Commit e520b151 authored by Christian Luginbühl's avatar Christian Luginbühl
Browse files

Simplified saving the configuration as own VOLUME and so removed symlink hack

parent d7beb4a7
......@@ -12,9 +12,11 @@ RUN apt-get update && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
RUN mv /etc/ldap /etc/ldap.dist
EXPOSE 389
VOLUME ["/var/lib/ldap"]
VOLUME ["/etc/ldap", "/var/lib/ldap"]
COPY entrypoint.sh /entrypoint.sh
......
......@@ -9,13 +9,13 @@ in the configuration.
NOTE: On purpose, there is no secured channel (TLS/SSL), because I believe that
this service should never be exposed to the internet, but only be used directly
by Docker containers using the `--link` option.
by other Docker containers using the `--link` option.
Usage
-----
The most simple form would be to start the application like so (however this is
not the recommended way - see above):
not the recommended way - see below):
docker run -d -p 389:389 -e SLAPD_PASSWORD=mysecretpassword -e SLAPD_DOMAIN=ldap.example.org dinkel/openldap
......@@ -34,7 +34,7 @@ OpenLDAP daemon is listening to (the port is the default port `389`).
Configuration (environment variables)
-------------------------------------
For the first run one has to set at least two envrironment variables. The first
For the first run, one has to set at least two environment variables. The first
SLAPD_PASSWORD
......@@ -77,8 +77,8 @@ envirnonment variables are not evaluated anymore.
Data persistence
----------------
The image exposes one directory (`VOLUME ["/var/lib/ldap"]`). It both holds the
database and the configuration (which is symlinked in a pretty hacky way - see
the `entrypoint.sh` file if interested). Please make sure that this directory is
saved (in a data-only container or alike) in order to make sure that everything
is restored after a new restart of the container.
The image exposes two directories (`VOLUME ["/etc/ldap", "/var/lib/ldap"]`).
The first holds the "static" configurationm while the second holds the actual
database. Please make sure that these two directories are saved (in a data-only
container or alike) in order to make sure that everything is restored after a
restart of the container.
......@@ -3,27 +3,24 @@ set -e
chown openldap:openldap /var/lib/ldap/
if [[ -d /var/lib/ldap/config ]]; then
rm -rf /etc/ldap
ln -s /var/lib/ldap/config /etc/ldap
else
if [[ ! -d /etc/ldap/slapd.d ]]; then
if [[ -z "$SLAPD_PASSWORD" ]]; then
echo >&2 "Error: slapd not configured and SLAPD_PASSWORD not set"
echo -n >&2 "Error: Container not configured and SLAPD_PASSWORD not set. "
echo >&2 "Did you forget to add -e SLAPD_PASSWORD=... ?"
exit 1
fi
if [[ -z "$SLAPD_DOMAIN" ]]; then
echo >&2 "Error: slapd not configured and SLAPD_DOMAIN not set"
echo -n >&2 "Error: Container not configured and SLAPD_DOMAIN not set. "
echo >&2 "Did you forget to add -e SLAPD_DOMAIN=... ?"
exit 1
fi
SLAPD_ORGANIZATION="${SLAPD_ORGANIZATION:-${SLAPD_DOMAIN}}"
cp -a /etc/ldap.dist/* /etc/ldap
cat <<-EOF | debconf-set-selections
slapd slapd/no_configuration boolean false
slapd slapd/password1 password $SLAPD_PASSWORD
......@@ -68,9 +65,12 @@ EOF
slapadd -n0 -F /etc/ldap/slapd.d -l "/etc/ldap/schema/${schema}.ldif" >/dev/null 2>&1
done
fi
else
slapd_configs_in_env=`env | grep 'SLAPD_'`
mv /etc/ldap /var/lib/ldap/config
ln -s /var/lib/ldap/config /etc/ldap
if [ -n "${slapd_configs_in_env:+x}" ]; then
echo "Info: Container already configured, therefore ignoring SLAPD_xxx environment variables"
fi
fi
exec "$@"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment