1
0

[info=e63860c81130683ad1ccbc48dc888a13]

OBS-URL: https://build.opensuse.org/package/show/devel:BCI:Tumbleweed/389-ds-container?expand=0&rev=189
This commit is contained in:
Dan Čermák 2024-07-31 12:08:18 +00:00 committed by Git OBS Bridge
commit d860b871aa
7 changed files with 297 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

89
389-ds-container.changes Normal file
View File

@ -0,0 +1,89 @@
-------------------------------------------------------------------
Wed Jul 31 12:06:44 UTC 2024 - Dirk Mueller <dmueller@suse.com>
- set specific lifecycle url for openSUSE BCI
-------------------------------------------------------------------
Thu Jul 11 11:11:57 UTC 2024 - Alexandre Vicenzi <alexandre.vicenzi@suse.com>
- extend README
-------------------------------------------------------------------
Tue Jun 18 17:24:16 UTC 2024 - Dirk Mueller <dmueller@suse.com>
- use sentence style capitalization in READMEs
-------------------------------------------------------------------
Mon Jun 10 15:11:25 UTC 2024 - Dirk Mueller <dmueller@suse.com>
- update README; reduce unnecessary newlines
-------------------------------------------------------------------
Wed Jun 5 15:13:27 UTC 2024 - Dirk Mueller <dmueller@suse.com>
- Don't add artifacthub labels into labelprefix section
-------------------------------------------------------------------
Tue Jun 4 12:35:15 UTC 2024 - Alexandre Vicenzi <alexandre.vicenzi@suse.com>
- Fix grammar mistake in licensing footer
-------------------------------------------------------------------
Tue May 7 19:07:24 UTC 2024 - Dirk Mueller <dmueller@suse.com>
- extend READMEs; correct eula for application images
-------------------------------------------------------------------
Fri Apr 12 12:03:53 UTC 2024 - Dirk Mueller <dmueller@suse.com>
- Don't wipe everything in /var/log, only remove log files (this omits directories owned by packages)
-------------------------------------------------------------------
Wed Jan 17 14:29:14 UTC 2024 - Dan Čermák <dcermak@suse.com>
- Add initial README stub
-------------------------------------------------------------------
Tue Jan 2 08:26:58 UTC 2024 - Dirk Mueller <dmueller@suse.com>
- update year to 2024
-------------------------------------------------------------------
Thu Sep 28 14:29:10 UTC 2023 - Dirk Mueller <dmueller@suse.com>
- add copyright and description header
-------------------------------------------------------------------
Fri Jun 23 15:33:33 UTC 2023 - Dirk Mueller <dmueller@suse.com>
- label capitalization and related cleanups
-------------------------------------------------------------------
Tue May 30 06:52:56 UTC 2023 - Dan Čermák <dcermak@suse.com>
- Add release stage and lifecycle url
-------------------------------------------------------------------
Thu Mar 30 15:12:51 UTC 2023 - Dirk Mueller <dmueller@suse.com>
- put VOLUME statements last
-------------------------------------------------------------------
Fri Mar 3 07:24:36 UTC 2023 - Dan Čermák <dcermak@suse.com>
- Add org.opencontainers.image.source label set to %SOURCEURL%
-------------------------------------------------------------------
Wed Dec 21 14:05:36 UTC 2022 - Dirk Müller <dmueller@suse.com>
- BuildTag sorting and consistency fixes
-------------------------------------------------------------------
Fri Jul 15 11:06:10 UTC 2022 - Dan Čermák <dcermak@suse.com>
- Increase compatibility with openSUSE
-------------------------------------------------------------------
Tue May 3 09:03:44 UTC 2022 - Dan Čermák <dcermak@suse.com>
- First version of the 389-ds container

58
Dockerfile Normal file
View File

@ -0,0 +1,58 @@
# SPDX-License-Identifier: MIT
# Copyright (c) 2024 SUSE LLC
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon.
# The content of THIS FILE IS AUTOGENERATED and should not be manually modified.
# It is maintained by the BCI team and generated by
# https://github.com/SUSE/BCI-dockerfile-generator
# Please submit bugfixes or comments via https://bugs.opensuse.org/
# You can contact the BCI team via https://github.com/SUSE/bci/discussions
#!BuildTag: opensuse/389-ds:%%389ds_version%%
#!BuildTag: opensuse/389-ds:%%389ds_version%%-%RELEASE%
#!BuildTag: opensuse/389-ds:latest
FROM opensuse/tumbleweed:latest
MAINTAINER william.brown@suse.com
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=org.opensuse.application.389-ds
LABEL org.opencontainers.image.title="openSUSE Tumbleweed 389 Directory Server"
LABEL org.opencontainers.image.description="389 Directory Server container based on the openSUSE Tumbleweed Base Container Image."
LABEL org.opencontainers.image.version="%%389ds_version%%"
LABEL org.opencontainers.image.url="https://www.opensuse.org"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="openSUSE Project"
LABEL org.opencontainers.image.source="%SOURCEURL%"
LABEL org.opensuse.reference="registry.opensuse.org/opensuse/389-ds:%%389ds_version%%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL org.opensuse.lifecycle-url="https://en.opensuse.org/Lifetime#openSUSE_BCI"
LABEL org.opensuse.release-stage="released"
# endlabelprefix
LABEL io.artifacthub.package.readme-url="https://raw.githubusercontent.com/SUSE/BCI-dockerfile-generator/Tumbleweed/389-ds-container/README.md"
RUN set -euo pipefail; zypper -n in --no-recommends 389-ds timezone openssl nss_synth; zypper -n clean; rm -rf /var/log/{lastlog,tallylog,zypper.log,zypp/history,YaST2}
CMD ["/usr/lib/dirsrv/dscontainer", "-r"]
EXPOSE 3389 3636
COPY nsswitch.conf /etc/nsswitch.conf
RUN set -euo pipefail; mkdir -p /data/config; \
mkdir -p /data/ssca; \
mkdir -p /data/run; \
mkdir -p /var/run/dirsrv; \
ln -s /data/config /etc/dirsrv/slapd-localhost; \
ln -s /data/ssca /etc/dirsrv/ssca; \
ln -s /data/run /var/run/dirsrv
HEALTHCHECK --start-period=5m --timeout=5s --interval=5s --retries=2 \
CMD /usr/lib/dirsrv/dscontainer -H
VOLUME /data

94
README.md Normal file
View File

@ -0,0 +1,94 @@
# 389 Directory Server container image
## Description
[389 Directory Server](https://www.port389.org/) is a highly usable, fully
featured, reliable and secure LDAP server implementation.
## Usage
By default, the image launches 389 Directory Server with the same
configuration that comes with the SUSE Linux Enterprise Server. However there
is also included a pre-configured Name Service Switch (NSS) configuration
file (`/etc/nsswitch.conf`).
```ShellSession
$ podman run -it --rm -p 3389:3389 -p 3636:3636 registry.opensuse.org/opensuse/389-ds:%%389ds_version%%
```
## Volumes
The database is stored in the volume mounted as directory `/data`. A new
empty database is created during container startup, unless an existing
database is already present in `/data`.
To mount a host directory as a volume for your database, run the following
command:
```ShellSession
$ podman run -it --rm -v /my/own/datadir:/data:Z -p 3389:3389 -p 3636:3636 registry.opensuse.org/opensuse/389-ds:%%389ds_version%%
```
## Certificates
By default, the container uses a self-signed CA certificate and a server
certificate signed by that CA.
Place a custom TLS certificate in PEM format in `/data/tls/server.crt` and
the key in and `/data/tls/server.key`. Place the CA certificates (each as a
separate file) to `/data/tls/ca/`, for example, `/data/tls/ca/ca1.crt` and
`/data/tls/ca/ca2.crt`.
## Environment variables
### DS_ERRORLOG_LEVEL
Use this optional environment variable to set the log level for
`ns-slapd` (default is `266354688`).
### DS_DM_PASSWORD
Use this optional environment variable to set the `cn=Directory Manager`
password (a default password is generated randomly). The default randomly
generated password can be viewed in the setup log.
### DS_MEMORY_PERCENTAGE
Use this optional environment variable to set the LDBM autotune
percentage (`nsslapd-cache-autosize`) (default is unset).
### DS_REINDEX
Use this optional environment variable to run a database re-index task. Set
the value to `1` to enable the task (default is disabled).
### DS_SUFFIX_NAME
Use this optional environment variable to set the default database
suffix name for `basedn` (default one is derived from the hostname).
### DS_STARTUP_TIMEOUT
Use this optional environment variable to change the time to wait for the
instance to start (default is `60` seconds).
### DS_STOP_TIMEOUT
Use this optional environment variable to change the time to wait for the
instance to stop (default is `60` seconds).
## Health, liveness, and readiness
The container image includes one explicit health check. This check will
verify if the service is misconfigured, `ns-slapd` is running, and if the
LDAPI is functional.
## Licensing
`SPDX-License-Identifier: MIT`
This documentation and the build recipe are licensed as MIT.
The container itself contains various software components under various open source licenses listed in the associated
Software Bill of Materials (SBOM).
This image is based on [openSUSE Tumbleweed](https://get.opensuse.org/tumbleweed/).

10
_service Normal file
View File

@ -0,0 +1,10 @@
<services>
<service mode="buildtime" name="docker_label_helper"/>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service name="replace_using_package_version" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="regex">%%389ds_version%%</param>
<param name="package">389-ds</param>
<param name="parse-version">minor</param>
</service>
</services>

22
nsswitch.conf Normal file
View File

@ -0,0 +1,22 @@
passwd: compat synth
group: compat synth
shadow: compat
# Allow initgroups to default to the setting for group.
# initgroups: compat
hosts: files dns
networks: files dns
aliases: files usrfiles
ethers: files usrfiles
gshadow: files usrfiles
netgroup: files nis
protocols: files usrfiles
publickey: files
rpc: files usrfiles
services: files usrfiles
automount: files nis
bootparams: files
netmasks: files