Loading docker-compose.yml +7 −5 Original line number Diff line number Diff line Loading @@ -21,6 +21,8 @@ services: build: context: nss-pam-ldapd/ command: /usr/sbin/nslcd --debug --nofork depends_on: - ldap environment: LDAP_BASE_DN: "${LDAP_BASE_DN:-dc=nowhere,dc=com}" volumes: Loading @@ -29,21 +31,21 @@ services: ldap-account-manager: build: context: ldap-account-manager/ links: depends_on: - ldap environment: LAM_PASSWORD: "${LAM_PASSWORD:-foo}" LDAP_ADMIN_DN: "cn=admin,${LDAP_BASE_DN:-dc=nowhere,dc=com}" LDAP_BASE_DN: "${LDAP_BASE_DN:-dc=nowhere,dc=com}" ports: - 80:80 restart: always volumes: - _run_slapd:/run/slapd - ldap-account-manager:/var/lib/ldap-account-manager volumes: _run_slapd: ldap: ldap-account-manager: labels: snapshot: 'true' backup_ldap: labels: snapshot: 'true' Loading ldap-account-manager/Dockerfile +9 −9 Original line number Diff line number Diff line FROM debian:sid-slim # hadolint ignore=DL3008 RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ ca-certificates=20190110 \ ldap-account-manager=6.7-1 \ patch=2.7.6-4 \ wget=1.20.1-1.1 \ ca-certificates \ gettext-base \ ldap-account-manager \ patch \ wget \ && \ chmod 755 /var/log/apache2 && \ ln -sf /dev/stdout /var/log/apache2/access.log && \ ln -sf /dev/stderr /var/log/apache2/error.log && \ ln -sf /dev/stdout /var/log/apache2/lam.log && \ ln -sf /dev/stdout /var/log/apache2/other_vhosts_access.log && \ mv /etc/ldap-account-manager/config.cfg /var/lib/ldap-account-manager/config/config.cfg && \ ln -sf /var/lib/ldap-account-manager/config/config.cfg /etc/ldap-account-manager/config.cfg && \ mv /var/lib/ldap-account-manager /var/lib/ldap-account-manager.orig && \ mkdir -m 755 /var/lib/ldap-account-manager && \ rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/* ENV APACHE_RUN_DIR=/run/apache2 \ APACHE_LOG_DIR=/var/log/apache2 \ Loading @@ -23,10 +21,12 @@ ENV APACHE_RUN_DIR=/run/apache2 \ APACHE_PID_FILE=/run/apache2/apache2.pid COPY --chown=root:root patch.diff /root/ COPY --chown=root:root entrypoint /entrypoint COPY --chown=root:root lam-setpass /usr/local/sbin/ RUN patch --strip 0 --verbose --directory / --input /root/patch.diff && \ apache2 -t ENV LDAP_URI=ldapi:/// \ LAM_PASSWORD=lam EXPOSE 80 VOLUME /var/lib/ldap-account-manager ENTRYPOINT [ "/entrypoint" ] CMD [ "apache2", "-DFOREGROUND" ] HEALTHCHECK CMD wget --spider --quiet http://localhost/lam/ --user-agent 'Healthcheck' || exit 1 ldap-account-manager/README.md +7 −6 Original line number Diff line number Diff line Loading @@ -2,13 +2,14 @@ > Dockerized LDAP Account Manager. ## Usage ## Environment variables The image isn't configured with environment variables, instead it uses a volume for `/var/lib/ldap-account-manager` that contains the application's configuration files. On first run the default files are copied to the volume and the configuration is done through the application itself. The default master password is `lam`. Name | Description | Default value --- | --- | --- `LAM_PASSWORD` | Password for administrating LAM | `lam` `LDAP_URI` | URI of the LDAP service | `ldapi:///` `LDAP_ADMIN_DN` | DN of the admin account `LDAP_BASE_DN` | Base DN ## License Loading ldap-account-manager/entrypoint +11 −2 Original line number Diff line number Diff line #!/bin/sh set -eux install -d -m 755 -o root -g root /var/lib/ldap-account-manager cp --archive --no-clobber --verbose --no-target-directory /var/lib/ldap-account-manager.orig /var/lib/ldap-account-manager # Render environment variables in the config file. tempfile="$(mktemp)" envsubst < /var/lib/ldap-account-manager/config/lam.conf > "$tempfile" cat "$tempfile" > /var/lib/ldap-account-manager/config/lam.conf rm "$tempfile" # Set the password and unset the variable from memory. chroot --userspec=www-data / /usr/local/sbin/lam-setpass "$LAM_PASSWORD" unset LAM_PASSWORD # Start the process. eval exec "$@" ldap-account-manager/lam-setpass 0 → 100755 +15 −0 Original line number Diff line number Diff line #!/usr/bin/env php <?php include_once('/usr/share/ldap-account-manager/lib/config.inc'); // For the general settings. $cfg = new LAMCfgMain(); $cfg->setPassword($argv[1]); $cfg->save(); // For the server profiles. $conf = new LAMConfig("lam"); $conf->set_Passwd($argv[1]); $conf->save(); Loading
docker-compose.yml +7 −5 Original line number Diff line number Diff line Loading @@ -21,6 +21,8 @@ services: build: context: nss-pam-ldapd/ command: /usr/sbin/nslcd --debug --nofork depends_on: - ldap environment: LDAP_BASE_DN: "${LDAP_BASE_DN:-dc=nowhere,dc=com}" volumes: Loading @@ -29,21 +31,21 @@ services: ldap-account-manager: build: context: ldap-account-manager/ links: depends_on: - ldap environment: LAM_PASSWORD: "${LAM_PASSWORD:-foo}" LDAP_ADMIN_DN: "cn=admin,${LDAP_BASE_DN:-dc=nowhere,dc=com}" LDAP_BASE_DN: "${LDAP_BASE_DN:-dc=nowhere,dc=com}" ports: - 80:80 restart: always volumes: - _run_slapd:/run/slapd - ldap-account-manager:/var/lib/ldap-account-manager volumes: _run_slapd: ldap: ldap-account-manager: labels: snapshot: 'true' backup_ldap: labels: snapshot: 'true' Loading
ldap-account-manager/Dockerfile +9 −9 Original line number Diff line number Diff line FROM debian:sid-slim # hadolint ignore=DL3008 RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ ca-certificates=20190110 \ ldap-account-manager=6.7-1 \ patch=2.7.6-4 \ wget=1.20.1-1.1 \ ca-certificates \ gettext-base \ ldap-account-manager \ patch \ wget \ && \ chmod 755 /var/log/apache2 && \ ln -sf /dev/stdout /var/log/apache2/access.log && \ ln -sf /dev/stderr /var/log/apache2/error.log && \ ln -sf /dev/stdout /var/log/apache2/lam.log && \ ln -sf /dev/stdout /var/log/apache2/other_vhosts_access.log && \ mv /etc/ldap-account-manager/config.cfg /var/lib/ldap-account-manager/config/config.cfg && \ ln -sf /var/lib/ldap-account-manager/config/config.cfg /etc/ldap-account-manager/config.cfg && \ mv /var/lib/ldap-account-manager /var/lib/ldap-account-manager.orig && \ mkdir -m 755 /var/lib/ldap-account-manager && \ rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/* ENV APACHE_RUN_DIR=/run/apache2 \ APACHE_LOG_DIR=/var/log/apache2 \ Loading @@ -23,10 +21,12 @@ ENV APACHE_RUN_DIR=/run/apache2 \ APACHE_PID_FILE=/run/apache2/apache2.pid COPY --chown=root:root patch.diff /root/ COPY --chown=root:root entrypoint /entrypoint COPY --chown=root:root lam-setpass /usr/local/sbin/ RUN patch --strip 0 --verbose --directory / --input /root/patch.diff && \ apache2 -t ENV LDAP_URI=ldapi:/// \ LAM_PASSWORD=lam EXPOSE 80 VOLUME /var/lib/ldap-account-manager ENTRYPOINT [ "/entrypoint" ] CMD [ "apache2", "-DFOREGROUND" ] HEALTHCHECK CMD wget --spider --quiet http://localhost/lam/ --user-agent 'Healthcheck' || exit 1
ldap-account-manager/README.md +7 −6 Original line number Diff line number Diff line Loading @@ -2,13 +2,14 @@ > Dockerized LDAP Account Manager. ## Usage ## Environment variables The image isn't configured with environment variables, instead it uses a volume for `/var/lib/ldap-account-manager` that contains the application's configuration files. On first run the default files are copied to the volume and the configuration is done through the application itself. The default master password is `lam`. Name | Description | Default value --- | --- | --- `LAM_PASSWORD` | Password for administrating LAM | `lam` `LDAP_URI` | URI of the LDAP service | `ldapi:///` `LDAP_ADMIN_DN` | DN of the admin account `LDAP_BASE_DN` | Base DN ## License Loading
ldap-account-manager/entrypoint +11 −2 Original line number Diff line number Diff line #!/bin/sh set -eux install -d -m 755 -o root -g root /var/lib/ldap-account-manager cp --archive --no-clobber --verbose --no-target-directory /var/lib/ldap-account-manager.orig /var/lib/ldap-account-manager # Render environment variables in the config file. tempfile="$(mktemp)" envsubst < /var/lib/ldap-account-manager/config/lam.conf > "$tempfile" cat "$tempfile" > /var/lib/ldap-account-manager/config/lam.conf rm "$tempfile" # Set the password and unset the variable from memory. chroot --userspec=www-data / /usr/local/sbin/lam-setpass "$LAM_PASSWORD" unset LAM_PASSWORD # Start the process. eval exec "$@"
ldap-account-manager/lam-setpass 0 → 100755 +15 −0 Original line number Diff line number Diff line #!/usr/bin/env php <?php include_once('/usr/share/ldap-account-manager/lib/config.inc'); // For the general settings. $cfg = new LAMCfgMain(); $cfg->setPassword($argv[1]); $cfg->save(); // For the server profiles. $conf = new LAMConfig("lam"); $conf->set_Passwd($argv[1]); $conf->save();