luzifer-docker/openldap
2
0
Fork 0
mirror of https://github.com/luzifer-docker/openldap.git synced 2024-12-20 20:51:17 +00:00
Code Issues Releases Wiki Activity

Added modules/overlays to configuration

Browse source
This commit is contained in:
Christian Luginbühl 2015-03-16 23:22:40 +01:00
parent e520b15129
commit 8638ea5a6f
4 changed files with 55 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Dockerfile
View file

@ -18,6 +18,8 @@ EXPOSE 389
VOLUME ["/etc/ldap", "/var/lib/ldap"] VOLUME ["/etc/ldap", "/var/lib/ldap"]
COPY modules/ /etc/ldap.dist/modules
COPY entrypoint.sh /entrypoint.sh COPY entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]

11
README.md
View file

@ -71,6 +71,17 @@ instructions, there are the following additional schemas available:
`collective`, `corba`, `duaconf`, `dyngroup`, `java`, `misc`, `openldap`, `pmi` `collective`, `corba`, `duaconf`, `dyngroup`, `java`, `misc`, `openldap`, `pmi`
and `ppolicy`. and `ppolicy`.
At least one quite common module is neither loaded nor configured by default (I
am talking about the `memberof` overlay). In order to activate this (and
possibly other modules in the future), there is another environment variable
called
SLAPD_ADDITIONAL_MODULES
which can hold comma-separated enties. It will try to run `.ldif` files with
a corresponsing name from th `module` directory. Currently only `memberof` is
avaliable.
After the first start of the image (and the initial configuration), these After the first start of the image (and the initial configuration), these
envirnonment variables are not evaluated anymore. envirnonment variables are not evaluated anymore.

10
entrypoint.sh
View file

@ -27,7 +27,7 @@ if [[ ! -d /etc/ldap/slapd.d ]]; then
slapd slapd/password2 password $SLAPD_PASSWORD slapd slapd/password2 password $SLAPD_PASSWORD
slapd shared/organization string $SLAPD_ORGANIZATION slapd shared/organization string $SLAPD_ORGANIZATION
slapd slapd/domain string $SLAPD_DOMAIN slapd slapd/domain string $SLAPD_DOMAIN
slapd slapd/backend select hdb slapd slapd/backend select HDB
slapd slapd/allow_ldap_v2 boolean false slapd slapd/allow_ldap_v2 boolean false
slapd slapd/purge_database boolean false slapd slapd/purge_database boolean false
slapd slapd/move_old_database boolean true slapd slapd/move_old_database boolean true
@ -65,6 +65,14 @@ EOF
slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/schema/${schema}.ldif" >/dev/null 2>&1 slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/schema/${schema}.ldif" >/dev/null 2>&1
done done
fi fi
if [[ -n "$SLAPD_ADDITIONAL_MODULES" ]]; then
IFS=","; declare -a modules=($SLAPD_ADDITIONAL_MODULES)
for module in "${modules[@]}"; do
slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/modules/${module}.ldif" >/dev/null 2>&1
done
fi
else else
slapd_configs_in_env=`env | grep 'SLAPD_'` slapd_configs_in_env=`env | grep 'SLAPD_'`

33
modules/memberof.ldif Normal file
View file

@ -0,0 +1,33 @@
dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
objectClass: top
olcModulePath: /usr/lib/ldap
olcModuleLoad: memberof.la
dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf
dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
objectClass: top
olcModulePath: /usr/lib/ldap
olcModuleLoad: refint.la
dn: olcOverlay={1}refint,olcDatabase={1}hdb,cn=config
objectClass: olcConfig
objectClass: olcOverlayConfig
objectClass: olcRefintConfig
objectClass: top
olcOverlay: {1}refint
olcRefintAttribute: memberof member manager owner