Bitnami/containers
2
0
Fork 0
mirror of https://github.com/bitnami/containers.git synced 2026-03-21 15:29:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/openldap] Renaming env variables as pointed in #19716 (#75245)

Browse Source 
Signed-off-by: barsikus007 <barsikus07@gmail.com>
This commit is contained in:
barsikus007
2024-11-27 14:15:02 +03:00
committed by GitHub
parent 703f51c7e8
commit 5482697e4b
3 changed files with 37 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
bitnami/openldap/2.5/debian-12/rootfs/opt/bitnami/scripts/libopenldap.sh
View File

@@ -69,7 +69,9 @@ export LDAP_EXTRA_SCHEMAS="${LDAP_EXTRA_SCHEMAS:-cosine,inetorgperson,nis}"
export LDAP_SKIP_DEFAULT_TREE="${LDAP_SKIP_DEFAULT_TREE:-no}" export LDAP_SKIP_DEFAULT_TREE="${LDAP_SKIP_DEFAULT_TREE:-no}"
export LDAP_USERS="${LDAP_USERS:-user01,user02}" export LDAP_USERS="${LDAP_USERS:-user01,user02}"
export LDAP_PASSWORDS="${LDAP_PASSWORDS:-bitnami1,bitnami2}" export LDAP_PASSWORDS="${LDAP_PASSWORDS:-bitnami1,bitnami2}"
export LDAP_USER_DC="${LDAP_USER_DC:-users}" export LDAP_USER_DC="${LDAP_USER_DC:-}"
export LDAP_USER_OU="${LDAP_USER_OU:-${LDAP_USER_DC:-users}}"
export LDAP_GROUP_OU="${LDAP_GROUP_OU:-${LDAP_USER_DC:-groups}}"
export LDAP_GROUP="${LDAP_GROUP:-readers}" export LDAP_GROUP="${LDAP_GROUP:-readers}"
export LDAP_ENABLE_TLS="${LDAP_ENABLE_TLS:-no}" export LDAP_ENABLE_TLS="${LDAP_ENABLE_TLS:-no}"
export LDAP_REQUIRE_TLS="${LDAP_REQUIRE_TLS:-no}" export LDAP_REQUIRE_TLS="${LDAP_REQUIRE_TLS:-no}"
@@ -187,6 +189,10 @@ ldap_validate() {
fi fi
fi fi
if [[ -n "$LDAP_USER_DC" ]]; then
warn "The env variable 'LDAP_USER_DC' has been deprecated and will be removed in a future release. Please use 'LDAP_USER_OU' and 'LDAP_GROUP_OU' instead."
fi
[[ "$error_code" -eq 0 ]] || exit "$error_code" [[ "$error_code" -eq 0 ]] || exit "$error_code"
} }
@@ -538,10 +544,14 @@ objectClass: organization
dc: $dc dc: $dc
o: $o o: $o
dn: ${LDAP_USER_DC/#/ou=},${LDAP_ROOT} dn: ${LDAP_USER_OU/#/ou=},${LDAP_ROOT}
objectClass: organizationalUnit objectClass: organizationalUnit
ou: users ou: users
dn: ${LDAP_GROUP_OU/#/ou=},${LDAP_ROOT}
objectClass: organizationalUnit
ou: groups
EOF EOF
read -r -a users <<< "$(tr ',;' ' ' <<< "${LDAP_USERS}")" read -r -a users <<< "$(tr ',;' ' ' <<< "${LDAP_USERS}")"
read -r -a passwords <<< "$(tr ',;' ' ' <<< "${LDAP_PASSWORDS}")" read -r -a passwords <<< "$(tr ',;' ' ' <<< "${LDAP_PASSWORDS}")"
@@ -549,7 +559,7 @@ EOF
for user in "${users[@]}"; do for user in "${users[@]}"; do
cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF
# User $user creation # User $user creation
dn: ${user/#/cn=},${LDAP_USER_DC/#/ou=},${LDAP_ROOT} dn: ${user/#/cn=},${LDAP_USER_OU/#/ou=},${LDAP_ROOT}
cn: User$((index + 1 )) cn: User$((index + 1 ))
sn: Bar$((index + 1 )) sn: Bar$((index + 1 ))
objectClass: inetOrgPerson objectClass: inetOrgPerson
@@ -566,7 +576,7 @@ EOF
done done
cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF
# Group creation # Group creation
dn: ${LDAP_GROUP/#/cn=},${LDAP_USER_DC/#/ou=},${LDAP_ROOT} dn: ${LDAP_GROUP/#/cn=},${LDAP_GROUP_OU/#/ou=},${LDAP_ROOT}
cn: $LDAP_GROUP cn: $LDAP_GROUP
objectClass: groupOfNames objectClass: groupOfNames
# User group membership # User group membership
@@ -574,7 +584,7 @@ EOF
for user in "${users[@]}"; do for user in "${users[@]}"; do
cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF
member: ${user/#/cn=},${LDAP_USER_DC/#/ou=},${LDAP_ROOT} member: ${user/#/cn=},${LDAP_USER_OU/#/ou=},${LDAP_ROOT}
EOF EOF
done done
@@ -592,7 +602,7 @@ EOF
######################### #########################
ldap_add_custom_ldifs() { ldap_add_custom_ldifs() {
info "Loading custom LDIF files..." info "Loading custom LDIF files..."
warn "Ignoring LDAP_USERS, LDAP_PASSWORDS, LDAP_USER_DC and LDAP_GROUP environment variables..." warn "Ignoring LDAP_USERS, LDAP_PASSWORDS, LDAP_USER_OU, LDAP_GROUP_OU and LDAP_GROUP environment variables..."
find "$LDAP_CUSTOM_LDIF_DIR" -maxdepth 1 \( -type f -o -type l \) -iname '*.ldif' -print0 | sort -z | xargs --null -I{} bash -c ". /opt/bitnami/scripts/libos.sh && debug_execute ldapadd -f {} -H 'ldapi:///' -D \"$LDAP_ADMIN_DN\" -w \"$LDAP_ADMIN_PASSWORD\"" find "$LDAP_CUSTOM_LDIF_DIR" -maxdepth 1 \( -type f -o -type l \) -iname '*.ldif' -print0 | sort -z | xargs --null -I{} bash -c ". /opt/bitnami/scripts/libos.sh && debug_execute ldapadd -f {} -H 'ldapi:///' -D \"$LDAP_ADMIN_DN\" -w \"$LDAP_ADMIN_PASSWORD\""
} }

22
bitnami/openldap/2.6/debian-12/rootfs/opt/bitnami/scripts/libopenldap.sh
View File

@@ -69,7 +69,9 @@ export LDAP_EXTRA_SCHEMAS="${LDAP_EXTRA_SCHEMAS:-cosine,inetorgperson,nis}"
export LDAP_SKIP_DEFAULT_TREE="${LDAP_SKIP_DEFAULT_TREE:-no}" export LDAP_SKIP_DEFAULT_TREE="${LDAP_SKIP_DEFAULT_TREE:-no}"
export LDAP_USERS="${LDAP_USERS:-user01,user02}" export LDAP_USERS="${LDAP_USERS:-user01,user02}"
export LDAP_PASSWORDS="${LDAP_PASSWORDS:-bitnami1,bitnami2}" export LDAP_PASSWORDS="${LDAP_PASSWORDS:-bitnami1,bitnami2}"
export LDAP_USER_DC="${LDAP_USER_DC:-users}" export LDAP_USER_DC="${LDAP_USER_DC:-}"
export LDAP_USER_OU="${LDAP_USER_OU:-${LDAP_USER_DC:-users}}"
export LDAP_GROUP_OU="${LDAP_GROUP_OU:-${LDAP_USER_DC:-groups}}"
export LDAP_GROUP="${LDAP_GROUP:-readers}" export LDAP_GROUP="${LDAP_GROUP:-readers}"
export LDAP_ENABLE_TLS="${LDAP_ENABLE_TLS:-no}" export LDAP_ENABLE_TLS="${LDAP_ENABLE_TLS:-no}"
export LDAP_REQUIRE_TLS="${LDAP_REQUIRE_TLS:-no}" export LDAP_REQUIRE_TLS="${LDAP_REQUIRE_TLS:-no}"
@@ -187,6 +189,10 @@ ldap_validate() {
fi fi
fi fi
if [[ -n "$LDAP_USER_DC" ]]; then
warn "The env variable 'LDAP_USER_DC' has been deprecated and will be removed in a future release. Please use 'LDAP_USER_OU' and 'LDAP_GROUP_OU' instead."
fi
[[ "$error_code" -eq 0 ]] || exit "$error_code" [[ "$error_code" -eq 0 ]] || exit "$error_code"
} }
@@ -538,10 +544,14 @@ objectClass: organization
dc: $dc dc: $dc
o: $o o: $o
dn: ${LDAP_USER_DC/#/ou=},${LDAP_ROOT} dn: ${LDAP_USER_OU/#/ou=},${LDAP_ROOT}
objectClass: organizationalUnit objectClass: organizationalUnit
ou: users ou: users
dn: ${LDAP_GROUP_OU/#/ou=},${LDAP_ROOT}
objectClass: organizationalUnit
ou: groups
EOF EOF
read -r -a users <<< "$(tr ',;' ' ' <<< "${LDAP_USERS}")" read -r -a users <<< "$(tr ',;' ' ' <<< "${LDAP_USERS}")"
read -r -a passwords <<< "$(tr ',;' ' ' <<< "${LDAP_PASSWORDS}")" read -r -a passwords <<< "$(tr ',;' ' ' <<< "${LDAP_PASSWORDS}")"
@@ -549,7 +559,7 @@ EOF
for user in "${users[@]}"; do for user in "${users[@]}"; do
cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF
# User $user creation # User $user creation
dn: ${user/#/cn=},${LDAP_USER_DC/#/ou=},${LDAP_ROOT} dn: ${user/#/cn=},${LDAP_USER_OU/#/ou=},${LDAP_ROOT}
cn: User$((index + 1 )) cn: User$((index + 1 ))
sn: Bar$((index + 1 )) sn: Bar$((index + 1 ))
objectClass: inetOrgPerson objectClass: inetOrgPerson
@@ -566,7 +576,7 @@ EOF
done done
cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF
# Group creation # Group creation
dn: ${LDAP_GROUP/#/cn=},${LDAP_USER_DC/#/ou=},${LDAP_ROOT} dn: ${LDAP_GROUP/#/cn=},${LDAP_GROUP_OU/#/ou=},${LDAP_ROOT}
cn: $LDAP_GROUP cn: $LDAP_GROUP
objectClass: groupOfNames objectClass: groupOfNames
# User group membership # User group membership
@@ -574,7 +584,7 @@ EOF
for user in "${users[@]}"; do for user in "${users[@]}"; do
cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF cat >> "${LDAP_SHARE_DIR}/tree.ldif" << EOF
member: ${user/#/cn=},${LDAP_USER_DC/#/ou=},${LDAP_ROOT} member: ${user/#/cn=},${LDAP_USER_OU/#/ou=},${LDAP_ROOT}
EOF EOF
done done
@@ -592,7 +602,7 @@ EOF
######################### #########################
ldap_add_custom_ldifs() { ldap_add_custom_ldifs() {
info "Loading custom LDIF files..." info "Loading custom LDIF files..."
warn "Ignoring LDAP_USERS, LDAP_PASSWORDS, LDAP_USER_DC and LDAP_GROUP environment variables..." warn "Ignoring LDAP_USERS, LDAP_PASSWORDS, LDAP_USER_OU, LDAP_GROUP_OU and LDAP_GROUP environment variables..."
find "$LDAP_CUSTOM_LDIF_DIR" -maxdepth 1 \( -type f -o -type l \) -iname '*.ldif' -print0 | sort -z | xargs --null -I{} bash -c ". /opt/bitnami/scripts/libos.sh && debug_execute ldapadd -f {} -H 'ldapi:///' -D \"$LDAP_ADMIN_DN\" -w \"$LDAP_ADMIN_PASSWORD\"" find "$LDAP_CUSTOM_LDIF_DIR" -maxdepth 1 \( -type f -o -type l \) -iname '*.ldif' -print0 | sort -z | xargs --null -I{} bash -c ". /opt/bitnami/scripts/libos.sh && debug_execute ldapadd -f {} -H 'ldapi:///' -D \"$LDAP_ADMIN_DN\" -w \"$LDAP_ADMIN_PASSWORD\""
} }

8
bitnami/openldap/README.md
View File

@@ -179,12 +179,14 @@ The Bitnami Docker OpenLDAP can be easily setup with the following environment v
* `LDAP_CONFIG_ADMIN_PASSWORD_FILE`: Path to a file that contains the LDAP configuration admin user password. This will override the value specified in `LDAP_CONFIG_ADMIN_PASSWORD`. No defaults. * `LDAP_CONFIG_ADMIN_PASSWORD_FILE`: Path to a file that contains the LDAP configuration admin user password. This will override the value specified in `LDAP_CONFIG_ADMIN_PASSWORD`. No defaults.
* `LDAP_USERS`: Comma separated list of LDAP users to create in the default LDAP tree. Default: **user01,user02** * `LDAP_USERS`: Comma separated list of LDAP users to create in the default LDAP tree. Default: **user01,user02**
* `LDAP_PASSWORDS`: Comma separated list of passwords to use for LDAP users. Default: **bitnami1,bitnami2** * `LDAP_PASSWORDS`: Comma separated list of passwords to use for LDAP users. Default: **bitnami1,bitnami2**
* `LDAP_USER_DC`: DC for the users' organizational unit. Default: **users** * `LDAP_USER_OU`: Name for the user's organizational unit. Default: **users**
* `LDAP_GROUP_OU`: Name for the group's organizational unit. Default: **groups**
* `LDAP_USER_DC`: DC for the users' organizational unit. **DEPRECATED** Please use `LDAP_USER_OU` and `LDAP_GROUP_OU` instead.
* `LDAP_GROUP`: Group used to group created users. Default: **readers** * `LDAP_GROUP`: Group used to group created users. Default: **readers**
* `LDAP_ADD_SCHEMAS`: Whether to add the schemas specified in `LDAP_EXTRA_SCHEMAS`. Default: **yes** * `LDAP_ADD_SCHEMAS`: Whether to add the schemas specified in `LDAP_EXTRA_SCHEMAS`. Default: **yes**
* `LDAP_EXTRA_SCHEMAS`: Extra schemas to add, among OpenLDAP's distributed schemas. Default: **cosine, inetorgperson, nis** * `LDAP_EXTRA_SCHEMAS`: Extra schemas to add, among OpenLDAP's distributed schemas. Default: **cosine, inetorgperson, nis**
* `LDAP_SKIP_DEFAULT_TREE`: Whether to skip creating the default LDAP tree based on `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP`. Please note that this will **not** skip the addition of schemas or importing of LDIF files. Default: **no** * `LDAP_SKIP_DEFAULT_TREE`: Whether to skip creating the default LDAP tree based on `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_OU`, `LDAP_GROUP_OU` and `LDAP_GROUP`. Please note that this will **not** skip the addition of schemas or importing of LDIF files. Default: **no**
* `LDAP_CUSTOM_LDIF_DIR`: Location of a directory that contains LDIF files that should be used to bootstrap the database. Only files ending in `.ldif` will be used. Default LDAP tree based on the `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP` will be skipped when `LDAP_CUSTOM_LDIF_DIR` is used. When using this it will override the usage of `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP`. You should set `LDAP_ROOT` to your base to make sure the `olcSuffix` configured on the database matches the contents imported from the LDIF files. Default: **/ldifs** * `LDAP_CUSTOM_LDIF_DIR`: Location of a directory that contains LDIF files that should be used to bootstrap the database. Only files ending in `.ldif` will be used. Default LDAP tree based on the `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_OU`, `LDAP_GROUP_OU` and `LDAP_GROUP` will be skipped when `LDAP_CUSTOM_LDIF_DIR` is used. When using this it will override the usage of `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_OU`, `LDAP_GROUP_OU` and `LDAP_GROUP`. You should set `LDAP_ROOT` to your base to make sure the `olcSuffix` configured on the database matches the contents imported from the LDIF files. Default: **/ldifs**
* `LDAP_CUSTOM_SCHEMA_FILE`: Location of a custom internal schema file that could not be added as custom ldif file (i.e. containing some `structuralObjectClass`). Default is **/schema/custom.ldif**" * `LDAP_CUSTOM_SCHEMA_FILE`: Location of a custom internal schema file that could not be added as custom ldif file (i.e. containing some `structuralObjectClass`). Default is **/schema/custom.ldif**"
* `LDAP_CUSTOM_SCHEMA_DIR`: Location of a directory containing custom internal schema files that could not be added as custom ldif files (i.e. containing some `structuralObjectClass`). This can be used in addition to or instead of `LDAP_CUSTOM_SCHEMA_FILE` (above) to add multiple schema files. Default: **/schemas** * `LDAP_CUSTOM_SCHEMA_DIR`: Location of a directory containing custom internal schema files that could not be added as custom ldif files (i.e. containing some `structuralObjectClass`). This can be used in addition to or instead of `LDAP_CUSTOM_SCHEMA_FILE` (above) to add multiple schema files. Default: **/schemas**
* `LDAP_ULIMIT_NOFILES`: Maximum number of open file descriptors. Default: **1024**. * `LDAP_ULIMIT_NOFILES`: Maximum number of open file descriptors. Default: **1024**.