1. 25 Apr, 2022 1 commit
    • nimrod's avatar
      Backup refactor. · 0e9ca1fd
      nimrod authored
      - Change from a single backup that's overwritten everytime to a
        multiple, dated backups.
      - Save the last 30 days of backups.
      - Save backups under the host's /var/backups instead of a Docker volume.
        Easier to backup.
      - Add a restore script so that at least I would have some idea on how to
        restore this backup. Last thing I want to do when I need this backup
      is to try and figure out how to restore it.
      0e9ca1fd
  2. 23 Apr, 2022 2 commits
    • nimrod's avatar
      Backup weekly instead of daily. · 82bad8df
      nimrod authored
      The changes are very, very rare. I'm changing the backup method to
      saving tarballs as snapshots and saving the last few and this change in
      the spirit of things.
      82bad8df
    • nimrod's avatar
      Remove superfluous flags. · 2b93987a
      nimrod authored
      The -v flags is already set in the alias.
      2b93987a
  3. 11 Dec, 2021 3 commits
  4. 24 Apr, 2021 1 commit
  5. 21 Apr, 2021 1 commit
  6. 26 Mar, 2021 2 commits
  7. 26 Feb, 2021 1 commit
  8. 19 Feb, 2021 1 commit
  9. 07 Feb, 2021 1 commit
  10. 05 Feb, 2021 1 commit
  11. 23 Jan, 2021 2 commits
  12. 07 Jan, 2021 1 commit
    • nimrod's avatar
      Templates. · 832a8f90
      nimrod authored
      - GitLab CI templates.
      - Pre-commit snippet.
      - Address pre-commit issues.
      832a8f90
  13. 23 Nov, 2020 1 commit
    • nimrod's avatar
      Updates. · 2afe411f
      nimrod authored
      A lot of different fixes. What I have in production right now.
      2afe411f
  14. 23 Nov, 2019 2 commits
    • nimrod's avatar
      Use file capabilities instead of a higher port for LAM. · 7da51307
      nimrod authored
      Run as a limited user and bind to the regular HTTP port using file
      capabilities.
      7da51307
    • nimrod's avatar
      Run slapd as a limited user. · bfa237e3
      nimrod authored
      - Relax the permission on /etc/ssl to allow generating snakeoil
      certificate and key.
      - Grant the slapd binary CAP_NET_BIND_SERVICE to allow binding to
      privileged ports.
      - Change owner of /etc/ldap/ldap.conf to allow modifying it in
      entrypoint.
      - Prepopulate volumes with the correct ownership, permissions and
      directory structure to avoid doing it in the entrypoint without root.
      bfa237e3
  15. 19 Nov, 2019 1 commit
  16. 21 Sep, 2019 2 commits
  17. 20 Sep, 2019 8 commits
    • nimrod's avatar
      nss-pam-ldapd image update. · 7950869f
      nimrod authored
      - Update base image to Debian Buster.
      - Install pamtester in the image.
      7950869f
    • nimrod's avatar
      Correction to slapd README. · 854be41d
      nimrod authored
      854be41d
    • nimrod's avatar
      Ignore work files. · 92025485
      nimrod authored
      92025485
    • nimrod's avatar
      Use Docker Hub images. · 88d96f31
      nimrod authored
      Use the Docker Hub images for caching and keep the names the same were
      applicable.
      88d96f31
    • nimrod's avatar
      Revamp the LDAP Account Manager configuration. · bbe2609f
      nimrod authored
      Instead of a persistent volume with the configuration, use environment
      variables.
      bbe2609f
    • nimrod's avatar
      Major overhaul of the slapd (OpenLDAP) image. · c3a356a9
      nimrod authored
      - Use a single volume for the config and data LDAP directories, easier
      to keep in sync in different cases (backups, migration).
      - Add backup script, save to backup volume.
      - Allow passing the location of the SSL key and cert to enable SSL,
      otherwise a self-signed certificate and key are generated with the FQDN
      of the container.
      - Drop the dockerfile-lint linter, didn't give any useful advice.
      - Change base image to Debian Buster.
      - Set stopsignal for the container.
      - Allow setting the log level.
      - Unset the cleartext root password environment variable.
      c3a356a9
    • nimrod's avatar
      Small improvments to the nss-pam-ldapd image. · c65101a4
      nimrod authored
      - Set the client configuration (/etc/ldap/ldap.conf) according to the
      environment variables.
      - Add LDAP_REQCERT environment variable to set the certificate
      validation.
      c65101a4
    • nimrod's avatar
      pre-commit autoupdate · e5e1bd64
      nimrod authored
      e5e1bd64
  18. 05 Jul, 2019 1 commit
  19. 30 Jun, 2019 5 commits
  20. 25 Jun, 2019 1 commit
  21. 11 May, 2019 1 commit
  22. 10 May, 2019 1 commit