- Feb 26, 2021
-
-
nimrod authored
The SSL-terminating proxy should have that hostname.
-
- Feb 19, 2021
-
-
nimrod authored
The external name for it.
-
- Feb 07, 2021
-
-
nimrod authored
-
- Feb 05, 2021
-
-
nimrod authored
-
- Jan 23, 2021
- Jan 07, 2021
-
-
nimrod authored
- GitLab CI templates. - Pre-commit snippet. - Address pre-commit issues.
-
- Nov 23, 2020
-
-
nimrod authored
A lot of different fixes. What I have in production right now.
-
- Nov 23, 2019
-
-
nimrod authored
Run as a limited user and bind to the regular HTTP port using file capabilities.
-
nimrod authored
- Relax the permission on /etc/ssl to allow generating snakeoil certificate and key. - Grant the slapd binary CAP_NET_BIND_SERVICE to allow binding to privileged ports. - Change owner of /etc/ldap/ldap.conf to allow modifying it in entrypoint. - Prepopulate volumes with the correct ownership, permissions and directory structure to avoid doing it in the entrypoint without root.
-
- Nov 19, 2019
-
-
nimrod authored
- Use port 8080 (http-alt) instead of port 80 (a priviliged port). - Run Apache with the www-data user. - Enable the Apache status module.
-
- Sep 21, 2019
- Sep 20, 2019
-
-
nimrod authored
- Update base image to Debian Buster. - Install pamtester in the image.
-
nimrod authored
-
nimrod authored
-
nimrod authored
Use the Docker Hub images for caching and keep the names the same were applicable.
-
nimrod authored
Instead of a persistent volume with the configuration, use environment variables.
-
nimrod authored
- Use a single volume for the config and data LDAP directories, easier to keep in sync in different cases (backups, migration). - Add backup script, save to backup volume. - Allow passing the location of the SSL key and cert to enable SSL, otherwise a self-signed certificate and key are generated with the FQDN of the container. - Drop the dockerfile-lint linter, didn't give any useful advice. - Change base image to Debian Buster. - Set stopsignal for the container. - Allow setting the log level. - Unset the cleartext root password environment variable.
-
nimrod authored
- Set the client configuration (/etc/ldap/ldap.conf) according to the environment variables. - Add LDAP_REQCERT environment variable to set the certificate validation.
-
nimrod authored
-
- Jul 05, 2019
-
-
nimrod authored
- hadolint and docker-compose config. - Fix what hadolint complained about.
-
- Jun 30, 2019
-
-
nimrod authored
-
nimrod authored
-
nimrod authored
- Name the slapd service as ldap (in case it's replaced by a different LDAP server). - Allow overriding the default environment variables (preparation for an actual deployment).
-
nimrod authored
- Specify the `/run/slapd` volume in the Dockerfile. - Document TCP ports and Unix socket for slapd.
-
nimrod authored
- Use a patch to change the configuration files (instead of fiddling with sed). - Don't log the healthcheck requests.
-
- Jun 25, 2019
-
-
nimrod authored
network to communicate with other containers.
-
- May 11, 2019
-
-
nimrod authored
-
- May 10, 2019
- Sep 08, 2018
-
-
nimrod authored
- Replaced phpLDAPadmin with ldap-account-manager as the webui. - Added nss-pam-ldapd as a test client.
-
- Aug 12, 2018
- Aug 07, 2018
-
-
nimrod authored
-
- Jan 29, 2018
-
-
nimrod authored
-