mirror of
https://github.com/luzifer-docker/openldap.git
synced 2024-12-20 20:51:17 +00:00
83 lines
2.4 KiB
Bash
Executable file
83 lines
2.4 KiB
Bash
Executable file
#!/bin/bash
|
|
set -euxo pipefail
|
|
|
|
export SLAPD_CONFDIR=/etc/openldap/slapd.d
|
|
export SLAPD_DATADIR=/var/lib/openldap/openldap-data
|
|
|
|
# Generate SLAPD_SUFFIX from given domain
|
|
IFS="."
|
|
declare -a dc_parts=(${SLAPD_DOMAIN:-example.com})
|
|
unset IFS
|
|
|
|
for dc_part in "${dc_parts[@]}"; do
|
|
dc_string="${dc_string:-},dc=${dc_part}"
|
|
done
|
|
|
|
export SLAPD_SUFFIX=${dc_string#,}
|
|
|
|
# Add included module configs to base directory
|
|
cp -r /config/modules /etc/openldap/
|
|
|
|
# Configure and start slapd
|
|
if [ "${1:-}" = 'slapd' ]; then
|
|
# When not limiting the open file descritors limit, the memory consumption of
|
|
# slapd is absurdly high. See https://github.com/docker/docker/issues/8231
|
|
ulimit -n 8192
|
|
|
|
# Fix missing directory
|
|
mkdir -p /run/openldap && chown ldap:ldap /run/openldap
|
|
|
|
# Generate templates
|
|
korvike -i /config/slapd.conf -o /etc/openldap/slapd.conf
|
|
korvike -i /config/slapd.ldif -o /etc/openldap/slapd.ldif
|
|
korvike -i /config/init.ldif -o /tmp/init.ldif
|
|
|
|
if ! [ -d "${SLAPD_CONFDIR}/cn=config" ]; then
|
|
# Generate basic configuration
|
|
mkdir -p ${SLAPD_CONFDIR}
|
|
slapadd -n 0 -F ${SLAPD_CONFDIR} -l /etc/openldap/slapd.ldif
|
|
slapadd -F ${SLAPD_CONFDIR} -b ${SLAPD_SUFFIX} -l /tmp/init.ldif
|
|
|
|
# Load schemas into configuration database
|
|
if [ -n "$SLAPD_ADDITIONAL_SCHEMAS" ]; then
|
|
IFS=","
|
|
declare -a schemas=($SLAPD_ADDITIONAL_SCHEMAS)
|
|
unset IFS
|
|
|
|
for schema in "${schemas[@]}"; do
|
|
slapadd -n 0 -F ${SLAPD_CONFDIR} -l "/etc/openldap/schema/${schema}.ldif"
|
|
done
|
|
fi
|
|
|
|
# Activate module configurations
|
|
if [ -n "$SLAPD_ADDITIONAL_MODULES" ]; then
|
|
IFS=","
|
|
declare -a modules=($SLAPD_ADDITIONAL_MODULES)
|
|
unset IFS
|
|
|
|
for module in "${modules[@]}"; do
|
|
module_file="/etc/openldap/modules/${module}.ldif"
|
|
|
|
if [ "$module" == 'ppolicy' ]; then
|
|
SLAPD_PPOLICY_DN_PREFIX="${SLAPD_PPOLICY_DN_PREFIX:-cn=default,ou=policies}"
|
|
|
|
sed -i "s/\(olcPPolicyDefault: \)PPOLICY_DN/\1${SLAPD_PPOLICY_DN_PREFIX}$dc_string/g" $module_file
|
|
fi
|
|
|
|
slapadd -n0 -F ${SLAPD_CONFDIR} -l "$module_file"
|
|
done
|
|
fi
|
|
|
|
chown -R ldap:ldap ${SLAPD_CONFDIR} ${SLAPD_DATADIR}
|
|
else
|
|
# Check for configuration variables when container is already configured
|
|
if (env | grep -q "SLAPD_"); then
|
|
echo "Info: LDAP container is already configured, SLAPD_* env variables are ignored."
|
|
fi
|
|
fi
|
|
|
|
exec "$@"
|
|
fi
|
|
|
|
# Other binary was called, execute directly
|
|
exec "$@"
|