Add all backends and overlays, configure dynlist, enhancements to startup to allow schema modification
This commit is contained in:
parent
95f1cf6cd1
commit
086a28bb33
@ -6,7 +6,8 @@ FROM alpine
|
||||
# Change to http respositories, so they we can cache the install packages
|
||||
RUN if [ -n ${HTTP_PROXY} ] ; then sed -i -e s'/https/http/' /etc/apk/repositories; fi
|
||||
|
||||
RUN apk add --no-cache bash openldap openldap-back-mdb openldap-clients openldap-overlay-syncprov openldap-overlay-accesslog
|
||||
RUN apk add --no-cache bash openldap openldap-backend-all openldap-clients openldap-overlay-all \
|
||||
openldap-passwd-argon2 openldap-passwd-pbkdf2 openldap-passwd-sha2
|
||||
|
||||
ADD schema /etc/openldap/schema/custom
|
||||
ADD tls /etc/openldap/tls
|
||||
@ -16,11 +17,13 @@ RUN sed -i -e 's/dc=my-domain,dc=com/c=AU/' /etc/openldap/slapd.ldif \
|
||||
&& mv /var/lib/openldap/openldap-data /var/lib/openldap/data \
|
||||
&& mkdir /etc/openldap/slapd.d /etc/openldap/schema/add.d /etc/openldap/schema/modify.d /etc/openldap/schema/data.d \
|
||||
&& ln -s ../misc.ldif /etc/openldap/schema/add.d/01-misc.ldif \
|
||||
&& ln -s ../dyngroup.ldif /etc/openldap/schema/add.d/01-dyngroup.ldif \
|
||||
&& ln -s ../custom/samba.ldif /etc/openldap/schema/add.d/02-samba.ldif \
|
||||
&& ln -s ../custom/wurley.ldif /etc/openldap/schema/add.d/10-wurley.ldif \
|
||||
&& ln -s ../custom/syncprov-enable.ldif /etc/openldap/schema/modify.d/20-syncprov-enable.ldif \
|
||||
&& ln -s ../custom/modules-enable.ldif /etc/openldap/schema/modify.d/20-modules-enable.ldif \
|
||||
&& ln -s ../custom/syncprov-options.ldif /etc/openldap/schema/modify.d/21-syncprov-options.ldif \
|
||||
&& ln -s ../custom/syncprov-index.ldif /etc/openldap/schema/modify.d/22-syncprov-index.ldif \
|
||||
&& ln -s ../custom/dynlist-options.ldif /etc/openldap/schema/modify.d/23-dynlist-options.ldif \
|
||||
&& ln -s ../custom/certinfo.ldif /etc/openldap/schema/modify.d/23-certinfo.ldif \
|
||||
&& ln -s ../custom/acl-schema.ldif /etc/openldap/schema/modify.d/90-acl-schema.ldif \
|
||||
&& ln -s ../custom/acl-data.ldif /etc/openldap/schema/modify.d/91-acl-data.ldif \
|
||||
|
@ -10,11 +10,21 @@ SLAPD_DEBUG=${SLAPD_DEBUG:-0}
|
||||
SLAPD_URLS=${SLAPD_URLS:-"ldapi:/// ldap:/// ldaps:///"}
|
||||
SLAPD_OPTIONS="${SLAPD_OPTIONS} -d ${SLAPD_DEBUG}"
|
||||
SLAPD_SCHEMA_BASE=${SLAPD_SCHEMA_BASE:-"/etc/openldap/schema"}
|
||||
SLAPD_DBS=${SLAPD_DBS:-10}
|
||||
|
||||
SLAPD_CUSTOM_BASES=${SLAPD_CUSTOM_BASES:-"/ldap/bases"}
|
||||
SLAPD_CUSTOM_SCHEMA=${SLAPD_CUSTOM_SCHEMA:-"/ldap/schema"}
|
||||
SLAPD_CUSTOM_DATA=${SLAPD_CUSTOM_DATA:-"/ldap/data"}
|
||||
|
||||
# The flow of activity when a DB doesnt exist
|
||||
# * items in SLAPD_CUSTOM_SCHEMA/[add|modify] are queued for inclusion in SLAPD_SCHEMA_BASE/[add.d|modify.d]
|
||||
# * items in SLAPD_CUSTOM_DATA are queued for inclusion in SLAPD_SCHEMA_BASE/data.d
|
||||
# * items in SLAPD_CUSTOM_BASES are slapadd'ed to the server
|
||||
# * items in SLAPD_SCHEMA_BASE/add.d are slapadd'ed to the server
|
||||
# * items in SLAPD_SCHEMA_BASE/modify.d are slapmodify'ed to the server
|
||||
# * items in SLAPD_SCHEMA_BASE/data.d/ are combined (first 2 chars are DB id) and slapadd'ed to the server
|
||||
|
||||
|
||||
function stop {
|
||||
echo "Stopping ${NAME}"
|
||||
kill $(pidof slapd)
|
||||
@ -41,11 +51,18 @@ if [ -z "$@" ]; then
|
||||
|
||||
# Check if we have any custom schema to add
|
||||
[ -d ${SLAPD_SCHEMA_BASE}/add.d ] || mkdir ${SLAPD_SCHEMA_BASE}/add.d
|
||||
[ -d ${SLAPD_SCHEMA_BASE}/modify.d ] || mkdir ${SLAPD_SCHEMA_BASE}/modify.d
|
||||
|
||||
if [ -d ${SLAPD_CUSTOM_SCHEMA} ]; then
|
||||
for f in ${SLAPD_CUSTOM_SCHEMA}/*.ldif; do
|
||||
echo "- Adding SCHEMA item [${f}]"
|
||||
ln -s ${f} ${SLAPD_SCHEMA_BASE}/add.d
|
||||
done
|
||||
for f in ${SLAPD_CUSTOM_SCHEMA}/add/*.ldif; do
|
||||
echo "- Adding SCHEMA item [${f}]"
|
||||
ln -s ${f} ${SLAPD_SCHEMA_BASE}/add.d
|
||||
done
|
||||
|
||||
for f in ${SLAPD_CUSTOM_SCHEMA}/modify/*.ldif; do
|
||||
echo "- Modify SCHEMA item [${f}]"
|
||||
ln -s ${f} ${SLAPD_SCHEMA_BASE}/modify.d
|
||||
done
|
||||
fi
|
||||
|
||||
# Check if we have any custom data to add
|
||||
@ -79,9 +96,12 @@ if [ -z "$@" ]; then
|
||||
shopt -u nullglob
|
||||
|
||||
# Add custom data definitions
|
||||
for i in 01 03 04 05 06 07; do
|
||||
ls -al ${SLAPD_SCHEMA_BASE}/data.d/${i}-* >/dev/null 2>&1 || continue
|
||||
for i in $(seq -w 0 ${SLAPD_DBS}); do
|
||||
echo "- Processing DATABASE item(s) for DB [${i}]"
|
||||
if ! ls -al ${SLAPD_SCHEMA_BASE}/data.d/${i}-* >/dev/null 2>&1; then
|
||||
echo " - Nothing to process"
|
||||
continue
|
||||
fi
|
||||
cat ${SLAPD_SCHEMA_BASE}/data.d/${i}-* | slapadd -n ${i}
|
||||
done
|
||||
|
||||
|
11
schema/dynlist-options.ldif
Normal file
11
schema/dynlist-options.ldif
Normal file
@ -0,0 +1,11 @@
|
||||
dn: olcOverlay=dynlist,olcDatabase={1}mdb,cn=config
|
||||
changetype: add
|
||||
objectClass: olcOverlayConfig
|
||||
objectClass: olcDynListConfig
|
||||
olcOverlay: dynlist
|
||||
olcDynListAttrSet: nisMailAlias labeledURI
|
||||
#olcDynListAttrSet: groupOfURLs memberURL memberOf
|
||||
#olcDynListAttrSet: groupOfURLs memberURL member+dgMemberOf
|
||||
#olcDynListAttrSet: groupOfURLs memberURL member
|
||||
#olcDynListAttrSet: groupOfURLs memberURL member
|
||||
#olcDynListAttrSet: groupOfURLs labeledURI member
|
@ -3,3 +3,4 @@ changetype: modify
|
||||
add: olcModuleLoad
|
||||
olcModuleLoad: syncprov.so
|
||||
olcModuleLoad: accesslog.so
|
||||
olcModuleLoad: dynlist.so
|
Loading…
x
Reference in New Issue
Block a user