Add all backends and overlays, configure dynlist, enhancements to startup to allow schema modification
All checks were successful
Create Docker Image / Build Docker Image (x86_64) (push) Successful in 18s
Create Docker Image / Build Docker Image (arm64) (push) Successful in 44s
Create Docker Image / Final Docker Image Manifest (push) Successful in 8s

This commit is contained in:
Deon George 2025-03-20 11:19:50 +11:00
parent 95f1cf6cd1
commit 086a28bb33
4 changed files with 43 additions and 8 deletions

View File

@ -6,7 +6,8 @@ FROM alpine
# Change to http respositories, so they we can cache the install packages
RUN if [ -n ${HTTP_PROXY} ] ; then sed -i -e s'/https/http/' /etc/apk/repositories; fi
RUN apk add --no-cache bash openldap openldap-back-mdb openldap-clients openldap-overlay-syncprov openldap-overlay-accesslog
RUN apk add --no-cache bash openldap openldap-backend-all openldap-clients openldap-overlay-all \
openldap-passwd-argon2 openldap-passwd-pbkdf2 openldap-passwd-sha2
ADD schema /etc/openldap/schema/custom
ADD tls /etc/openldap/tls
@ -16,11 +17,13 @@ RUN sed -i -e 's/dc=my-domain,dc=com/c=AU/' /etc/openldap/slapd.ldif \
&& mv /var/lib/openldap/openldap-data /var/lib/openldap/data \
&& mkdir /etc/openldap/slapd.d /etc/openldap/schema/add.d /etc/openldap/schema/modify.d /etc/openldap/schema/data.d \
&& ln -s ../misc.ldif /etc/openldap/schema/add.d/01-misc.ldif \
&& ln -s ../dyngroup.ldif /etc/openldap/schema/add.d/01-dyngroup.ldif \
&& ln -s ../custom/samba.ldif /etc/openldap/schema/add.d/02-samba.ldif \
&& ln -s ../custom/wurley.ldif /etc/openldap/schema/add.d/10-wurley.ldif \
&& ln -s ../custom/syncprov-enable.ldif /etc/openldap/schema/modify.d/20-syncprov-enable.ldif \
&& ln -s ../custom/modules-enable.ldif /etc/openldap/schema/modify.d/20-modules-enable.ldif \
&& ln -s ../custom/syncprov-options.ldif /etc/openldap/schema/modify.d/21-syncprov-options.ldif \
&& ln -s ../custom/syncprov-index.ldif /etc/openldap/schema/modify.d/22-syncprov-index.ldif \
&& ln -s ../custom/dynlist-options.ldif /etc/openldap/schema/modify.d/23-dynlist-options.ldif \
&& ln -s ../custom/certinfo.ldif /etc/openldap/schema/modify.d/23-certinfo.ldif \
&& ln -s ../custom/acl-schema.ldif /etc/openldap/schema/modify.d/90-acl-schema.ldif \
&& ln -s ../custom/acl-data.ldif /etc/openldap/schema/modify.d/91-acl-data.ldif \

View File

@ -10,11 +10,21 @@ SLAPD_DEBUG=${SLAPD_DEBUG:-0}
SLAPD_URLS=${SLAPD_URLS:-"ldapi:/// ldap:/// ldaps:///"}
SLAPD_OPTIONS="${SLAPD_OPTIONS} -d ${SLAPD_DEBUG}"
SLAPD_SCHEMA_BASE=${SLAPD_SCHEMA_BASE:-"/etc/openldap/schema"}
SLAPD_DBS=${SLAPD_DBS:-10}
SLAPD_CUSTOM_BASES=${SLAPD_CUSTOM_BASES:-"/ldap/bases"}
SLAPD_CUSTOM_SCHEMA=${SLAPD_CUSTOM_SCHEMA:-"/ldap/schema"}
SLAPD_CUSTOM_DATA=${SLAPD_CUSTOM_DATA:-"/ldap/data"}
# The flow of activity when a DB doesnt exist
# * items in SLAPD_CUSTOM_SCHEMA/[add|modify] are queued for inclusion in SLAPD_SCHEMA_BASE/[add.d|modify.d]
# * items in SLAPD_CUSTOM_DATA are queued for inclusion in SLAPD_SCHEMA_BASE/data.d
# * items in SLAPD_CUSTOM_BASES are slapadd'ed to the server
# * items in SLAPD_SCHEMA_BASE/add.d are slapadd'ed to the server
# * items in SLAPD_SCHEMA_BASE/modify.d are slapmodify'ed to the server
# * items in SLAPD_SCHEMA_BASE/data.d/ are combined (first 2 chars are DB id) and slapadd'ed to the server
function stop {
echo "Stopping ${NAME}"
kill $(pidof slapd)
@ -41,11 +51,18 @@ if [ -z "$@" ]; then
# Check if we have any custom schema to add
[ -d ${SLAPD_SCHEMA_BASE}/add.d ] || mkdir ${SLAPD_SCHEMA_BASE}/add.d
[ -d ${SLAPD_SCHEMA_BASE}/modify.d ] || mkdir ${SLAPD_SCHEMA_BASE}/modify.d
if [ -d ${SLAPD_CUSTOM_SCHEMA} ]; then
for f in ${SLAPD_CUSTOM_SCHEMA}/*.ldif; do
echo "- Adding SCHEMA item [${f}]"
ln -s ${f} ${SLAPD_SCHEMA_BASE}/add.d
done
for f in ${SLAPD_CUSTOM_SCHEMA}/add/*.ldif; do
echo "- Adding SCHEMA item [${f}]"
ln -s ${f} ${SLAPD_SCHEMA_BASE}/add.d
done
for f in ${SLAPD_CUSTOM_SCHEMA}/modify/*.ldif; do
echo "- Modify SCHEMA item [${f}]"
ln -s ${f} ${SLAPD_SCHEMA_BASE}/modify.d
done
fi
# Check if we have any custom data to add
@ -79,9 +96,12 @@ if [ -z "$@" ]; then
shopt -u nullglob
# Add custom data definitions
for i in 01 03 04 05 06 07; do
ls -al ${SLAPD_SCHEMA_BASE}/data.d/${i}-* >/dev/null 2>&1 || continue
for i in $(seq -w 0 ${SLAPD_DBS}); do
echo "- Processing DATABASE item(s) for DB [${i}]"
if ! ls -al ${SLAPD_SCHEMA_BASE}/data.d/${i}-* >/dev/null 2>&1; then
echo " - Nothing to process"
continue
fi
cat ${SLAPD_SCHEMA_BASE}/data.d/${i}-* | slapadd -n ${i}
done

View File

@ -0,0 +1,11 @@
dn: olcOverlay=dynlist,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcDynListConfig
olcOverlay: dynlist
olcDynListAttrSet: nisMailAlias labeledURI
#olcDynListAttrSet: groupOfURLs memberURL memberOf
#olcDynListAttrSet: groupOfURLs memberURL member+dgMemberOf
#olcDynListAttrSet: groupOfURLs memberURL member
#olcDynListAttrSet: groupOfURLs memberURL member
#olcDynListAttrSet: groupOfURLs labeledURI member

View File

@ -3,3 +3,4 @@ changetype: modify
add: olcModuleLoad
olcModuleLoad: syncprov.so
olcModuleLoad: accesslog.so
olcModuleLoad: dynlist.so