Added modules/overlays to configuration

2024-12-20 20:51:17 +00:00 · 2015-03-16 23:22:40 +01:00 · 2015-03-16 23:22:40 +01:00 · 8638ea5a6f
commit 8638ea5a6f
parent e520b15129
4 changed files with 55 additions and 1 deletions
--- a/2
+++ b/2
@ -18,6 +18,8 @@ EXPOSE 389

 VOLUME ["/etc/ldap", "/var/lib/ldap"]

+COPY modules/ /etc/ldap.dist/modules
+
 COPY entrypoint.sh /entrypoint.sh

 ENTRYPOINT ["/entrypoint.sh"]
--- a/README.md
+++ b/README.md
@ -71,6 +71,17 @@ instructions, there are the following additional schemas available:
 `collective`, `corba`, `duaconf`, `dyngroup`, `java`, `misc`, `openldap`, `pmi`
 and `ppolicy`.

+At least one quite common module is neither loaded nor configured by default (I
+am talking about the `memberof` overlay). In order to activate this (and
+possibly other modules in the future), there is another environment variable
+called
+
+    SLAPD_ADDITIONAL_MODULES
+
+which can hold comma-separated enties. It will try to run `.ldif` files with
+a corresponsing name from th `module` directory. Currently only `memberof` is
+avaliable.
+
 After the first start of the image (and the initial configuration), these
 envirnonment variables are not evaluated anymore.

--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -27,7 +27,7 @@ if [[ ! -d /etc/ldap/slapd.d ]]; then
        slapd slapd/password2 password $SLAPD_PASSWORD
        slapd shared/organization string $SLAPD_ORGANIZATION
        slapd slapd/domain string $SLAPD_DOMAIN
-        slapd slapd/backend select hdb
+        slapd slapd/backend select HDB
        slapd slapd/allow_ldap_v2 boolean false
        slapd slapd/purge_database boolean false
        slapd slapd/move_old_database boolean true
@ -65,6 +65,14 @@ EOF
            slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/schema/${schema}.ldif" >/dev/null 2>&1
        done
    fi
+
+    if [[ -n "$SLAPD_ADDITIONAL_MODULES" ]]; then
+        IFS=","; declare -a modules=($SLAPD_ADDITIONAL_MODULES)
+
+        for module in "${modules[@]}"; do
+             slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/modules/${module}.ldif" >/dev/null 2>&1
+        done
+    fi
 else
    slapd_configs_in_env=`env | grep 'SLAPD_'`

--- a/modules/memberof.ldif
+++ b/modules/memberof.ldif
@ -0,0 +1,33 @@
+dn: cn=module,cn=config
+cn: module
+objectClass: olcModuleList
+objectClass: top
+olcModulePath: /usr/lib/ldap
+olcModuleLoad: memberof.la
+
+dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
+objectClass: olcConfig
+objectClass: olcMemberOf
+objectClass: olcOverlayConfig
+objectClass: top
+olcOverlay: memberof
+olcMemberOfDangling: ignore
+olcMemberOfRefInt: TRUE
+olcMemberOfGroupOC: groupOfNames
+olcMemberOfMemberAD: member
+olcMemberOfMemberOfAD: memberOf
+
+dn: cn=module,cn=config
+cn: module
+objectClass: olcModuleList
+objectClass: top
+olcModulePath: /usr/lib/ldap
+olcModuleLoad: refint.la
+
+dn: olcOverlay={1}refint,olcDatabase={1}hdb,cn=config
+objectClass: olcConfig
+objectClass: olcOverlayConfig
+objectClass: olcRefintConfig
+objectClass: top
+olcOverlay: {1}refint
+olcRefintAttribute: memberof member manager owner