5.0

Dockerfile

@@ -1,4 +1,4 @@
-FROM tiredofit/alpine:3.8
+FROM registry.selfdesign.org/docker/alpine:3.8
 LABEL maintainer="Dave Conroy <[email protected]>"
 
 ENV ADMIN_PASS=admin \
@@ -153,7 +153,7 @@ RUN set -x && \
     chmod 700 /usr/sbin/cfssljson && \
     \
 ### Cleanup
-    rm -rf /tiredofit/openldap:`head -n 1 /tiredofit/CHANGELOG.md | awk '{print $2'}`/ \
+    rm -rf /tiredofit \
            /var/cache/apk/* && \
     apk del .openldap-build-deps
 

README.md

@@ -12,7 +12,7 @@ Upon starting this image it will give you a ready to run server with many config
 
 * Tracks latest release
 * Compiles from source
-* Multiple backends (bdb, hdb, mdb, sql)
+* Multiple backends (bdb, hdb, mdb, sql
 * All overlays compiled
 * Supports TLS encryption
 * Supports Replication
@@ -61,10 +61,10 @@ None.
 
 # Installation
 
-Automated builds of the image are available on [Registry](https://hub.docker.com/r/tiredofit/openldap) and is the recommended method of installation.
+Automated builds of the image are available on [Registry](https://registry.selfdesign.org/docker/openldap) and is the recommended method of installation.
 
 ```bash
-docker pull tiredofit/openldap:latest
+docker pull registry.selfdesign.org/docker/openldap
 ```
 
 # Quick Start

examples/docker-compose.yml

@@ -1,21 +1,14 @@
 version: '2'
 services:
-  ldap:
+  openldap-app:
     hostname: ldap.example.com
     domainname: ldap.example.com
-    container_name: ldap
+    container_name: openldap-app
     image: tiredofit/openldap
     ports:
       - 389:389
       - 636:636
     environment:
-       ## For Automatic LetsEncrypt - Make sure you create symbolic links to the generated fullchain/certs!
-      - VIRTUAL_HOST=ldap1.example.org
-      - VIRTUAL_NETWORK=nginx-proxy
-      - VIRTUAL_PORT=80
-      - LETSENCRYPT_HOST=ldap1.example.org
-      - [email protected]
-
       - HOSTNAME=ldap.example.com     
       - BACKEND=mdb
       - LOG_LEVEL=256
@@ -27,8 +20,7 @@ services:
       - ENABLE_READONLY_USER=false
       - READONLY_USER_USER=reader
       - READONLY_USER_PASS=reader
-
-      ## Once Turned on you can never turn off, not necessarily a bad thing.
+
       - ENABLE_TLS=true
       - TLS_CRT_FILENAME=cert.pem
       - TLS_KEY_FILENAME=key.pem
@@ -38,7 +30,6 @@ services:
       - TLS_VERIFY_CLIENT=never
       - SSL_HELPER_PREFIX=ldap
 
-      ## Multimaster Only
       - ENABLE_REPLICATION=false
       - REPLICATION_CONFIG_SYNCPROV=binddn="cn=admin,cn=config" bindmethod=simple credentials="admin" searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1
       - REPLICATION_DB_SYNCPROV=binddn="cn=admin,dc=example,dc=org" bindmethod=simple credentials="admin" searchbase="dc=example,dc=org" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1
@@ -49,7 +40,7 @@ services:
       - BACKUP_DATA_CRON_PERIOD=0 4 * * *
       - BACKUP_TTL=15
 
-      - ZABBIX_HOSTNAME=ldap-app
+      - ZABBIX_HOSTNAME=openldap-app
     volumes:
       - ./backup:/data/backup
       - ./data:/var/lib/openldap

install/assets/slapd/config/bootstrap/ldif/01-config-password.ldif

@@ -4,4 +4,4 @@ changeType: modify
 
 dn: olcDatabase={0}config,cn=config
 add: olcRootPW
-olcRootPW: <CONFIG_PASSWORD_ENCRYPTED>
+olcRootPW: <CONFIG_PASS_ENCRYPTED>

install/etc/cont-init.d/10-openldap

@@ -40,8 +40,6 @@ function ldap_add_or_modify (){
 }
 
 function schema2ldif (){
-  log-helper level eq trace && set -x
-
   SCHEMAS=$1
 
   tmpd=`mktemp -d`
@@ -142,20 +140,14 @@ TLS_DH_PARAM_PATH="/assets/slapd/certs/dhparam.pem"
 ### Container first start
 if [ ! -e "$FIRST_START_DONE" ]; then
 
-
-  #
   # Global variables
-  #
   NEW_INSTALL=false
 
-  #
   # database and config directory are empty
   # setup bootstrap config - Part 1
-  #
   if [ -z "$(ls -A -I lost+found /var/lib/openldap)" ] && [ -z "$(ls -A -I lost+found /etc/openldap/slapd.d)" ]; then
 
     NEW_INSTALL=true
-    echo "** [openldap] Detected Database and Config directories are empty"
     echo "** [openldap] First time install detected"
 
     # RFC2307bis schema
@@ -188,7 +180,7 @@ maxsize   1073741824
 suffix    "${BASE_DN}"
 rootdn    "cn=admin,${BASE_DN}"
 #rootpw    `slappasswd -s ${ADMIN_PASS}`
-#rootpw    ${ADMIN_PASS}
+rootpw    ${CONFIG_PASS}
 directory /var/lib/openldap
 
 #sortvals uid
@@ -209,7 +201,7 @@ EOF
 
 set +e
 silent slaptest -f /tmp/slapd.conf -F /etc/openldap/slapd.d
-silent slaptest -f /tmp/slapd.conf -F /etc/openldap/slapd.d
+silent slaptest -f /tmp/slapd.conf -F /etc/openldap/slapd.d -u
 rm -rf /tmp/slapd.conf
 set -e
 chown -R ldap:ldap /etc/openldap 
@@ -313,7 +305,7 @@ chown -R ldap:ldap /etc/openldap
     get_ldap_base_dn
     sed -i "s|<BASE_DN>|${BASE_DN}|g" /assets/slapd/config/bootstrap/ldif/02-security.ldif
 
-    # Process config files (*.ldif) in bootstrap directory (do no process files in subdirectories)
+    # Process config files (*.ldif) in bootstrap directory (do not process files in subdirectories)
     echo "** [openldap] Add bootstrap LDIFs"
     for f in $(find /assets/slapd/config/bootstrap/ldif -mindepth 1 -maxdepth 1 -type f -name \*.ldif  | sort); do
       echo "** [openldap] Processing file ${f}"
@@ -417,7 +409,7 @@ chown -R ldap:ldap /etc/openldap
 
     get_ldap_base_dn
     sed -i "s|\$BASE_DN|$BASE_DN|g" /assets/slapd/config/replication/replication-enable.ldif
-    sed -i "s|\$ADMIN_PASS|$ADMIN_PASS|g" /assets/slapd/config/replication/replication-enable.ldif
+    sed -i "s|\$CONFIG_PASS|$CONFIG_PASS|g" /assets/slapd/config/replication/replication-enable.ldif
     sed -i "s|\$CONFIG_PASS|$CONFIG_PASS|g" /assets/slapd/config/replication/replication-enable.ldif
 
     sed -i "/<REPLICATION_HOSTS>/d" /assets/slapd/config/replication/replication-enable.ldif
@@ -436,13 +428,16 @@ chown -R ldap:ldap /etc/openldap
   fi
 
   ## Execute Custom Scripts (To be used for example for tiredofit/openldap-fusiondirectory)
-  if [ -f /assets/custom-scripts/*.sh ] ; then
+  if [ -d /assets/custom-scripts/ ] ; then
     echo '** [openldap] Found Custom Scripts to Execute'
-    chmod +x /assets/custom-scripts/*.sh
-    exec /assets/custom-scripts/*.sh
+    for f in $(find /assets/custom-scripts/ -name \*.sh -type f); do
+      echo "** [openldap] Running Script ${f}"
+      chmod +x ${f}
+      ${f}
+    done
   fi  
 
-  # stop OpenLDAP
+  # Stop OpenLDAP
   echo "** [openldap] Finished OpenLDAP Initialization"
 
   SLAPD_PID=$(cat /run/openldap/slapd.pid)