add slapd

Signed-off-by: Jess Frazelle <jess@mesosphere.com>
2024-11-23 11:31:49 +01:00 · 2016-04-04 17:34:46 -07:00 · 2016-04-04 17:34:46 -07:00 · 1a7a15a587
commit 1a7a15a587
parent 516f197cdb
2 changed files with 74 additions and 0 deletions
--- a/slapd/Dockerfile
+++ b/slapd/Dockerfile
@ -0,0 +1,40 @@
+# Run slapd in a docker container
+#
+# - `LDAP_DOMAIN` sets the LDAP root domain. (e.g. if you provide `foo.bar.com`
+# 	here, the root of your directory will be `dc=foo,dc=bar,dc=com`)
+# - `LDAP_ORGANIZATION` sets the human-readable name for your organization (e.g.
+# 	`Acme Widgets Inc.`)
+# - `LDAP_ROOTPASS` sets the LDAP admin user password (i.e. the password for
+# 	`cn=admin,dc=example,dc=com` if your domain was `example.com`)
+#
+# How to start the container:
+#
+# docker run -v /data/ldap:/var/lib/ldap \
+# 	-e LDAP_DOMAIN=authy.auth.co \
+# 	-e LDAP_ORGANISATION="E Corp" \
+# 	-e LDAP_ROOTPASS=fsociety \
+# 	-d jess/slapd
+#
+# You can load an LDIF file (to set up your directory) like so:
+#
+# ldapadd -h localhost -p <host_port_of_container> -c -x \
+# 	-D cn=admin,dc=mycorp,dc=com -W -f data.ldif
+#
+# Be aware that by default the LDAP port is accessible from anywhere if the \
+# host firewall is unconfigured.
+#
+FROM debian:jessie
+MAINTAINER Jessica Frazelle <jess@docker.com>
+
+RUN apt-get update && LC_ALL=C DEBIAN_FRONTEND=noninteractive \
+	apt-get install -y \
+	slapd \
+	--no-install-recommends \
+	&& rm -rf /var/lib/apt/lists/*
+
+# Just some default values for fun!
+ENV LDAP_ROOTPASS=fsociety LDAP_ORGANIZATION="E CORP" LDAP_DOMAIN=mr.robot.com
+
+COPY start.sh /start.sh
+
+ENTRYPOINT [ "/start.sh" ]
--- a/slapd/start.sh
+++ b/slapd/start.sh
@ -0,0 +1,34 @@
+#!/bin/bash
+set -e
+
+: LDAP_ROOTPASS=${LDAP_ROOTPASS}
+: LDAP_DOMAIN=${LDAP_DOMAIN}
+: LDAP_ORGANIZATION=${LDAP_ORGANIZATION}
+
+if [ ! -e /var/lib/ldap/docker_bootstrapped ]; then
+  echo "configuring slapd for first run"
+
+  cat <<EOF | debconf-set-selections
+slapd slapd/internal/generated_adminpw password ${LDAP_ROOTPASS}
+slapd slapd/internal/adminpw password ${LDAP_ROOTPASS}
+slapd slapd/password2 password ${LDAP_ROOTPASS}
+slapd slapd/password1 password ${LDAP_ROOTPASS}
+slapd slapd/dump_database_destdir string /var/backups/slapd-VERSION
+slapd slapd/domain string ${LDAP_DOMAIN}
+slapd shared/organization string ${LDAP_ORGANIZATION}
+slapd slapd/backend string HDB
+slapd slapd/purge_database boolean true
+slapd slapd/move_old_database boolean true
+slapd slapd/allow_ldap_v2 boolean false
+slapd slapd/no_configuration boolean false
+slapd slapd/dump_database select when needed
+EOF
+
+  dpkg-reconfigure -f noninteractive slapd
+
+  touch /var/lib/ldap/docker_bootstrapped
+else
+  echo "found already-configured slapd"
+fi
+
+exec /usr/sbin/slapd -h "ldap:///" -u openldap -g openldap -d 0