diff --git a/Dockerfile b/Dockerfile index 93d7196..1ecdf30 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,7 +14,7 @@ RUN apt-get update && \ EXPOSE 389 -VOLUME ["/var/lib/ldap", "/etc/ldap"] +VOLUME ["/var/lib/ldap"] COPY entrypoint.sh /entrypoint.sh diff --git a/README.md b/README.md index 47a7a3d..d7c2b13 100644 --- a/README.md +++ b/README.md @@ -67,7 +67,8 @@ envirnonment variables are not evaluated anymore. Data persistence ---------------- -The image exposes the directory, where the data is written -(`VOLUME ["/var/lib/ldap"`). Please make sure that -these directories are saved (in a data-only container or alike) in order to make -sure that everything is restored after a new restart of the application. +The image exposes one directory (`VOLUME ["/var/lib/ldap"]`). It both holds the +database and the configuration (which is symlinked in a pretty hacky way - see +the `entrypoint.sh` file if interested). Please make sure that this directory is +saved (in a data-only container or alike) in order to make sure that everything +is restored after a new restart of the container. diff --git a/entrypoint.sh b/entrypoint.sh index dcee514..788b933 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,9 +1,15 @@ #!/bin/bash set -e -chown -R openldap:openldap /var/lib/ldap/ +chown openldap:openldap /var/lib/ldap/ + +if [[ -d /var/lib/ldap/config ]]; then + + rm -rf /etc/ldap + ln -s /var/lib/ldap/config /etc/ldap + +else -if [[ ! -f /etc/ldap/docker-configured ]]; then if [[ -z "$SLAPD_PASSWORD" ]]; then echo >&2 "Error: slapd not configured and SLAPD_PASSWORD not set" echo >&2 "Did you forget to add -e SLAPD_PASSWORD=... ?" @@ -47,7 +53,9 @@ EOF if [[ -n "$SLAPD_CONFIG_PASSWORD" ]]; then password_hash=`slappasswd -s "${SLAPD_CONFIG_PASSWORD}"` - sed_safe_password_hash=${password_hash/\//\\\/} + sed_safe_password_hash=${password_hash//\//\\\/} + + echo $sed_safe_password_hash slapcat -n0 -F /etc/ldap/slapd.d -l /tmp/config.ldif sed -i "s/\(olcRootDN: cn=admin,cn=config\)/\1\nolcRootPW: ${sed_safe_password_hash}/g" /tmp/config.ldif @@ -55,7 +63,8 @@ EOF slapadd -n0 -F /etc/ldap/slapd.d -l /tmp/config.ldif >/dev/null 2>&1 fi - touch /etc/ldap/docker-configured + mv /etc/ldap /var/lib/ldap/config + ln -s /var/lib/ldap/config /etc/ldap fi exec "$@"