mirror of
https://github.com/luzifer-docker/openldap.git
synced 2024-12-30 01:11:18 +00:00
Added modules/overlays to configuration
This commit is contained in:
parent
e520b15129
commit
8638ea5a6f
4 changed files with 55 additions and 1 deletions
|
@ -18,6 +18,8 @@ EXPOSE 389
|
|||
|
||||
VOLUME ["/etc/ldap", "/var/lib/ldap"]
|
||||
|
||||
COPY modules/ /etc/ldap.dist/modules
|
||||
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
|
11
README.md
11
README.md
|
@ -71,6 +71,17 @@ instructions, there are the following additional schemas available:
|
|||
`collective`, `corba`, `duaconf`, `dyngroup`, `java`, `misc`, `openldap`, `pmi`
|
||||
and `ppolicy`.
|
||||
|
||||
At least one quite common module is neither loaded nor configured by default (I
|
||||
am talking about the `memberof` overlay). In order to activate this (and
|
||||
possibly other modules in the future), there is another environment variable
|
||||
called
|
||||
|
||||
SLAPD_ADDITIONAL_MODULES
|
||||
|
||||
which can hold comma-separated enties. It will try to run `.ldif` files with
|
||||
a corresponsing name from th `module` directory. Currently only `memberof` is
|
||||
avaliable.
|
||||
|
||||
After the first start of the image (and the initial configuration), these
|
||||
envirnonment variables are not evaluated anymore.
|
||||
|
||||
|
|
|
@ -27,7 +27,7 @@ if [[ ! -d /etc/ldap/slapd.d ]]; then
|
|||
slapd slapd/password2 password $SLAPD_PASSWORD
|
||||
slapd shared/organization string $SLAPD_ORGANIZATION
|
||||
slapd slapd/domain string $SLAPD_DOMAIN
|
||||
slapd slapd/backend select hdb
|
||||
slapd slapd/backend select HDB
|
||||
slapd slapd/allow_ldap_v2 boolean false
|
||||
slapd slapd/purge_database boolean false
|
||||
slapd slapd/move_old_database boolean true
|
||||
|
@ -65,6 +65,14 @@ EOF
|
|||
slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/schema/${schema}.ldif" >/dev/null 2>&1
|
||||
done
|
||||
fi
|
||||
|
||||
if [[ -n "$SLAPD_ADDITIONAL_MODULES" ]]; then
|
||||
IFS=","; declare -a modules=($SLAPD_ADDITIONAL_MODULES)
|
||||
|
||||
for module in "${modules[@]}"; do
|
||||
slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/modules/${module}.ldif" >/dev/null 2>&1
|
||||
done
|
||||
fi
|
||||
else
|
||||
slapd_configs_in_env=`env | grep 'SLAPD_'`
|
||||
|
||||
|
|
33
modules/memberof.ldif
Normal file
33
modules/memberof.ldif
Normal file
|
@ -0,0 +1,33 @@
|
|||
dn: cn=module,cn=config
|
||||
cn: module
|
||||
objectClass: olcModuleList
|
||||
objectClass: top
|
||||
olcModulePath: /usr/lib/ldap
|
||||
olcModuleLoad: memberof.la
|
||||
|
||||
dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
|
||||
objectClass: olcConfig
|
||||
objectClass: olcMemberOf
|
||||
objectClass: olcOverlayConfig
|
||||
objectClass: top
|
||||
olcOverlay: memberof
|
||||
olcMemberOfDangling: ignore
|
||||
olcMemberOfRefInt: TRUE
|
||||
olcMemberOfGroupOC: groupOfNames
|
||||
olcMemberOfMemberAD: member
|
||||
olcMemberOfMemberOfAD: memberOf
|
||||
|
||||
dn: cn=module,cn=config
|
||||
cn: module
|
||||
objectClass: olcModuleList
|
||||
objectClass: top
|
||||
olcModulePath: /usr/lib/ldap
|
||||
olcModuleLoad: refint.la
|
||||
|
||||
dn: olcOverlay={1}refint,olcDatabase={1}hdb,cn=config
|
||||
objectClass: olcConfig
|
||||
objectClass: olcOverlayConfig
|
||||
objectClass: olcRefintConfig
|
||||
objectClass: top
|
||||
olcOverlay: {1}refint
|
||||
olcRefintAttribute: memberof member manager owner
|
Loading…
Reference in a new issue