Release 7.1.16 - See CHANGELOG.md

CHANGELOG.md

@@ -1,3 +1,9 @@
+## 7.1.16 2021-05-08 <dave at tiredofit dot ca>
+
+   ### Added
+      - Introduce `REPLICATION_SAFETY_CHECK` variable to bypass DNS checking of replication hosts
+
+
 ## 7.1.15 2021-04-20 <dave at tiredofit dot ca>
 
    ### Added

README.md

@@ -32,12 +32,16 @@ Upon starting this image it will give you a ready to run server with many config
 ### Table of Contents
 
 
-- [Prerequisites](#prerequisites)
+- [Prerequisites and Assumptions](#prerequisites-and-assumptions)
 - [Installation](#installation)
-  - [Quick Start](#quick-start)
+  - [Build from Source](#build-from-source)
+  - [Prebuilt Images](#prebuilt-images)
+  - [Multi Archictecture](#multi-archictecture)
 - [Configuration](#configuration)
-  - [Data-Volumes](#data-volumes)
-  - [Environment Varables](#environment-varables)
+  - [Quick Start](#quick-start)
+  - [Persistent Storage](#persistent-storage)
+  - [Environment Variables](#environment-variables)
+    - [Base Images used](#base-images-used)
     - [Required for new setup](#required-for-new-setup)
     - [Logging Options](#logging-options)
     - [Backup Options:](#backup-options)
@@ -49,6 +53,12 @@ Upon starting this image it will give you a ready to run server with many config
   - [Networking](#networking)
 - [Maintenance](#maintenance)
   - [Shell Access](#shell-access)
+- [Support](#support)
+  - [Usage](#usage)
+  - [Bugfixes](#bugfixes)
+  - [Feature Requests](#feature-requests)
+  - [Updates](#updates)
+- [License](#license)
   - [References](#references)
 
 ## Prerequisites and Assumptions
@@ -65,7 +75,7 @@ Builds of the image are available on [Docker Hub](https://hub.docker.com/r/tired
 ```bash
 docker pull tiredofit/openldap:(imagetag)
 ```
-The following image tags are available along with their taged release based on what's written in the [Changelog](CHANGELOG.md):
+The following image tags are available along with their tagged release based on what's written in the [Changelog](CHANGELOG.md):
 
 | Version | Container OS | Tag       |
 | ------- | ------------ | --------- |
@@ -218,6 +228,7 @@ If you already have a check_password.conf or ppm.conf in /etc/openldap/ the foll
 | `REPLICATION_CONFIG_SYNCPROV` | olcSyncRepl options used for the config database. Without rid and provider which are automatically added based on `REPLICATION_HOSTS`.                                                                                                                                              | `binddn="cn=config" bindmethod=simple credentials=$CONFIG_PASS searchbase="cn=config" type=refreshAndPersist retry="5 5 60 +" timeout=1 filter="(!(objectclass=olcGlobal))"` |
 | `REPLICATION_DB_SYNCPROV`     | olcSyncRepl options used for the database. Without rid and provider which are automatically added based on `REPLICATION_HOSTS`.                                                                                                                                                     | `binddn="cn=admin,$BASE_DN" bindmethod=simple credentials=$ADMIN_PASS searchbase="$BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="5 5 60 +" timeout=1`          |
 | `REPLICATION_HOSTS`           | list of replication hosts seperated by a space, must contain the current container hostname set by --hostname on docker run command. If replicating all hosts must be set in the same order. Example - `ldap://ldap1.example.com ldap://ldap2.example.com ldap://ldap3.example.com` |
+| `REPLICATION_SAFETY_CHECK`    | Check to see if all hosts resolve before starting replication - Introduced as a safety measure to avoid slapd not starting.                                                                                                                                                         | `TRUE`                                                                                                                                                                       |
 | `WAIT_FOR_REPLICAS`           | should we wait for configured replicas to come online (respond to ping) before startup?                                                                                                                                                                                             | `false`                                                                                                                                                                      |
 
  #### Other environment variables

install/assets/defaults/10-openldap

@@ -38,6 +38,7 @@ PPOLICY_MIN_UPPER=${PPOLICY_MIN_UPPER:-0}
 PPOLICY_USE_CRACKLIB=${PPOLICY_USE_CRACKLIB:-1}
 READONLY_USER_PASS=${READONLY_USER_PASS:-"readonly"}
 READONLY_USER_USER=${READONLY_USER_USER:-"readonly"}
+REPLICATION_SAFETY_CHECK=${REPLICATION_SAFETY_CHECK:-"TRUE"}
 SCHEMA_TYPE=${SCHEMA_TYPE:-"nis"}
 SLAPD_ARGS=${SLAPD_ARGS:-""}
 SLAPD_HOSTS=${SLAPD_HOSTS:-"ldap://$HOSTNAME ldaps://$HOSTNAME ldapi:///"}

install/assets/functions/10-openldap

@@ -366,33 +366,35 @@ EOF
 
       ### Replication Sanity Tester
       if [ -e "$was_started_with_replication" ]; then
-        set +e
-        replhosts_sanity=$(grep -o -h "provider=ldap.*//.*." ${CONFIG_PATH}slapd.d/cn\=config/olcDatabase*.ldif | awk -F '[//]' '{ print $3 }' | awk -F 'binddn' '{ print $1 }' | awk '!a[$0]++' | tr '\n' ' ' | awk '!a[$0]++' | sed 's/  / /g')
-        if [ ! -z "$replhosts_sanity" ]; then
-          for sanity_host in $replhosts_sanity; do
-            if var_true "$WAIT_FOR_REPLICAS"; then
-              print_debug "Waiting for $sanity_host to come online"
-              while ! silent ping -c1 -W1 $sanity_host; do
-                silent echo -n .
-              done
-            elif [[ $sanity_host =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
-              sanity_ip=$sanity_host
-              if [ -z "$sanity_ip" ]; then
-                print_error "It looks as if you have a malformed IP address for replication host "$sanity_host" in your schema configuration. Startup will fail!"
-                exit 1
-              fi
-            else
-              sanity_ip=$(getent hosts $sanity_host | awk '{ print $1 }')
-              valid_ip=$(echo $sanity_ip | awk -F'.' '$1 <=255 && $2 <= 255 && $3 <= 255 && $4 <= 255')
+        if var_true "${REPLICATION_SAFETY_CHECK}" ; then
+          set +e
+          replhosts_sanity=$(grep -o -h "provider=ldap.*//.*." ${CONFIG_PATH}slapd.d/cn\=config/olcDatabase*.ldif | awk -F '[//]' '{ print $3 }' | awk -F 'binddn' '{ print $1 }' | awk '!a[$0]++' | tr '\n' ' ' | awk '!a[$0]++' | sed 's/  / /g')
+          if [ ! -z "$replhosts_sanity" ]; then
+            for sanity_host in $replhosts_sanity; do
+              if var_true "$WAIT_FOR_REPLICAS"; then
+                print_debug "Waiting for $sanity_host to come online"
+                while ! silent ping -c1 -W1 $sanity_host; do
+                  silent echo -n .
+                done
+              elif [[ $sanity_host =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+                sanity_ip=$sanity_host
+                if [ -z "$sanity_ip" ]; then
+                  print_error "It looks as if you have a malformed IP address for replication host "$sanity_host" in your schema configuration. Startup will fail!"
+                  exit 1
+                fi
+              else
+                sanity_ip=$(getent hosts $sanity_host | awk '{ print $1 }')
+                valid_ip=$(echo $sanity_ip | awk -F'.' '$1 <=255 && $2 <= 255 && $3 <= 255 && $4 <= 255')
+
+                if [ -z "$valid_ip" ] || [ -z "$sanity_ip" ]; then
+                  print_error "It looks as if you have no DNS entry for replication host "$sanity_host" in your schema configuration. Startup will fail!"
+                  exit 1
+                fi
 
-              if [ -z "$valid_ip" ] || [ -z "$sanity_ip" ]; then
-                print_error "It looks as if you have no DNS entry for replication host "$sanity_host" in your schema configuration. Startup will fail!"
-                exit 1
               fi
-
-            fi
-          done
-          set -e
+            done
+            set -e
+          fi
         fi
       fi