Merge pull request #2 from Fekide/testing

Fix issues with ldif files
Fekide · Sep 19, 2019 · b18b975 · b18b975
2 parents 30a55d7 + 2f854d5
commit b18b975
Show file tree

Hide file tree

Showing 7 changed files with 93 additions and 42 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,32 +1,32 @@
 FROM osixia/openldap:1.2.4
-MAINTAINER Feki.de e.V. "[email protected]"
-LABEL version="1.2.4-1.3-1"
-
-ADD bootstrap /var/fusiondirectory/bootstrap
-ADD certs /container/service/slapd/assets/certs
-ADD environment /container/environment/01-custom
+LABEL maintainer="[email protected]"\
+	version="1.2.5"
 
 ARG FUSIONDIRECTORY_VERSION=1.3-1
 
 RUN apt-key adv --keyserver keys.gnupg.net --receive-keys D744D55EACDA69FF \
- && (echo "deb https://repos.fusiondirectory.org/fusiondirectory-current/debian-stretch stretch main"; \
-     echo "deb https://repos.fusiondirectory.org/fusiondirectory-extra/debian-stretch stretch main") \
-    > /etc/apt/sources.list.d/fusiondirectory-stretch.list \
- && apt-get update \
- && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
-    fusiondirectory-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-argonaut-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-autofs-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-gpg-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-mail-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-postfix-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-ssh-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-sudo-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-systems-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-weblink-schema=${FUSIONDIRECTORY_VERSION} \
-    fusiondirectory-plugin-webservice-schema=${FUSIONDIRECTORY_VERSION} \
- && apt-get clean \
- && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+	&& (echo "deb https://repos.fusiondirectory.org/fusiondirectory-current/debian-stretch stretch main"; \
+	echo "deb https://repos.fusiondirectory.org/fusiondirectory-extra/debian-stretch stretch main") \
+	> /etc/apt/sources.list.d/fusiondirectory-stretch.list \
+	&& apt-get update \
+	&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
+	fusiondirectory-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-argonaut-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-autofs-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-gpg-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-mail-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-postfix-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-ssh-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-sudo-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-systems-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-weblink-schema=${FUSIONDIRECTORY_VERSION} \
+	fusiondirectory-plugin-webservice-schema=${FUSIONDIRECTORY_VERSION} \
+	&& apt-get clean \
+	&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+ADD bootstrap /var/fusiondirectory/bootstrap
+ADD certs /container/service/slapd/assets/certs
+ADD environment /container/environment/01-custom
 
 COPY init.sh /sbin/init.sh
 RUN chmod 755 /sbin/init.sh

diff --git a/README.md b/README.md
@@ -5,6 +5,13 @@ includes the [FusionDirectory](https://www.fusiondirectory.org/) schemas.
 
 [![Travis Build Status](https://travis-ci.org/Fekide/docker-fusiondirectory-openldap.svg?branch=master)](https://travis-ci.org/Fekide/docker-fusiondirectory-openldap)
 
+## Versions
+
+Using:
+- [osixia/docker-openldap:1.2.4](https://github.com/osixia/docker-openldap)
+- [fusiondirectory 1.3-1](https://fusiondirectory-user-manual.readthedocs.io/en/1.3/index.html)
+
+
 ## Quick Start
 
 You can launch the image using the docker command:
@@ -20,12 +27,12 @@ docker run --name ldap -p 389:389 \
 
 ## Environment Variables
 
-|      Variable       | Function                                                  |       default |
-| :-----------------: | --------------------------------------------------------- | ------------: |
-|  LDAP_ORGANISATION  | Name of your Organisation                                 |  Example Inc. |
-|     LDAP_DOMAIN     | Domain of your Organisation                               |   example.org |
-| LDAP_ADMIN_PASSWORD | Password for the LDAP Admin  (cn=admin,dc=example,dc=org) |         admin |
-|  FD_ADMIN_PASSWORD  | Password for the FusionDirectory Admin (fd-admin)         | adminpassword |
+|      Variable       | Function                                                  |      default |
+| :-----------------: | --------------------------------------------------------- | -----------: |
+|  LDAP_ORGANISATION  | Name of your Organisation                                 | Example Inc. |
+|     LDAP_DOMAIN     | Domain of your Organisation                               |  example.org |
+| LDAP_ADMIN_PASSWORD | Password for the LDAP Admin  (cn=admin,dc=example,dc=org) |        admin |
+|  FD_ADMIN_PASSWORD  | Password for the FusionDirectory Admin (fd-admin)         |     password |
 
 ## References
 

diff --git a/bootstrap/ldif/add.ldif b/bootstrap/ldif/add.ldif
@@ -1,3 +1,19 @@
+dn: ou=roles,{{ LDAP_BASE_DN }}
+ou: roles
+objectClass: organizationalUnit
+
+dn: ou=groups,{{ LDAP_BASE_DN }}
+ou: groups
+objectClass: organizationalUnit
+
+dn: ou=people,{{ LDAP_BASE_DN }}
+ou: people
+objectClass: organizationalUnit
+
+dn: ou=aclroles,{{ LDAP_BASE_DN }}
+objectClass: organizationalUnit
+ou: aclroles
+
 dn: uid=fd-admin,{{ LDAP_BASE_DN }}
 objectClass: inetOrgPerson
 objectClass: organizationalPerson
@@ -6,11 +22,7 @@ cn: System Administrator
 sn: Administrator
 givenName: System
 uid: fd-admin
-userPassword: {{ FD_ADMIN_PASSWORD }}
-
-dn: ou=aclroles,{{ LDAP_BASE_DN }}
-objectClass: organizationalUnit
-ou: aclroles
+userPassword: {{ FD_ADMIN_PASSWORD_HASH }}
 
 dn: cn=admin,ou=aclroles,{{ LDAP_BASE_DN }}
 objectClass: top

diff --git a/bootstrap/ldif/modify.ldif b/bootstrap/ldif/modify.ldif
@@ -1,7 +1,14 @@
 dn: {{ LDAP_BASE_DN }}
 changetype: modify
+add: ou
+ou: {{ LDAP_BASE_DOMAIN }}
+-
+add: description
+description: {{ LDAP_BASE_DOMAIN }}
+-
+add: objectClass
 objectClass: gosaDepartment
-changetype: modify
 objectClass: gosaAcl
-changetype: modify
+-
+add: gosaAclEntry
 gosaAclEntry: 0:subtree:{{ CN_ADMIN_BS64 }}:{{ UID_FD_ADMIN_BS64 }}
diff --git a/example/docker-compose.yml b/example/docker-compose.yml
@@ -0,0 +1,18 @@
+version: '3'
+services:
+  openldap:
+    restart: always
+    image: fekide/fusiondirectory-openldap:latest
+    environment:
+      - LDAP_ORGANISATION="Example Organization"
+      - LDAP_DOMAIN=example.org
+      - LDAP_ADMIN_PASSWORD=adminpwd
+      - LDAP_CONFIG_PASSWORD=configpwd
+
+      - LDAP_READONLY_USER=true
+      - LDAP_READONLY_USER_USERNAME=reader
+      - LDAP_READONLY_USER_PASSWORD=readerpwd
+
+      - FD_ADMIN_PASSWORD=fdadminpwd
+
+      - LDAP_TLS=false
diff --git a/init.sh b/init.sh
@@ -10,8 +10,9 @@ if [ ! -e "$FIRST_START_DONE" ]; then
     sed -i "s|{{ LDAP_BACKEND }}|${LDAP_BACKEND}|g" $LDIF_FILE
     sed -i "s|{{ LDAP_DOMAIN }}|${LDAP_DOMAIN}|g" $LDIF_FILE
     sed -i "s|{{ CN_ADMIN_BS64 }}|${CN_ADMIN_BS64}|g" $LDIF_FILE
-    sed -i "s|{{ UID_FD_ADMIN_BS64 }}|${FD_ADMIN_PASSWORD}|g" $LDIF_FILE
-    sed -i "s|{{ FD_ADMIN_PASSWORD }}|${FD_ADMIN_PASSWORD}|g" $LDIF_FILE
+    sed -i "s|{{ UID_FD_ADMIN_BS64 }}|${UID_FD_ADMIN_BS64}|g" $LDIF_FILE
+    sed -i "s|{{ FD_ADMIN_PASSWORD_HASH }}|${FD_ADMIN_PASSWORD_HASH}|g" $LDIF_FILE
+    sed -i "s|{{ LDAP_BASE_DOMAIN }}|${LDAP_BASE_DOMAIN}|g" $LDIF_FILE
     if grep -iq changetype $LDIF_FILE ; then
         ( ldapmodify -Y EXTERNAL -Q -H ldapi:/// -f $LDIF_FILE 2>&1 || ldapmodify -h localhost -p 389 -D cn=admin,$LDAP_BASE_DN -w "$LDAP_ADMIN_PASSWORD" -f $LDIF_FILE 2>&1 ) | log-helper debug
     else
@@ -24,8 +25,13 @@ if [ ! -e "$FIRST_START_DONE" ]; then
 	CN_ADMIN_BS64=$(echo -n ${CN_ADMIN} | base64 | tr -d '\n')
 	UID_FD_ADMIN_BS64=$(echo -n ${UID_FD_ADMIN} | base64 | tr -d '\n')
 
-	LDAP_ADMIN_PASSWORD_HASH=$(slappasswd -s $LDAP_ADMIN_PASSWORD)
-	FD_ADMIN_PASSWORD_HASH=$(slappasswd -s $FD_ADMIN_PASSWORD)
+	LDAP_ADMIN_PASSWORD_HASH=$(slappasswd -s ${LDAP_ADMIN_PASSWORD})
+	FD_ADMIN_PASSWORD_HASH=$(slappasswd -s ${FD_ADMIN_PASSWORD})
+
+	IFS='.' read -ra LDAP_BASE_DN_TABLE <<< "$LDAP_DOMAIN"
+	LDAP_BASE_DOMAIN=${LDAP_BASE_DN_TABLE[0]}
+	echo LDAP_BASE_DOMAIN=${LDAP_BASE_DOMAIN}
+	echo TOP=${TOP}
 
 	fusiondirectory-insert-schema
 	mkdir /etc/ldap/schema/fusiondirectory/modify/

diff --git a/test/ldap.bats b/test/ldap.bats
@@ -14,7 +14,8 @@ setup() {
         -e LDAP_READONLY_USER_USERNAME="readonly" \
         -e LDAP_READONLY_USER_PASSWORD="readonlypwd" \
         -e FD_ADMIN_PASSWORD="fdadminpwd" \
-        -d hrektts/fusiondirectory-openldap:latest
+        -d fekide/fusiondirectory-openldap:bats
+    echo $status
     [ "${status}" -eq 0 ]
 
     until [ "$(ldapsearch -x -h localhost -b ou=snapshots,${BASE_DN} -D cn=admin,${BASE_DN} -w adminpwd | grep 'result:')" = "result: 0 Success" ]