_PASSWORD $LDAP_ADMIN_PASSWORD
 ENV LDAP_ORGANISATION $LDAP_ORGANISATION
 ENV LDAP_DOMAIN $LDAP_DOMAIN
@@ -14,24 +23,26 @@ ENV LDAP_GROUP $LDAP_GROUP
 
 RUN apt-get update -y && apt dist-upgrade -y
 
-RUN DEBIAN_FRONTEND=noninteractive apt-get install -y slapd ldap-utils
+RUN DEBIAN_FRONTEND=noninteractive apt-get install -y slapd ldap-utils ca-certificates
 
-RUN usermod -u ${LDAP_USER} openldap && \
-    groupmod -g ${LDAP_GROUP} openldap
+RUN usermod -u ${UID} openldap && \
+    groupmod -g ${GID} openldap
 
 ADD slapd.sh /opt/slapd
-RUN /opt/slapd
 
-COPY ./schema/*.ldif ./schema/*.schema /etc/ldap/schema/
+## Run on entrypoint
+#RUN /opt/slapd
 
-RUN slapcat -n 0 \
-    |sed 's/cn: config/cn: config\nolcPasswordHash: {CRYPT}\nolcPasswordCryptSaltFormat: $6$%.16s/' \
-    |sed 's/cn: module{0}/cn: module{0}\nolcModuleLoad: {0}lastbind/' > /tmp/config.ldif && \
-    rm -rf /etc/ldap/slapd.d/* && \
-    slapadd -n 0 -F /etc/ldap/slapd.d/ -l /tmp/config.ldif && \
-    echo "dn: olcOverlay={0}lastbind, olcDatabase={1}mdb,cn=config\nobjectClass: olcLastBindConfig\nolcOverlay: {0}lastbind" | slapadd -n 0 && \
-    slapadd -l /etc/ldap/schema/nextcloud.ldif && \
-    rm /tmp/config.ldif
+#COPY ./schema/*.ldif ./schema/*.schema /etc/ldap/schema/
+
+#RUN slapcat -n 0 \
+#    |sed 's/cn: config/cn: config\nolcPasswordHash: {CRYPT}\nolcPasswordCryptSaltFormat: $6$%.16s/' \
+#    |sed 's/cn: module{0}/cn: module{0}\nolcModuleLoad: {0}lastbind/' > /tmp/config.ldif && \
+#    rm -rf /etc/ldap/slapd.d/* && \
+#    slapadd -n 0 -F /etc/ldap/slapd.d/ -l /tmp/config.ldif && \
+#    echo "dn: olcOverlay={0}lastbind, olcDatabase={1}mdb,cn=config\nobjectClass: olcLastBindConfig\nolcOverlay: {0}lastbind" | slapadd -n 0 && \
+#    slapadd -l /etc/ldap/schema/nextcloud.ldif && \
+#    rm /tmp/config.ldif
 
 RUN chmod -R o+rw /etc/ldap/slapd.d/ && \
     chmod -R o+rwx /etc/ldap/slapd.d/cn=config/ && \
diff --git a/docker-compose.yml b/docker-compose.yml
index 26e8d1d..5fe9b45 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,24 +5,14 @@ volumes:
 services:
   admin:
     image: registry.audio-lab.org/ldapphpadmin
-    restart: always
-    links:
-      - ldap
-    ports:
-      - ${LDAP_ADMIN_PORT}:80
     build:
       context: phpldapadmin
       dockerfile: Dockerfile
       args:
         - LDAP_BASE=${LDAP_BASE}
   ldap:
-    user: ${USER_GROUP}
     image: registry.audio-lab.org/ldap
     restart: always
-    ports:
-      - ${LDAP_PORT}:389
-    volumes:
-      - data:/var/lib/ldap
     build:
       context: .
       dockerfile: Dockerfile
@@ -32,7 +22,3 @@ services:
         - LDAP_DOMAIN=${LDAP_DOMAIN}
         - LDAP_USER=${LDAP_USER}
         - LDAP_GROUP=${LDAP_GROUP}
-    environment:
-      - LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
-      - LDAP_ORGANISATION=${LDAP_ORGANISATION}
-      - LDAP_DOMAIN=${LDAP_DOMAIN}
diff --git a/docker-compose.yml.example b/docker-compose.yml.example
new file mode 100644
index 0000000..26e8d1d
--- /dev/null
+++ b/docker-compose.yml.example
@@ -0,0 +1,38 @@
+version: "2.4"
+
+volumes:
+  data:
+services:
+  admin:
+    image: registry.audio-lab.org/ldapphpadmin
+    restart: always
+    links:
+      - ldap
+    ports:
+      - ${LDAP_ADMIN_PORT}:80
+    build:
+      context: phpldapadmin
+      dockerfile: Dockerfile
+      args:
+        - LDAP_BASE=${LDAP_BASE}
+  ldap:
+    user: ${USER_GROUP}
+    image: registry.audio-lab.org/ldap
+    restart: always
+    ports:
+      - ${LDAP_PORT}:389
+    volumes:
+      - data:/var/lib/ldap
+    build:
+      context: .
+      dockerfile: Dockerfile
+      args:
+        - LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
+        - LDAP_ORGANISATION=${LDAP_ORGANISATION}
+        - LDAP_DOMAIN=${LDAP_DOMAIN}
+        - LDAP_USER=${LDAP_USER}
+        - LDAP_GROUP=${LDAP_GROUP}
+    environment:
+      - LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
+      - LDAP_ORGANISATION=${LDAP_ORGANISATION}
+      - LDAP_DOMAIN=${LDAP_DOMAIN}
diff --git a/entrypoint.sh b/entrypoint.sh
index 4e4e364..6edd95c 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -2,6 +2,8 @@
 
 set -x
 
-RUN slapadd -n 0 -l /etc/ldap/schema/domain.ldif
+/opt/slapd
+
+slapadd -n 0 -l /etc/ldap/schema/domain.ldif
 
 exec $@
diff --git a/slapd.sh b/slapd.sh
index 4bb93f2..c64baf7 100755
--- a/slapd.sh
+++ b/slapd.sh
@@ -16,8 +16,8 @@ slapd slapd/internal/adminpw password ${LDAP_ADMIN_PASSWORD}
 slapd slapd/password2 password ${LDAP_ADMIN_PASSWORD}
 slapd slapd/password1 password ${LDAP_ADMIN_PASSWORD}
 slapd slapd/dump_database_destdir string /var/backups/slapd-VERSION
-slapd slapd/domain string ${LDAP_DOMAIN}
-slapd shared/organization string ${LDAP_ORGANISATION}
+slapd slapd/domain string "${LDAP_DOMAIN}"
+slapd shared/organization string "${LDAP_ORGANISATION}"
 slapd slapd/backend string HDB
 slapd slapd/purge_database boolean true
 slapd slapd/move_old_database boolean true