Improvements to the ldap-account-manager Docker image.

- Use a patch to change the configuration files (instead of fiddling
with sed).
- Don't log the healthcheck requests.

docker-compose.yml

+# vim:ff=unix:ts=2:sw=2:ai:expandtab
 ---
 version: '3.5'
 services:
@@ -11,8 +12,6 @@ services:
       LDAP_ROOTPASS: foo
       LDAP_DOMAIN: nowhere.com
       LDAP_ORGANIZATION: none
-        networks: &networks
-            - shore
 
   nss-pam-ldapd:
     build:
@@ -22,7 +21,6 @@ services:
       LDAP_BASE_DN: 'dc=nowhere,dc=com'
     volumes:
       - _run_ldap:/run/slapd
-        networks: *networks
 
   ldap-account-manager:
     build:
@@ -34,7 +32,6 @@ services:
       - ldap-account-manager:/var/lib/ldap-account-manager
     ports:
       - 80:80
-        networks: *networks
 
 volumes:
   _run_ldap:
@@ -42,5 +39,5 @@ volumes:
   ldap-account-manager:
 
 networks:
-    shore:
+  default:
     name: shore

ldap-account-manager/Dockerfile

 FROM debian:sid-slim
 RUN apt-get update && \
     DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
+        ca-certificates \
         ldap-account-manager\
+        patch \
         wget \
     && \
+    chmod 755 /var/log/apache2 && \
     ln -sf /dev/stdout /var/log/apache2/access.log && \
     ln -sf /dev/stderr /var/log/apache2/error.log && \
     ln -sf /dev/stdout /var/log/apache2/lam.log && \
+    ln -sf /dev/stdout /var/log/apache2/other_vhosts_access.log && \
     mv /etc/ldap-account-manager/config.cfg /var/lib/ldap-account-manager/config/config.cfg && \
     ln -sf /var/lib/ldap-account-manager/config/config.cfg /etc/ldap-account-manager/config.cfg && \
     mv /var/lib/ldap-account-manager /var/lib/ldap-account-manager.orig && \
     mkdir -m 755 /var/lib/ldap-account-manager && \
-    sed -i 's@SYSLOG@/var/log/apache2/lam.log@' /var/lib/ldap-account-manager.orig/config/config.cfg && \
-    sed -i '/<\/VirtualHost>/i RedirectMatch permanent "^/$" "/lam"' /etc/apache2/sites-enabled/000-default.conf && \
     rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/*
-COPY --chown=root:root entrypoint /entrypoint
 ENV APACHE_RUN_DIR=/run/apache2 \
     APACHE_LOG_DIR=/var/log/apache2 \
     APACHE_RUN_USER=www-data \
     APACHE_RUN_GROUP=www-data \
     APACHE_PID_FILE=/run/apache2/apache2.pid
+COPY --chown=root:root patch.diff /root/
+COPY --chown=root:root entrypoint /entrypoint
+RUN patch --strip 0 --verbose --directory / --input /root/patch.diff && \
+    apache2 -t
 EXPOSE 80
 VOLUME /var/lib/ldap-account-manager
 ENTRYPOINT [ "/entrypoint" ]
 CMD [ "apache2", "-DFOREGROUND" ]
-HEALTHCHECK CMD wget --spider --quiet http://localhost/lam || exit 1
+HEALTHCHECK CMD wget --spider --quiet http://localhost/lam/ --user-agent 'Healthcheck' || exit 1

ldap-account-manager/patch.diff

+--- /var/lib/ldap-account-manager.orig/config/config.cfg	2019-03-25 18:21:36.000000000 +0200
++++ /var/lib/ldap-account-manager.orig/config/config.cfg	2019-06-25 14:18:51.906120546 +0300
+@@ -9,4 +9,4 @@
+ logLevel: 4
+ 
+ # log destination
+-logDestination: SYSLOG
++logDestination: /var/log/apache2/lam.log
+--- /etc/apache2/sites-available/000-default.conf	2018-11-03 13:34:33.000000000 +0200
++++ /etc/apache2/sites-available/000-default.conf	2019-06-25 14:55:43.956626591 +0300
+@@ -18,7 +18,7 @@
+ 	#LogLevel info ssl:warn
+ 
+ 	ErrorLog ${APACHE_LOG_DIR}/error.log
+-	CustomLog ${APACHE_LOG_DIR}/access.log combined
++	CustomLog ${APACHE_LOG_DIR}/access.log combined expr=!(%{REMOTE_HOST}=='127.0.0.1'&&%{HTTP_USER_AGENT}=='Healthcheck')
+ 
+ 	# For most configuration files from conf-available/, which are
+ 	# enabled or disabled at a global level, it is possible to
+@@ -26,6 +26,8 @@
+ 	# following line enables the CGI configuration for this host only
+ 	# after it has been globally disabled with "a2disconf".
+ 	#Include conf-available/serve-cgi-bin.conf
++
++    RedirectMatch permanent "^/$" "/lam"
+ </VirtualHost>
+ 
+ # vim: syntax=apache ts=4 sw=4 sts=4 sr noet