From 6266e34200c06668f9203f7d85a20468fd666485 Mon Sep 17 00:00:00 2001 From: Asif Bacchus Date: Sun, 20 Oct 2019 22:47:50 -0600 Subject: [PATCH] updated script in primary repo --- ab-openldap.params.template | 6 ++ ab-openldap.sh | 127 +++++++++++++++++++++++++++--------- 2 files changed, 102 insertions(+), 31 deletions(-) diff --git a/ab-openldap.params.template b/ab-openldap.params.template index 50fd1a4..c80f879 100644 --- a/ab-openldap.params.template +++ b/ab-openldap.params.template @@ -64,4 +64,10 @@ ANONYMOUS_BINDING=yes # The container will generate Diffie-Hellman parameters automatically the first # time it's launched with TLS certificates defined. +### Custom LDIFs +# Path to any custom LDIFs you want applied to the container. Leave this line/ +# variable commented-out if you don't have any LDIFs to apply. +# MY_LDIF=/path/to/my/LDIFs + + #EOF \ No newline at end of file diff --git a/ab-openldap.sh b/ab-openldap.sh index 3db9790..efbacb2 100755 --- a/ab-openldap.sh +++ b/ab-openldap.sh @@ -174,24 +174,52 @@ elif [ -z "$TLS_CERT" ]; then if [ $shell = true ]; then # exec shell printf "${cyan}\nRunning SHELL on %s...${norm}\n" "$container_name" - docker run --rm -it --name ${container_name} \ - --env-file ab-openldap.params \ - -p 389:389 -p 636:636 \ - docker.asifbacchus.app/ldap/ab-openldap:latest /bin/sh + if [ -d "$MY_LDIF" ]; then + # bind-mount custom LDIFs if specified + docker run --rm -it --name ${container_name} \ + --env-file ab-openldap.params \ + -v "$MY_LDIF":/etc/openldap/customLDIF \ + -p 389:389 -p 636:636 \ + docker.asifbacchus.app/ldap/ab-openldap:latest /bin/sh + else + docker run --rm -it --name ${container_name} \ + --env-file ab-openldap.params \ + -p 389:389 -p 636:636 \ + docker.asifbacchus.app/ldap/ab-openldap:latest /bin/sh + fi else # exec normally printf "${cyan}\nRunning OPENLDAP on %s...${norm}\n" "$container_name" if [ "$remove" -eq 1 ]; then - docker run --rm -d --name ${container_name} \ - --env-file ab-openldap.params \ - -p 389:389 -p 636:636 \ - docker.asifbacchus.app/ldap/ab-openldap:latest + if [ -d "$MY_LDIF" ]; then + # bind-mount custom LDIFs if specified + docker run --rm -d --name ${container_name} \ + --env-file ab-openldap.params \ + -v "$MY_LDIF":/etc/openldap/customLDIF \ + -p 389:389 -p 636:636 \ + docker.asifbacchus.app/ldap/ab-openldap:latest + else + docker run --rm -d --name ${container_name} \ + --env-file ab-openldap.params \ + -p 389:389 -p 636:636 \ + docker.asifbacchus.app/ldap/ab-openldap:latest + fi else - docker run -d --name ${container_name} \ + if [ -d "$MY_LDIF" ]; then + # bind-mount custom LDIFs if specified + docker run -d --name ${container_name} \ + --env-file ab-openldap.params \ + -v "$MY_LDIF":/etc/openldap/customLDIF \ + -p 389:389 -p 636:636 \ + --restart unless-stopped \ + docker.asifbacchus.app/ldap/ab-openldap:latest + else + docker run -d --name ${container_name} \ --env-file ab-openldap.params \ -p 389:389 -p 636:636 \ --restart unless-stopped \ docker.asifbacchus.app/ldap/ab-openldap:latest + fi fi fi # run with TLS @@ -199,33 +227,70 @@ elif [ "$TLS_CERT" ] && [ "$TLS_KEY" ] && [ "$TLS_CHAIN" ]; then if [ $shell = true ]; then # exec shell printf "${cyan}\nRunning SHELL on %s (TLS)...${norm}\n" "$container_name" - docker run --rm -it --name ${container_name} \ - --env-file ab-openldap.params \ - -v "$TLS_CERT":/certs/fullchain.pem:ro \ - -v "$TLS_KEY":/certs/privkey.pem:ro \ - -v "$TLS_CHAIN":/certs/chain.pem:ro \ - -p 389:389 -p 636:636 \ - docker.asifbacchus.app/ldap/ab-openldap:latest /bin/sh + if [ -d "$MY_LDIF" ]; then + # bind-mount custom LDIFs if specified + docker run --rm -it --name ${container_name} \ + --env-file ab-openldap.params \ + -v "$MY_LDIF":/etc/openldap/customLDIF \ + -v "$TLS_CERT":/certs/fullchain.pem:ro \ + -v "$TLS_KEY":/certs/privkey.pem:ro \ + -v "$TLS_CHAIN":/certs/chain.pem:ro \ + -p 389:389 -p 636:636 \ + docker.asifbacchus.app/ldap/ab-openldap:latest /bin/sh + else + docker run --rm -it --name ${container_name} \ + --env-file ab-openldap.params \ + -v "$TLS_CERT":/certs/fullchain.pem:ro \ + -v "$TLS_KEY":/certs/privkey.pem:ro \ + -v "$TLS_CHAIN":/certs/chain.pem:ro \ + -p 389:389 -p 636:636 \ + docker.asifbacchus.app/ldap/ab-openldap:latest /bin/sh + fi else # exec normally printf "${cyan}\nRunning OPENLDAP on %s (TLS)...${norm}\n" "$container_name" if [ "$remove" -eq 1 ]; then - docker run --rm -d --name ${container_name} \ - --env-file ab-openldap.params \ - -v "$TLS_CERT":/certs/fullchain.pem:ro \ - -v "$TLS_KEY":/certs/privkey.pem:ro \ - -v "$TLS_CHAIN":/certs/chain.pem:ro \ - -p 389:389 -p 636:636 \ - docker.asifbacchus.app/ldap/ab-openldap:latest + if [ -d "$MY_LDIF" ]; then + # bind-mount custom LDIFs if specified + docker run --rm -d --name ${container_name} \ + --env-file ab-openldap.params \ + -v "$MY_LDIF":/etc/openldap/customLDIF \ + -v "$TLS_CERT":/certs/fullchain.pem:ro \ + -v "$TLS_KEY":/certs/privkey.pem:ro \ + -v "$TLS_CHAIN":/certs/chain.pem:ro \ + -p 389:389 -p 636:636 \ + docker.asifbacchus.app/ldap/ab-openldap:latest + else + docker run --rm -d --name ${container_name} \ + --env-file ab-openldap.params \ + -v "$TLS_CERT":/certs/fullchain.pem:ro \ + -v "$TLS_KEY":/certs/privkey.pem:ro \ + -v "$TLS_CHAIN":/certs/chain.pem:ro \ + -p 389:389 -p 636:636 \ + docker.asifbacchus.app/ldap/ab-openldap:latest + fi else - docker run -d --name ${container_name} \ - --env-file ab-openldap.params \ - -v "$TLS_CERT":/certs/fullchain.pem:ro \ - -v "$TLS_KEY":/certs/privkey.pem:ro \ - -v "$TLS_CHAIN":/certs/chain.pem:ro \ - -p 389:389 -p 636:636 \ - --restart unless-stopped \ - docker.asifbacchus.app/ldap/ab-openldap:latest + if [ -d "$MY_LDIF" ]; then + # bind-mount custom LDIFs if specified + docker run -d --name ${container_name} \ + --env-file ab-openldap.params \ + -v "$MY_LDIF":/etc/openldap/customLDIF \ + -v "$TLS_CERT":/certs/fullchain.pem:ro \ + -v "$TLS_KEY":/certs/privkey.pem:ro \ + -v "$TLS_CHAIN":/certs/chain.pem:ro \ + -p 389:389 -p 636:636 \ + --restart unless-stopped \ + docker.asifbacchus.app/ldap/ab-openldap:latest + else + docker run -d --name ${container_name} \ + --env-file ab-openldap.params \ + -v "$TLS_CERT":/certs/fullchain.pem:ro \ + -v "$TLS_KEY":/certs/privkey.pem:ro \ + -v "$TLS_CHAIN":/certs/chain.pem:ro \ + -p 389:389 -p 636:636 \ + --restart unless-stopped \ + docker.asifbacchus.app/ldap/ab-openldap:latest + fi fi fi fi