Add all backends and overlays, configure dynlist, enhancements to startup to allow schema modification

docker/Dockerfile

@@ -6,7 +6,8 @@ FROM alpine
 # Change to http respositories, so they we can cache the install packages
 RUN if [ -n ${HTTP_PROXY} ] ; then sed -i -e s'/https/http/' /etc/apk/repositories; fi
 
-RUN apk add --no-cache bash openldap openldap-back-mdb openldap-clients openldap-overlay-syncprov openldap-overlay-accesslog
+RUN apk add --no-cache bash openldap openldap-backend-all openldap-clients openldap-overlay-all \
+  openldap-passwd-argon2 openldap-passwd-pbkdf2 openldap-passwd-sha2
 
 ADD schema /etc/openldap/schema/custom
 ADD tls /etc/openldap/tls
@@ -16,11 +17,13 @@ RUN sed -i -e 's/dc=my-domain,dc=com/c=AU/' /etc/openldap/slapd.ldif \
 	&& mv /var/lib/openldap/openldap-data /var/lib/openldap/data \
 	&& mkdir /etc/openldap/slapd.d /etc/openldap/schema/add.d /etc/openldap/schema/modify.d /etc/openldap/schema/data.d \
 	&& ln -s ../misc.ldif /etc/openldap/schema/add.d/01-misc.ldif \
+	&& ln -s ../dyngroup.ldif /etc/openldap/schema/add.d/01-dyngroup.ldif \
 	&& ln -s ../custom/samba.ldif /etc/openldap/schema/add.d/02-samba.ldif \
 	&& ln -s ../custom/wurley.ldif /etc/openldap/schema/add.d/10-wurley.ldif \
-	&& ln -s ../custom/syncprov-enable.ldif /etc/openldap/schema/modify.d/20-syncprov-enable.ldif \
+	&& ln -s ../custom/modules-enable.ldif /etc/openldap/schema/modify.d/20-modules-enable.ldif \
 	&& ln -s ../custom/syncprov-options.ldif /etc/openldap/schema/modify.d/21-syncprov-options.ldif \
 	&& ln -s ../custom/syncprov-index.ldif /etc/openldap/schema/modify.d/22-syncprov-index.ldif \
+	&& ln -s ../custom/dynlist-options.ldif /etc/openldap/schema/modify.d/23-dynlist-options.ldif \
 	&& ln -s ../custom/certinfo.ldif /etc/openldap/schema/modify.d/23-certinfo.ldif \
 	&& ln -s ../custom/acl-schema.ldif /etc/openldap/schema/modify.d/90-acl-schema.ldif \
 	&& ln -s ../custom/acl-data.ldif /etc/openldap/schema/modify.d/91-acl-data.ldif \

docker/init-docker

@@ -10,11 +10,21 @@ SLAPD_DEBUG=${SLAPD_DEBUG:-0}
 SLAPD_URLS=${SLAPD_URLS:-"ldapi:/// ldap:/// ldaps:///"}
 SLAPD_OPTIONS="${SLAPD_OPTIONS} -d ${SLAPD_DEBUG}"
 SLAPD_SCHEMA_BASE=${SLAPD_SCHEMA_BASE:-"/etc/openldap/schema"}
+SLAPD_DBS=${SLAPD_DBS:-10}
 
 SLAPD_CUSTOM_BASES=${SLAPD_CUSTOM_BASES:-"/ldap/bases"}
 SLAPD_CUSTOM_SCHEMA=${SLAPD_CUSTOM_SCHEMA:-"/ldap/schema"}
 SLAPD_CUSTOM_DATA=${SLAPD_CUSTOM_DATA:-"/ldap/data"}
 
+# The flow of activity when a DB doesnt exist
+# * items in SLAPD_CUSTOM_SCHEMA/[add|modify] are queued for inclusion in SLAPD_SCHEMA_BASE/[add.d|modify.d]
+# * items in SLAPD_CUSTOM_DATA are queued for inclusion in SLAPD_SCHEMA_BASE/data.d
+# * items in SLAPD_CUSTOM_BASES are slapadd'ed to the server
+# * items in SLAPD_SCHEMA_BASE/add.d are slapadd'ed to the server
+# * items in SLAPD_SCHEMA_BASE/modify.d are slapmodify'ed to the server
+# * items in SLAPD_SCHEMA_BASE/data.d/ are combined (first 2 chars are DB id) and slapadd'ed to the server
+
+
 function stop {
 	echo "Stopping ${NAME}"
 	kill $(pidof slapd)
@@ -41,11 +51,18 @@ if [ -z "$@" ]; then
 
 		# Check if we have any custom schema to add
 		[ -d ${SLAPD_SCHEMA_BASE}/add.d ] || mkdir ${SLAPD_SCHEMA_BASE}/add.d
+		[ -d ${SLAPD_SCHEMA_BASE}/modify.d ] || mkdir ${SLAPD_SCHEMA_BASE}/modify.d
+
 		if [ -d ${SLAPD_CUSTOM_SCHEMA} ]; then
-			for f in ${SLAPD_CUSTOM_SCHEMA}/*.ldif; do
-				echo "- Adding SCHEMA item [${f}]"
-				ln -s ${f} ${SLAPD_SCHEMA_BASE}/add.d
-			done
+                        for f in ${SLAPD_CUSTOM_SCHEMA}/add/*.ldif; do
+                                echo "- Adding SCHEMA item [${f}]"
+                                ln -s ${f} ${SLAPD_SCHEMA_BASE}/add.d
+                        done
+
+                        for f in ${SLAPD_CUSTOM_SCHEMA}/modify/*.ldif; do
+                                echo "- Modify SCHEMA item [${f}]"
+                                ln -s ${f} ${SLAPD_SCHEMA_BASE}/modify.d
+                        done
 		fi
 
 		# Check if we have any custom data to add
@@ -79,9 +96,12 @@ if [ -z "$@" ]; then
 		shopt -u nullglob
 
 		# Add custom data definitions
-		for i in 01 03 04 05 06 07; do
-			ls -al ${SLAPD_SCHEMA_BASE}/data.d/${i}-* >/dev/null 2>&1 || continue
+		for i in $(seq -w 0 ${SLAPD_DBS}); do
 			echo "- Processing DATABASE item(s) for DB [${i}]"
+			if ! ls -al ${SLAPD_SCHEMA_BASE}/data.d/${i}-* >/dev/null 2>&1; then
+				echo "  - Nothing to process"
+				continue
+			fi
 			cat ${SLAPD_SCHEMA_BASE}/data.d/${i}-* | slapadd -n ${i}
 		done
 

schema/dynlist-options.ldif

@@ -0,0 +1,11 @@
+dn: olcOverlay=dynlist,olcDatabase={1}mdb,cn=config
+changetype: add
+objectClass: olcOverlayConfig
+objectClass: olcDynListConfig
+olcOverlay: dynlist
+olcDynListAttrSet: nisMailAlias labeledURI
+#olcDynListAttrSet: groupOfURLs memberURL memberOf
+#olcDynListAttrSet: groupOfURLs memberURL member+dgMemberOf
+#olcDynListAttrSet: groupOfURLs memberURL member
+#olcDynListAttrSet: groupOfURLs memberURL member
+#olcDynListAttrSet: groupOfURLs labeledURI member

schema/modules-enable.ldif

@@ -3,3 +3,4 @@ changetype: modify
 add: olcModuleLoad
 olcModuleLoad: syncprov.so
 olcModuleLoad: accesslog.so
+olcModuleLoad: dynlist.so