Add: PHP Ldap ADMIN && Basic LDIF
This commit is contained in:
parent
9dde6c39b4
commit
22f43c6f1c
1
.gitigonore
Normal file
1
.gitigonore
Normal file
@ -0,0 +1 @@
|
||||
.env
|
39
Dockerfile
39
Dockerfile
@ -3,19 +3,54 @@ FROM debian:stable-slim
|
||||
ARG LDAP_ADMIN_PASSWORD
|
||||
ARG LDAP_DOMAIN
|
||||
ARG LDAP_ORGANISATION
|
||||
ARG LDAP_USER
|
||||
ARG LDAP_GROUP
|
||||
|
||||
ENV LDAP_ADMIN_PASSWORD $LDAP_ADMIN_PASSWORD
|
||||
ENV LDAP_ORGANISATION $LDAP_ORGANISATION
|
||||
ENV LDAP_DOMAIN $LDAP_DOMAIN
|
||||
ENV LDAP_USER $LDAP_USER
|
||||
ENV LDAP_GROUP $LDAP_GROUP
|
||||
|
||||
RUN apt-get update -y && apt dist-upgrade -y
|
||||
|
||||
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y slapd ldap-utils
|
||||
|
||||
EXPOSE 389
|
||||
RUN usermod -u ${LDAP_USER} openldap && \
|
||||
groupmod -g ${LDAP_GROUP} openldap
|
||||
|
||||
ADD slapd.sh /opt/slapd
|
||||
RUN /opt/slapd
|
||||
|
||||
RUN slapcat -n 0 \
|
||||
|sed 's/cn: config/cn: config\nolcPasswordHash: {CRYPT}\nolcPasswordCryptSaltFormat: $6$%.16s/' \
|
||||
|sed 's/cn: module{0}/cn: module{0}\nolcModuleLoad: {0}lastbind/' > /tmp/config.ldif && \
|
||||
rm -rf /etc/ldap/slapd.d/* && \
|
||||
slapadd -n 0 -F /etc/ldap/slapd.d/ -l /tmp/config.ldif && \
|
||||
rm /tmp/config.ldif
|
||||
|
||||
RUN echo "dn: olcOverlay={0}lastbind, olcDatabase={1}mdb,cn=config\nobjectClass: olcLastBindConfig\nolcOverlay: {0}lastbind" \
|
||||
| slapadd -n 0
|
||||
|
||||
|
||||
COPY ./schema/*.ldif ./schema/*.schema /etc/ldap/schema/
|
||||
|
||||
RUN slapadd -l /etc/ldap/schema/nextcloud.ldif
|
||||
|
||||
RUN chmod -R o+rw /etc/ldap/slapd.d/ && \
|
||||
chmod -R o+rwx /etc/ldap/slapd.d/cn=config/ && \
|
||||
chmod -R o+rwx /etc/ldap/slapd.d/cn=config/cn=schema/ && \
|
||||
chmod -R o+rw /var/run/slapd/
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
CMD /opt/slapd
|
||||
ADD entrypoint.sh /entrypoint.sh
|
||||
|
||||
#VOLUME ["/var/lib/ldap"]
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
||||
EXPOSE 389
|
||||
|
||||
CMD ["/usr/sbin/slapd","-h", "ldap:///","-d","4"]
|
||||
|
||||
|
@ -1,7 +1,24 @@
|
||||
version: "2.4"
|
||||
|
||||
services:
|
||||
admin:
|
||||
image: registry.audio-lab.org/ldapphpadmin
|
||||
restart: always
|
||||
links:
|
||||
- ldap
|
||||
ports:
|
||||
- ${LDAP_ADMIN_PORT}:80
|
||||
build:
|
||||
context: phpldapadmin
|
||||
dockerfile: Dockerfile
|
||||
args:
|
||||
- LDAP_BASE=${LDAP_BASE}
|
||||
ldap:
|
||||
user: ${USER_GROUP}
|
||||
image: registry.audio-lab.org/ldap
|
||||
restart: always
|
||||
ports:
|
||||
- ${LDAP_PORT}:389
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
@ -9,4 +26,10 @@ services:
|
||||
- LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
|
||||
- LDAP_ORGANISATION=${LDAP_ORGANISATION}
|
||||
- LDAP_DOMAIN=${LDAP_DOMAIN}
|
||||
- LDAP_USER=${LDAP_USER}
|
||||
- LDAP_GROUP=${LDAP_GROUP}
|
||||
environment:
|
||||
- LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
|
||||
- LDAP_ORGANISATION=${LDAP_ORGANISATION}
|
||||
- LDAP_DOMAIN=${LDAP_DOMAIN}
|
||||
|
||||
|
7
entrypoint.sh
Executable file
7
entrypoint.sh
Executable file
@ -0,0 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
|
||||
RUN slapadd -n 0 -l /etc/ldap/schema/domain.ldif
|
||||
|
||||
exec $@
|
@ -1,3 +1,5 @@
|
||||
LDAP_ADMIN_PASSWORD=admin
|
||||
LDAP_ORGANISATION=organisation
|
||||
LDAP_DOMAIN=domain
|
||||
LDAP_PORT=389
|
||||
USER_GROUP=1000:1000
|
||||
|
29
phpldapadmin/Dockerfile
Normal file
29
phpldapadmin/Dockerfile
Normal file
@ -0,0 +1,29 @@
|
||||
FROM debian:stable-slim
|
||||
|
||||
ARG LDAP_BASE
|
||||
|
||||
ENV LDAP_BASE $LDAP_BASE
|
||||
|
||||
RUN apt-get update -y && apt dist-upgrade -y
|
||||
|
||||
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y wget
|
||||
|
||||
RUN wget http://ftp.de.debian.org/debian/pool/main/p/phpldapadmin/phpldapadmin_1.2.6.3-0.2_all.deb && \
|
||||
apt install -y ./phpldapadmin_1.2.6.3-0.2_all.deb && \
|
||||
rm *.deb
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
ADD entrypoint.sh /entrypoint.sh
|
||||
|
||||
RUN sed -i "s/^.*setValue('server','host'.*/\$servers->setValue('server','host','ldap');/" /usr/share/phpldapadmin/config/config.php && \
|
||||
sed -i "s/^.*setValue('server','base'.*/\$servers->setValue('server','base',array('${LDAP_BASE}'));/" /usr/share/phpldapadmin/config/config.php && \
|
||||
sed -i "s/^.*setValue('login','bind_id'.*/\$servers->setValue('login','bind_id','cn=admin,${LDAP_BASE}');/" /usr/share/phpldapadmin/config/config.php
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
EXPOSE 80
|
||||
|
||||
CMD ["apachectl","-D","FOREGROUND"]
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
7
phpldapadmin/entrypoint.sh
Executable file
7
phpldapadmin/entrypoint.sh
Executable file
@ -0,0 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -xe
|
||||
|
||||
echo "Running Apache"
|
||||
|
||||
exec $@
|
16
schema/nextcloud.ldif
Normal file
16
schema/nextcloud.ldif
Normal file
@ -0,0 +1,16 @@
|
||||
dn: ou=users,dc=labiaga,dc=ikastola
|
||||
objectClass: organizationalUnit
|
||||
objectClass: top
|
||||
ou: users
|
||||
|
||||
dn: ou=groups,dc=labiaga,dc=ikastola
|
||||
objectClass: organizationalUnit
|
||||
objectClass: top
|
||||
ou: groups
|
||||
|
||||
dn: cn=irakasleak,ou=groups,dc=labiaga,dc=ikastola
|
||||
objectClass: posixGroup
|
||||
cn: irakasleak
|
||||
gidNumber: 10000
|
||||
memberUid: irakasleak
|
||||
|
15
slapd.sh
15
slapd.sh
@ -2,17 +2,13 @@
|
||||
|
||||
set -eu
|
||||
|
||||
status () {
|
||||
echo "---> ${@}" >&2
|
||||
}
|
||||
|
||||
set -x
|
||||
: LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
|
||||
: LDAP_DOMAIN=${LDAP_DOMAIN}
|
||||
: LDAP_ORGANISATION=${LDAP_ORGANISATION}
|
||||
|
||||
if [ ! -e /var/lib/ldap/docker_bootstrapped ]; then
|
||||
status "configuring slapd for first run"
|
||||
echo "configuring slapd for first run"
|
||||
|
||||
cat <<EOF | debconf-set-selections
|
||||
slapd slapd/internal/generated_adminpw password ${LDAP_ADMIN_PASSWORD}
|
||||
@ -34,9 +30,12 @@ EOF
|
||||
|
||||
touch /var/lib/ldap/docker_bootstrapped
|
||||
else
|
||||
status "found already-configured slapd"
|
||||
echo "found already-configured slapd"
|
||||
fi
|
||||
|
||||
status "starting slapd"
|
||||
echo "starting slapd"
|
||||
set -x
|
||||
exec /usr/sbin/slapd -h "ldap:///" -u openldap -g openldap -d 0
|
||||
|
||||
|
||||
|
||||
exec $@
|
||||
|
Loading…
Reference in New Issue
Block a user