Working set.

5368a95a · nimrod · 451f2682 · 5368a95a · 5368a95a · 5368a95a
Commit 5368a95a authored 6 years ago by nimrod
--- a/.gitignore
+++ b/.gitignore
+~*
+*~
+*.sw[op]
+*.py[cod]
+.DS_Store
+__pycache__/
+.vagrant/
+vendor/
+Thumbs.db
+*.retry
+.svn/
+.sass-cache/
+*.log
+*.out
+*.so
+node_modules/
+.npm/
+nbproject/
+*.ipynb
+.idea/
+*.egg-info/
+*.[ao]
+.classpath
+.cache/
+bower_components/
+*.class
+*.[ewj]ar
+secring.*
+.*.kate-swp
+.swp.*
+.directory
+.Trash-*
+build/
+_build/
+dist/
+.tox/
+*.pdf
+*.exe
+*.dll
+*.gz
+*.tgz
+*.tar
+*.rar
+*.zip
+*.pid
+*.lock
+*.env
+.bundle/
--- a/LICENSE.txt
+++ b/LICENSE.txt
+MIT License
+Copyright (c) 2018 Adar Nimrod
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/README.md
+++ b/README.md
+# LDAP Docker
+> A dockerized OpenLDAP with phpLDAPadmin webui.
+## Requirements
+- Docker
+- Docker Compose
+## License
+This software is licensed under the MIT license (see `LICENSE.txt`).
+## Author Information
+Nimrod Adar, [contact me](mailto:nimrod@shore.co.il) or visit my [website](
+https://www.shore.co.il/). Patches are welcome via [`git send-email`](
+http://git-scm.com/book/en/v2/Git-Commands-Email). The repository is located
+at: <https://www.shore.co.il/git/>.
--- a/docker-compose.yml
+++ b/docker-compose.yml
+---
+version: '3'
+services:
+    slapd:
+        build:
+            context: slapd/
+        volumes:
+            - _run_ldap:/run/slapd
+            - ldap:/var/lib/ldap
+        environment:
+            LDAP_ROOTPASS: foo
+            LDAP_DOMAIN: nowhere.com
+            LDAP_ORGANIZATION: none
+    phpldapadmin:
+        build:
+            context: phpldapadmin/
+        links:
+            - slapd
+        volumes:
+            - _run_ldap:/run/slapd
+        environment:
+            PLA_HOST: ldapi://%2frun%2fslapd%2fldapi
+            PLA_BASE_DN: 'dc=nowhere,dc=com'
+            PLA_BIND_ID: 'cn=admin,dc=nowhere,dc=com'
+        ports:
+            - 80:80
+volumes:
+    _run_ldap:
+    ldap:
--- a/phpldapadmin/.dockerignore
+++ b/phpldapadmin/.dockerignore
+*.md
--- a/phpldapadmin/Dockerfile
+++ b/phpldapadmin/Dockerfile
+FROM alpine:3.8
+RUN apk add --update --no-cache phpldapadmin php5-apache2 && \
+    ln -sf /dev/stdout /var/log/apache2/access.log && \
+    ln -sf /dev/stderr /var/log/apache2/error.log && \
+    mkdir -p /run/apache2/
+COPY --chown=root:root config.php /usr/share/webapps/phpldapadmin/config/
+COPY --chown=root:root phpldapadmin.conf /etc/apache2/conf.d/
+CMD [ "httpd", "-DFOREGROUND" ]
+HEALTHCHECK CMD wget --spider --quiet http://localhost/htdocs/index.php || exit 1
--- a/phpldapadmin/README.md
+++ b/phpldapadmin/README.md
+# phpLDAPadmin
+> Dockerized phpLDAPadmin.
+## Environment variables
+Name | Default value
+--- | ---
+`PLA_NAME` | `LDAP server`
+`PLA_HOST` | `slapd`
+`PLA_PORT` | `389`
+`PLA_BASE` |
+`PLA_AUTH_TYPE` | `cookie`
+`PLA_BIND_ID` |
+`PLA_TLS` | `false`
--- a/phpldapadmin/config.php
+++ b/phpldapadmin/config.php
+<?php
+$servers = new Datastore();
+$servers->newServer('ldap_pla');
+$servers->setValue('server', 'name', getenv('PLA_NAME') ?: 'LDAP Server');
+$servers->setValue('server', 'host', getenv('PLA_HOST') ?: 'slapd');
+$servers->setValue('server', 'port', getenv('PLA_PORT') ?: '389');
+$servers->setValue('server', 'base', array(getenv('PLA_BASE_DN') ?: ''));
+$servers->setValue('login', 'auth_type', getenv('PLA_AUTH_TYPE') ?: 'cookie');
+$servers->setValue('login', 'bind_id', getenv('PLA_BIND_ID') ?: '');
+$servers->setValue('server', 'tls', strtolower(getenv('PLA_TLS') ?: 'false') == 'true');
+?>
--- a/phpldapadmin/phpldapadmin.conf
+++ b/phpldapadmin/phpldapadmin.conf
+<VirtualHost _default_:80>
+    DocumentRoot /usr/share/webapps/phpldapadmin/
+</VirtualHost>
+<Directory /usr/share/webapps/phpldapadmin/>
+    DirectoryIndex index.php
+    Options +FollowSymLinks
+    AllowOverride None
+    Require all granted
+    <IfModule mod_mime.c>
+      <IfModule mod_php5.c>
+        AddType application/x-httpd-php .php
+        php_flag magic_quotes_gpc Off
+        php_flag track_vars On
+        php_flag register_globals Off
+        php_value include_path .
+      </IfModule>
+      <IfModule !mod_php5.c>
+        <IfModule mod_actions.c>
+          <IfModule mod_cgi.c>
+            AddType application/x-httpd-php .php
+            Action application/x-httpd-php /cgi-bin/php5
+          </IfModule>
+          <IfModule mod_cgid.c>
+            AddType application/x-httpd-php .php
+            Action application/x-httpd-php /cgi-bin/php5
+           </IfModule>
+        </IfModule>
+      </IfModule>
+    </IfModule>
+</Directory>
--- a/slapd/.dockerignore
+++ b/slapd/.dockerignore
+*.md
--- a/slapd/Dockerfile
+++ b/slapd/Dockerfile
+FROM debian:stretch-slim
+RUN apt-get update && \
+    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
+        gnutls-bin \
+        ldap-utils \
+        slapd \
+    && \
+    mkdir -p /run/slapd && \
+    rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/*
+COPY entrypoint /
+EXPOSE 389
+VOLUME [ "/var/lib/ldap" ]
+ENV LDAP_URLS="ldap:/// ldapi:/// ldaps:///"
+ENTRYPOINT [ "/entrypoint" ]
+CMD [ "slapd", "-F", "/etc/ldap/slapd.d", "-u", "openldap", "-g", "openldap", "-h", "\"$LDAP_URLS\"", "-d", "NONE" ]
+HEALTHCHECK CMD ldapsearch -b cn=config -H ldapi:/// > /dev/null || exit 1
--- a/slapd/README.md
+++ b/slapd/README.md
+# slapd
+> Dockerized OpenLDAP daemon.
+## Environment variables
+Name | Description | Default value
+--- | --- | ---
+`LDAP_URLS` | List of URLs to serve. | `ldap:/// ldapi:/// ldaps:///`
+`LDAP_ROOTPASS` | Root password.
+`LDAP_DOMAIN` | Domain.
+`LDAP_ORGANIZATION` | Organization.
+## Persistence
+The database is at `/var/lib/ldap`.
--- a/slapd/entrypoint
+++ b/slapd/entrypoint
+#!/bin/sh
+set -eux
+chown -R openldap:openldap /run/slapd
+chown -R openldap:openldap /var/lib/ldap
+if [ -n "${LDAP_ROOTPASS:-}" ]
+then
+cat <<EOF | debconf-set-selections
+slapd slapd/internal/generated_adminpw password ${LDAP_ROOTPASS}
+slapd slapd/internal/adminpw password ${LDAP_ROOTPASS}
+slapd slapd/password2 password ${LDAP_ROOTPASS}
+slapd slapd/password1 password ${LDAP_ROOTPASS}
+EOF
+fi
+if [ -n "${LDAP_DOMAIN:-}" ]
+then
+cat <<EOF | debconf-set-selections
+slapd slapd/domain string ${LDAP_DOMAIN}
+EOF
+fi
+if [ -n "${LDAP_ORGANIZATION:-}" ]
+then
+cat <<EOF | debconf-set-selections
+slapd shared/organization string ${LDAP_ORGANIZATION}
+EOF
+fi
+if [ -n "${LDAP_ROOTPASS:-}" ] || [ -n "${LDAP_DOMAIN:-}" ] || [ -n "${LDAP_ORGANIZATION:-}" ]
+then
+    dpkg-reconfigure -f noninteractive slapd
+fi
+eval exec "$@"