Loading .gitlab-ci.yml 0 → 100644 +46 −0 Original line number Diff line number Diff line --- image: adarnimrod/ci-images:docker stages: - test - build - run pre-commit: stage: test image: adarnimrod/ci-images:pre-commit variables: XDG_CACHE_HOME: "$CI_PROJECT_DIR/.cache" # Disabled until https://github.com/pre-commit/pre-commit/issues/1387 is # resolved. SKIP: "hadolint,docker-compose" script: - pre-commit run --all-files cache: paths: - .cache/ build: stage: build tags: ["host01.shore.co.il"] variables: # COMPOSE_DOCKER_CLI_BUILD: "1" # DOCKER_BUILDKIT: "1" script: - docker-compose build --no-cache --pull - docker-compose pull --quiet run: stage: run tags: ["host01.shore.co.il"] when: manual script: - docker-compose up --detach --remove-orphans # yamllint disable rule:line-length - | for i in $(seq 12) do docker container inspect --format '{{ .State.Health.Status }}' $(docker-compose ps -q) | grep -v '^healthy$' || break sleep 10 done ! docker container inspect --format '{{ .State.Health.Status }}' $(docker-compose ps -q) | grep -v '^healthy$' .pre-commit-config.yaml +8 −3 Original line number Diff line number Diff line Loading @@ -19,14 +19,19 @@ repos: hooks: - id: proselint types: [plain-text] exclude: LICENSE|requirements - repo: https://www.shore.co.il/git/shell-pre-commit/ exclude: LICENSE - repo: https://git.shore.co.il/nimrod/shell-pre-commit.git/ rev: v0.6.0 hooks: - id: shell-lint - id: shellcheck - repo: https://www.shore.co.il/git/docker-pre-commit - repo: https://git.shore.co.il/nimrod/docker-pre-commit.git/ rev: v0.3.0 hooks: - id: hadolint - id: docker-compose - repo: https://github.com/Yelp/detect-secrets rev: v0.13.0 hooks: - id: detect-secrets exclude: \.diff$ docker-compose.yml +21 −24 Original line number Diff line number Diff line Loading @@ -10,53 +10,50 @@ services: ldap: build: cache_from: - adarnimrod/slapd context: slapd/ domainname: "${LDAP_HOSTNAME:-ldap}.${LDAP_DOMAIN:-nowhere.com}" environment: LDAP_ROOTPASS: &password "${LDAP_ROOTPASS:-foo}" LDAP_DOMAIN: "${LDAP_DOMAIN:-nowhere.com}" LDAP_ORGANIZATION: "${LDAP_ORGANIZATION:-none}" hostname: "${LDAP_HOSTNAME:-ldap}" LDAP_DOMAIN: "${LDAP_DOMAIN:-shore.co.il}" LDAP_ORGANIZATION: "${LDAP_ORGANIZATION:-shore}" #SLAPD_DEBUG_LEVEL: "any" SSL_DHPARAMS_FILE: /var/ssl/dhparams hostname: "${LDAP_HOSTNAME:-ldap}.${LDAP_DOMAIN:-shore.co.il}" image: adarnimrod/slapd restart: always volumes: - _run_slapd:/run/slapd - ldap:/var/lib/ldap - backup_ldap:/var/backups/ldap nss-pam-ldapd: build: context: nss-pam-ldapd/ command: /usr/sbin/nslcd --debug --nofork depends_on: - ldap environment: LDAP_BASE_DN: &base_dn "${LDAP_BASE_DN:-dc=nowhere,dc=com}" volumes: - _run_slapd:/run/slapd - /var/ssl/dhparams:/var/ssl/dhparams:ro ldap-account-manager: build: cache_from: - adarnimrod/ldap-account-manager context: ldap-account-manager/ depends_on: - ldap environment: LAM_PASSWORD: *password LDAP_ADMIN_DN: "cn=admin,${LDAP_BASE_DN:-dc=nowhere,dc=com}" LDAP_BASE_DN: *base_dn LAM_PASSWORD: *password # pragma: allowlist secret LDAP_ADMIN_DN: "cn=admin,${LDAP_BASE_DN:-dc=shore,dc=co,dc=il}" LDAP_BASE_DN: &base_dn "${LDAP_BASE_DN:-dc=shore,dc=co,dc=il}" image: adarnimrod/ldap-account-manager ports: - 80:80 restart: always volumes: - _run_slapd:/run/slapd # nss-pam-ldapd: # build: # context: nss-pam-ldapd/ # command: /usr/sbin/nslcd --debug --nofork # depends_on: # - ldap # environment: # LDAP_BASE_DN: *base_dn # volumes: # - _run_slapd:/run/slapd volumes: _run_slapd: name: run_slapd ldap: backup_ldap: labels: Loading ldap-account-manager/Dockerfile +2 −4 Original line number Diff line number Diff line FROM debian:sid-slim FROM debian:bullseye-slim # hadolint ignore=DL3008 RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ Loading @@ -15,7 +15,6 @@ RUN apt-get update && \ a2enmod status && \ ln -sf /dev/stdout /var/log/apache2/access.log && \ ln -sf /dev/stderr /var/log/apache2/error.log && \ ln -sf /dev/stdout /var/log/apache2/lam.log && \ ln -sf /dev/stdout /var/log/apache2/other_vhosts_access.log && \ rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/* ENV APACHE_RUN_DIR=/run/apache2 \ Loading @@ -28,8 +27,7 @@ COPY --chown=root:root entrypoint /usr/local/bin/ COPY --chown=root:root lam-setpass /usr/local/bin/ RUN patch --strip 0 --verbose --directory / --input /root/patch.diff && \ apache2 -t ENV LDAP_URI=ldapi:/// \ LAM_PASSWORD=lam ENV LDAP_URI=ldapi:/// EXPOSE 80 USER "www-data" WORKDIR /var/www Loading ldap-account-manager/README.md +1 −1 Original line number Diff line number Diff line Loading @@ -6,7 +6,7 @@ Name | Description | Default value --- | --- | --- `LAM_PASSWORD` | Password for administrating LAM | `lam` `LAM_PASSWORD` | Password for administering LAM | `lam` `LDAP_URI` | URI of the LDAP service | `ldapi:///` `LDAP_ADMIN_DN` | DN of the admin account `LDAP_BASE_DN` | Base DN Loading Loading
.gitlab-ci.yml 0 → 100644 +46 −0 Original line number Diff line number Diff line --- image: adarnimrod/ci-images:docker stages: - test - build - run pre-commit: stage: test image: adarnimrod/ci-images:pre-commit variables: XDG_CACHE_HOME: "$CI_PROJECT_DIR/.cache" # Disabled until https://github.com/pre-commit/pre-commit/issues/1387 is # resolved. SKIP: "hadolint,docker-compose" script: - pre-commit run --all-files cache: paths: - .cache/ build: stage: build tags: ["host01.shore.co.il"] variables: # COMPOSE_DOCKER_CLI_BUILD: "1" # DOCKER_BUILDKIT: "1" script: - docker-compose build --no-cache --pull - docker-compose pull --quiet run: stage: run tags: ["host01.shore.co.il"] when: manual script: - docker-compose up --detach --remove-orphans # yamllint disable rule:line-length - | for i in $(seq 12) do docker container inspect --format '{{ .State.Health.Status }}' $(docker-compose ps -q) | grep -v '^healthy$' || break sleep 10 done ! docker container inspect --format '{{ .State.Health.Status }}' $(docker-compose ps -q) | grep -v '^healthy$'
.pre-commit-config.yaml +8 −3 Original line number Diff line number Diff line Loading @@ -19,14 +19,19 @@ repos: hooks: - id: proselint types: [plain-text] exclude: LICENSE|requirements - repo: https://www.shore.co.il/git/shell-pre-commit/ exclude: LICENSE - repo: https://git.shore.co.il/nimrod/shell-pre-commit.git/ rev: v0.6.0 hooks: - id: shell-lint - id: shellcheck - repo: https://www.shore.co.il/git/docker-pre-commit - repo: https://git.shore.co.il/nimrod/docker-pre-commit.git/ rev: v0.3.0 hooks: - id: hadolint - id: docker-compose - repo: https://github.com/Yelp/detect-secrets rev: v0.13.0 hooks: - id: detect-secrets exclude: \.diff$
docker-compose.yml +21 −24 Original line number Diff line number Diff line Loading @@ -10,53 +10,50 @@ services: ldap: build: cache_from: - adarnimrod/slapd context: slapd/ domainname: "${LDAP_HOSTNAME:-ldap}.${LDAP_DOMAIN:-nowhere.com}" environment: LDAP_ROOTPASS: &password "${LDAP_ROOTPASS:-foo}" LDAP_DOMAIN: "${LDAP_DOMAIN:-nowhere.com}" LDAP_ORGANIZATION: "${LDAP_ORGANIZATION:-none}" hostname: "${LDAP_HOSTNAME:-ldap}" LDAP_DOMAIN: "${LDAP_DOMAIN:-shore.co.il}" LDAP_ORGANIZATION: "${LDAP_ORGANIZATION:-shore}" #SLAPD_DEBUG_LEVEL: "any" SSL_DHPARAMS_FILE: /var/ssl/dhparams hostname: "${LDAP_HOSTNAME:-ldap}.${LDAP_DOMAIN:-shore.co.il}" image: adarnimrod/slapd restart: always volumes: - _run_slapd:/run/slapd - ldap:/var/lib/ldap - backup_ldap:/var/backups/ldap nss-pam-ldapd: build: context: nss-pam-ldapd/ command: /usr/sbin/nslcd --debug --nofork depends_on: - ldap environment: LDAP_BASE_DN: &base_dn "${LDAP_BASE_DN:-dc=nowhere,dc=com}" volumes: - _run_slapd:/run/slapd - /var/ssl/dhparams:/var/ssl/dhparams:ro ldap-account-manager: build: cache_from: - adarnimrod/ldap-account-manager context: ldap-account-manager/ depends_on: - ldap environment: LAM_PASSWORD: *password LDAP_ADMIN_DN: "cn=admin,${LDAP_BASE_DN:-dc=nowhere,dc=com}" LDAP_BASE_DN: *base_dn LAM_PASSWORD: *password # pragma: allowlist secret LDAP_ADMIN_DN: "cn=admin,${LDAP_BASE_DN:-dc=shore,dc=co,dc=il}" LDAP_BASE_DN: &base_dn "${LDAP_BASE_DN:-dc=shore,dc=co,dc=il}" image: adarnimrod/ldap-account-manager ports: - 80:80 restart: always volumes: - _run_slapd:/run/slapd # nss-pam-ldapd: # build: # context: nss-pam-ldapd/ # command: /usr/sbin/nslcd --debug --nofork # depends_on: # - ldap # environment: # LDAP_BASE_DN: *base_dn # volumes: # - _run_slapd:/run/slapd volumes: _run_slapd: name: run_slapd ldap: backup_ldap: labels: Loading
ldap-account-manager/Dockerfile +2 −4 Original line number Diff line number Diff line FROM debian:sid-slim FROM debian:bullseye-slim # hadolint ignore=DL3008 RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ Loading @@ -15,7 +15,6 @@ RUN apt-get update && \ a2enmod status && \ ln -sf /dev/stdout /var/log/apache2/access.log && \ ln -sf /dev/stderr /var/log/apache2/error.log && \ ln -sf /dev/stdout /var/log/apache2/lam.log && \ ln -sf /dev/stdout /var/log/apache2/other_vhosts_access.log && \ rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/* ENV APACHE_RUN_DIR=/run/apache2 \ Loading @@ -28,8 +27,7 @@ COPY --chown=root:root entrypoint /usr/local/bin/ COPY --chown=root:root lam-setpass /usr/local/bin/ RUN patch --strip 0 --verbose --directory / --input /root/patch.diff && \ apache2 -t ENV LDAP_URI=ldapi:/// \ LAM_PASSWORD=lam ENV LDAP_URI=ldapi:/// EXPOSE 80 USER "www-data" WORKDIR /var/www Loading
ldap-account-manager/README.md +1 −1 Original line number Diff line number Diff line Loading @@ -6,7 +6,7 @@ Name | Description | Default value --- | --- | --- `LAM_PASSWORD` | Password for administrating LAM | `lam` `LAM_PASSWORD` | Password for administering LAM | `lam` `LDAP_URI` | URI of the LDAP service | `ldapi:///` `LDAP_ADMIN_DN` | DN of the admin account `LDAP_BASE_DN` | Base DN Loading