Skip to content

Add ldaps and run ldif after openldap startup #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
PeekLeon wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add ldaps and run ldif after openldap startup #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 17 additions & 1 deletion Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,16 +12,32 @@ RUN apt-get update && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*

## LDAPS
RUN apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
libsasl2-2 \
sasl2-bin \
libsasl2-modules

## LDAPS AND/OR RUN LDIF AFTER OPENLDAP STARTUP
# Mount the "/after_work" volume and copy your ldif files to it
# For ldaps see ldaps.template.ldif
RUN mkdir /after_work
COPY ./after_work.sh /after_work.sh
RUN chmod 770 /after_work.sh

RUN mv /etc/ldap /etc/ldap.dist

COPY modules/ /etc/ldap.dist/modules

COPY entrypoint.sh /entrypoint.sh

EXPOSE 389
## DEFAULT LDAPS PORT
EXPOSE 636

VOLUME ["/etc/ldap", "/var/lib/ldap"]

ENTRYPOINT ["/entrypoint.sh"]

CMD ["sh", "-c", "slapd -h 'ldap:/// ldapi:///' -d ${DEBUG_LEVEL} -u openldap -g openldap"]
CMD ["sh", "-c", "slapd -h 'ldap:/// ldaps:/// ldapi:///' -d ${DEBUG_LEVEL} -u openldap -g openldap"]
17 changes: 17 additions & 0 deletions after_work.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#!/bin/bash

PATH_LDIF="/after_work/"
cd ${PATH_LDIF}
if ls *.ldif > /dev/null 2>&1 ;then
codrec=1
while [ "$coderec" != "0" ]; do
sleep 1
ldapsearch -Y EXTERNAL -H ldapi:/// -LLL cn=config > /dev/null 2>&1
coderec=$?
done
for myLdif in *.ldif ;do
echo "--- $myLdif "
ldapmodify -Y EXTERNAL -H ldapi:/// -f ${PATH_LDIF}${myLdif}
echo "---"
done
fi
4 changes: 3 additions & 1 deletion entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,4 +112,6 @@ fi

chown -R openldap:openldap /etc/ldap/slapd.d/ /var/lib/ldap/ /var/run/slapd/

exec "$@"
sh /after_work.sh&

exec "$@"
14 changes: 14 additions & 0 deletions ldaps.template.ldif
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
# Mount the "/etc/ssl/certs/" volume in your docker-compose/docker run
dn: cn=config
changetype: modify
replace: olcTLSCACertificateFile
olcTLSCACertificateFile: /etc/ssl/certs/CACertificateFile.crt
-
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/ssl/certs/private/CertificateKeyFile.key
-
replace: olcTLSCertificateFile
olcTLSCertificateFile: /etc/ssl/certs/CertificateFile.crt
-
replace: olcTLSVerifyClient
olcTLSVerifyClient: never