-
Notifications
You must be signed in to change notification settings - Fork 976
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'hotfix-0.10.2' into stable
- Loading branch information
Showing
37 changed files
with
486 additions
and
131 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,30 @@ | ||
## 0.10.1 (release date: 2015-05-17) | ||
- Add ldapi | ||
- Add custom ldap schema | ||
- Auto convert .schema to .ldif | ||
- Fixes issues #2 #3 | ||
# Changelog | ||
|
||
## 0.10.0 (release date: 2015-03-03) | ||
## 0.10.2 | ||
|
||
- New features: | ||
- Bootstrap config, only on non existing slapd config | ||
- Limit max open file descriptors to fix slapd memory usage (#9) | ||
- Don't disable network access from outside (#8) | ||
- Make log level configurable via environment variable (#7) | ||
- Support for ldaps (#10) | ||
|
||
|
||
- Fixes: | ||
- Unable to start container with the following invocation. (#6) | ||
|
||
## 0.10.1 | ||
|
||
- New features: | ||
- Add ldapi | ||
- Add ldapi | ||
- Add custom ldap schema | ||
- Auto convert .schema to .ldif | ||
|
||
|
||
- Fixes : | ||
- Docker VOLUME is not needed to be able to stop a container without losing data (#2) | ||
- starting from old data (#3) | ||
|
||
## 0.10.0 | ||
- New version initial release |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
FROM osixia/baseimage:0.10.4 | ||
FROM osixia/baseimage:0.10.5 | ||
MAINTAINER Bertrand Gouny <[email protected]> | ||
|
||
# Use baseimage-docker's init system. | ||
|
@@ -7,24 +7,21 @@ CMD ["/sbin/my_init"] | |
# Add openldap user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added | ||
RUN groupadd -r openldap && useradd -r -g openldap openldap | ||
|
||
# Install OpenLDAP and ldap-utils (and ssl-kit from baseimage), remove default ldap db | ||
# Install OpenLDAP, ldap-utils and ssl-kit from baseimage, remove default ldap db | ||
RUN apt-get -y update && /sbin/enable-service ssl-kit \ | ||
&& LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --force-yes --no-install-recommends slapd ldap-utils \ | ||
&& rm -rf /var/lib/ldap | ||
&& LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --force-yes --no-install-recommends \ | ||
slapd ldap-utils ntp \ | ||
&& rm -rf /var/lib/ldap /etc/ldap/slapd.d | ||
|
||
# Add OpenLDAP assets | ||
ADD service/slapd/assets /osixia/slapd | ||
# Add service directory to /osixia | ||
ADD service /osixia | ||
|
||
# Clean all | ||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* | ||
# Use baseimage service auto-install script and clean all | ||
RUN ./sbin/auto-install && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* | ||
|
||
# Add default env variables | ||
ADD env.yml /etc/env.yml | ||
|
||
# Add OpenLDAP container start config & daemon | ||
ADD service/slapd/container-start.sh /etc/my_init.d/slapd | ||
ADD service/slapd/daemon.sh /etc/service/slapd/run | ||
|
||
# Set OpenLDAP data and config directories in a data volume | ||
VOLUME ["/var/lib/ldap", "/etc/ldap/slapd.d"] | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,26 @@ | ||
LDAP_ORGANISATION: Example Inc. | ||
LDAP_DOMAIN: example.org | ||
LDAP_ADMIN_PASSWORD: admin | ||
LDAP_LOG_LEVEL: -1 | ||
LDAP_CONFIG_PASSWORD: config | ||
|
||
SERVER_NAME: ldap.example.org | ||
#See table 5.1 in http://www.openldap.org/doc/admin24/slapdconf2.html for the available log levels. | ||
LDAP_LOG_LEVEL: -1 | ||
|
||
USE_TLS: true | ||
SSL_CRT_FILENAME: ldap.crt | ||
SSL_KEY_FILENAME: ldap.key | ||
SSL_CA_CRT_FILENAME: ca.crt | ||
|
||
|
||
USE_REPLICATION: false | ||
# variables $BASE_DN, $LDAP_ADMIN_PASSWORD, $LDAP_CONFIG_PASSWORD and $SSL_* | ||
# are automaticaly replaced at run time | ||
|
||
# if you want to add replication to an existing ldap | ||
# adapt REPLICATION_CONFIG_SYNCPROV and REPLICATION_HDB_SYNCPROV to your configuration | ||
# avoid using $BASE_DN, $LDAP_ADMIN_PASSWORD and $LDAP_CONFIG_PASSWORD variables | ||
REPLICATION_CONFIG_SYNCPROV: binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 starttls=critical | ||
REPLICATION_HDB_SYNCPROV: binddn="cn=admin,$BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="5 5 300 5" timeout=1 starttls=critical | ||
REPLICATION_HOSTS: | ||
- ldap://ldap.example.org # The order must be the same on all ldap servers | ||
- ldap://ldap2.example.org |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Bootstrap config, for a container started without an existing ldap config. |
7 changes: 7 additions & 0 deletions
7
image/service/slapd/assets/config/bootstrap/ldif/config-password.ldif
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
# Set config password | ||
dn: cn=config | ||
changeType: modify | ||
|
||
dn: olcDatabase={0}config,cn=config | ||
add: olcRootPW | ||
olcRootPW: {{ CONFIG_PASSWORD_ENCRYPTED }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
# Add indexes | ||
dn: olcDatabase={1}hdb,cn=config | ||
changetype: modify | ||
replace: olcDbIndex | ||
olcDbIndex: entryCSN eq | ||
olcDbIndex: entryUUID eq |
2 changes: 1 addition & 1 deletion
2
.../service/slapd/assets/config/logging.ldif β ...assets/config/bootstrap/ldif/logging.ldif
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
dn: cn=config | ||
changetype: modify | ||
replace: olcLogLevel | ||
olcLogLevel: stats | ||
olcLogLevel: stats |
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Bootstrap schemas, for a container started without an existing ldap config. |
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
Oops, something went wrong.