sed should be -i -e, not -ie, added TLS configuration

This commit is contained in:
Deon George 2023-05-17 20:49:10 +10:00
parent 3f4be4084c
commit a54183b4be
2 changed files with 16 additions and 4 deletions

View File

@ -4,13 +4,13 @@
FROM alpine FROM alpine
# Change to http respositories, so they we can cache the install packages # Change to http respositories, so they we can cache the install packages
RUN if [ -n ${HTTP_PROXY} ] ; then sed -ie s'/https/http/' /etc/apk/repositories; fi RUN if [ -n ${HTTP_PROXY} ] ; then sed -i -e s'/https/http/' /etc/apk/repositories; fi
RUN apk add --no-cache bash openldap openldap-back-mdb openldap-clients RUN apk add --no-cache bash openldap openldap-back-mdb openldap-clients
ADD acl.ldif samba.ldif wurley.ldif /etc/openldap/schema/ ADD acl.ldif samba.ldif wurley.ldif /etc/openldap/schema/
RUN sed -ie 's/dc=my-domain,dc=com/c=AU/' /etc/openldap/slapd.ldif \ RUN sed -i -e 's/dc=my-domain,dc=com/c=AU/' /etc/openldap/slapd.ldif \
&& sed -ie 's/openldap-data/data/' /etc/openldap/slapd.ldif \ && sed -i -e 's/openldap-data/data/' /etc/openldap/slapd.ldif \
&& mv /var/lib/openldap/openldap-data /var/lib/openldap/data \ && mv /var/lib/openldap/openldap-data /var/lib/openldap/data \
&& mkdir /etc/openldap/slapd.d \ && mkdir /etc/openldap/slapd.d \
&& slapadd -n 0 -F /etc/openldap/slapd.d -l /etc/openldap/slapd.ldif \ && slapadd -n 0 -F /etc/openldap/slapd.d -l /etc/openldap/slapd.ldif \
@ -20,7 +20,10 @@ RUN sed -ie 's/dc=my-domain,dc=com/c=AU/' /etc/openldap/slapd.ldif \
&& slapmodify -b cn=config -l /etc/openldap/schema/acl.ldif \ && slapmodify -b cn=config -l /etc/openldap/schema/acl.ldif \
&& chown -R ldap:ldap /etc/openldap/slapd.d /var/lib/openldap/data && chown -R ldap:ldap /etc/openldap/slapd.d /var/lib/openldap/data
ADD certinfo.ldif /etc/openldap/
RUN slapmodify -b cn=config -l /etc/openldap/certinfo.ldif
# Starting # Starting
ENTRYPOINT [ "/usr/sbin/slapd" ] ENTRYPOINT [ "/usr/sbin/slapd" ]
CMD [ "-u","ldap","-h","ldap:/// ldaps:///","-d","256" ] CMD [ "-u","ldap","-h","ldapi:/// ldap:/// ldaps:///","-d","256" ]
EXPOSE 389 636 EXPOSE 389 636

9
certinfo.ldif Normal file
View File

@ -0,0 +1,9 @@
dn: cn=config
add: olcTLSCACertificateFile
olcTLSCACertificateFile: /etc/openldap/tls/ldap-ca.crts
-
add: olcTLSCertificateFile
olcTLSCertificateFile: /etc/openldap/tls/ldap-server.crt
-
add: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/openldap/tls/ldap-server.key