Added modules/overlays to configuration

Dockerfile

@@ -18,6 +18,8 @@ EXPOSE 389
 
 VOLUME ["/etc/ldap", "/var/lib/ldap"]
 
+COPY modules/ /etc/ldap.dist/modules
+
 COPY entrypoint.sh /entrypoint.sh
 
 ENTRYPOINT ["/entrypoint.sh"]

README.md

@@ -71,6 +71,17 @@ instructions, there are the following additional schemas available:
 `collective`, `corba`, `duaconf`, `dyngroup`, `java`, `misc`, `openldap`, `pmi`
 and `ppolicy`.
 
+At least one quite common module is neither loaded nor configured by default (I
+am talking about the `memberof` overlay). In order to activate this (and
+possibly other modules in the future), there is another environment variable
+called
+
+    SLAPD_ADDITIONAL_MODULES
+
+which can hold comma-separated enties. It will try to run `.ldif` files with
+a corresponsing name from th `module` directory. Currently only `memberof` is
+avaliable.
+
 After the first start of the image (and the initial configuration), these
 envirnonment variables are not evaluated anymore.
 

entrypoint.sh

@@ -27,7 +27,7 @@ if [[ ! -d /etc/ldap/slapd.d ]]; then
         slapd slapd/password2 password $SLAPD_PASSWORD
         slapd shared/organization string $SLAPD_ORGANIZATION
         slapd slapd/domain string $SLAPD_DOMAIN
-        slapd slapd/backend select hdb
+        slapd slapd/backend select HDB
         slapd slapd/allow_ldap_v2 boolean false
         slapd slapd/purge_database boolean false
         slapd slapd/move_old_database boolean true
@@ -65,6 +65,14 @@ EOF
             slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/schema/${schema}.ldif" >/dev/null 2>&1
         done
     fi
+
+    if [[ -n "$SLAPD_ADDITIONAL_MODULES" ]]; then
+        IFS=","; declare -a modules=($SLAPD_ADDITIONAL_MODULES)
+
+        for module in "${modules[@]}"; do
+             slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/modules/${module}.ldif" >/dev/null 2>&1
+        done
+    fi
 else
     slapd_configs_in_env=`env | grep 'SLAPD_'`
 

modules/memberof.ldif

+dn: cn=module,cn=config
+cn: module
+objectClass: olcModuleList
+objectClass: top
+olcModulePath: /usr/lib/ldap
+olcModuleLoad: memberof.la
+
+dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
+objectClass: olcConfig
+objectClass: olcMemberOf
+objectClass: olcOverlayConfig
+objectClass: top
+olcOverlay: memberof
+olcMemberOfDangling: ignore
+olcMemberOfRefInt: TRUE
+olcMemberOfGroupOC: groupOfNames
+olcMemberOfMemberAD: member
+olcMemberOfMemberOfAD: memberOf
+
+dn: cn=module,cn=config
+cn: module
+objectClass: olcModuleList
+objectClass: top
+olcModulePath: /usr/lib/ldap
+olcModuleLoad: refint.la
+
+dn: olcOverlay={1}refint,olcDatabase={1}hdb,cn=config
+objectClass: olcConfig
+objectClass: olcOverlayConfig
+objectClass: olcRefintConfig
+objectClass: top
+olcOverlay: {1}refint
+olcRefintAttribute: memberof member manager owner