Accepting request 844086 from home:kukuk:container

- Check for errors when importing ldif files - Add support to import ldif files for mailserver setup - Add timezone package - Load postfix.ldif by default, delete duplicate file - Pre-process mailserver/*.ldif files OBS-URL: https://build.opensuse.org/request/show/844086 OBS-URL: https://build.opensuse.org/package/show/devel:kubic:containers/opensuse-openldap-image?expand=0&rev=3
2020-10-26 13:09:54 +00:00 · 2020-10-26 13:09:54 +00:00 · 448a310b1a
commit 448a310b1a
parent 29ace811ad
5 changed files with 51 additions and 35 deletions
--- a/README.md
+++ b/README.md
@ -103,41 +103,42 @@ Add --env LDAP_TLS=0 to the run command: `podman run -e LDAP_TLS=0 ...`
 ## Supported environment variables:
 ### Generic variables:
- `DEBUG=[0|1]`	Enables "set -x" in the entrypoint script
+- `DEBUG=[0|1]`		   Enables "set -x" in the entrypoint script
- `TZ`			Timezone to use in the container
+- `TZ`			   Timezone to use in the container
 ### Variables for new database:
- `LDAP_DOMAIN`		Ldap domain. Defaults to `example.org`
+- `LDAP_DOMAIN`		   Ldap domain. Defaults to `example.org`
- `LDAP_BASE_DN`	Ldap base DN. If empty automatically set from `LDAP_DOMAIN` value. Defaults to (`empty`)
+- `LDAP_BASE_DN`	   Ldap base DN. If empty automatically set from `LDAP_DOMAIN` value. Defaults to (`empty`)
- `LDAP_ORGANISATION`	Organisation name. Defaults to `Example Inc.`
+- `LDAP_ORGANIZATION`	   Organization name. Defaults to `Example Inc.`
- `LDAP_ADMIN_PASSWORD`	Ldap admin password. It's required to supply one if no database exists at startup.
+- `LDAP_ADMIN_PASSWORD`	   Ldap admin password. It's required to supply one if no database exists at startup.
- `LDAP_CONFIG_PASSWORD`	Ldap config password. It's required to supply one if no database exists at startup.
+- `LDAP_CONFIG_PASSWORD`   Ldap config password. It's required to supply one if no database exists at startup.
- `LDAP_BACKEND`	Database backend, defaults to `mdb`
+- `LDAP_BACKEND`	   Database backend, defaults to `mdb`
- `LDAP_SEED_LDIF_PATH` Path with additional ldif files which will be loaded
+- `LDAP_SEED_LDIF_PATH`    Path with additional ldif files which will be loaded
- `LDAP_SEED_SCHEMA_PATH`	Path with additional schema which will be loaded
+- `LDAP_SEED_SCHEMA_PATH`  Path with additional schema which will be loaded
 ### Variables for TLS:
- `LDAP_TLS=[1|0]`	Enable TLS. Defaults to `1` (true).
+- `LDAP_TLS=[1|0]`	   Enable TLS. Defaults to `1` (true).
- `LDAP_TLS_CA_CRT`	LDAP ssl CA certificate. Defaults to `/etc/openldap/certs/ca.crt`.
+- `LDAP_TLS_CA_CRT`	   LDAP ssl CA certificate. Defaults to `/etc/openldap/certs/openldap-ca.crt`.
- `LDAP_TLS_CA_KEY`	Private LDAP CA key. Defaults to `/etc/openldap/certs/ca.key`.
+- `LDAP_TLS_CA_KEY`	   Private LDAP CA key. Defaults to `/etc/openldap/certs/openldap-ca.key`.
- `LDAP_TLS_CRT`	LDAP ssl certificate. Defaults to `/etc/openldap/certs/tls.crt`.
+- `LDAP_TLS_CRT`	   LDAP ssl certificate. Defaults to `/etc/openldap/certs/tls.crt`.
- `LDAP_TLS_KEY`	Private LDAP ssl key. Defaults to `/etc/openldap/certs/tls.key`.
+- `LDAP_TLS_KEY`	   Private LDAP ssl key. Defaults to `/etc/openldap/certs/tls.key`.
- `LDAP_TLS_DH_PARAM`	LDAP ssl certificate dh param file.
+- `LDAP_TLS_DH_PARAM`	   LDAP ssl certificate dh param file.
- `LDAP_TLS_ENFORCE=[0|1]`   Enforce TLS but except ldapi connections. Defaults to `0` (false).
+- `LDAP_TLS_ENFORCE=[0|1]` Enforce TLS but except ldapi connections. Defaults to `0` (false).
- `LDAP_TLS_CIPHER_SUITE`    TLS cipher suite.
+- `LDAP_TLS_CIPHER_SUITE`  TLS cipher suite.
- `LDAP_TLS_VERIFY_CLIENT`   TLS verify client. Defaults to `demand`.
+- `LDAP_TLS_VERIFY_CLIENT` TLS verify client. Defaults to `demand`.
 ### Various configuration variables:
- `LDAP_NOFILE` 	Number of open files (ulimt -n), default `1024`
+- `LDAP_NOFILE` 	   Number of open files (ulimt -n), default `1024`
- `LDAP_PORT`   	Port for ldap:///, defaults to `389`
+- `LDAP_PORT`   	   Port for ldap:///, defaults to `389`
- `LDAPS_PORT`		Port for ldaps:///, defaults to `636`
+- `LDAPS_PORT`		   Port for ldaps:///, defaults to `636`
- `LDAPI_URL`		Ldapi url, defaults to `ldapi:///run/slapd/ldapi`
+- `LDAPI_URL`		   Ldapi url, defaults to `ldapi:///run/slapd/ldapi`
- `LDAP_UID`            UID of ldap user. All LDAP related files will be changed to this UID
+- `LDAP_UID`               UID of ldap user. All LDAP related files will be changed to this UID
- `LDAP_GID`		GID of ldap group. All LDAP related files will be changed to this GID
+- `LDAP_GID`		   GID of ldap group. All LDAP related files will be changed to this GID
- `LDAP_BACKEND`	Database backend, defaults to `mdb`
+- `LDAP_BACKEND`	   Database backend, defaults to `mdb`
- `SLAPD_LOG_LEVEL`     Slapd debug devel, defaults to `0`
+- `SLAPD_LOG_LEVEL`        Slapd debug devel, defaults to `0`
 - `SETUP_FOR_MAILSERVER`   The mail organization will be created (ldif/mailserver/), defaults to `0`
 ## Data persistence volumes
- `/etc/openldap/certs`		TLS certificates for slapd
+- `/etc/openldap/certs`	   TLS certificates for slapd
- `/etc/openldap/slapd.d`	Slapd configuration files
+- `/etc/openldap/slapd.d`  Slapd configuration files
- `/var/lib/ldap`		OpenLDAP database
+- `/var/lib/ldap`	   OpenLDAP database
--- a/config.sh
+++ b/config.sh
@ -16,6 +16,3 @@ mv /etc/sysconfig/openldap /etc/sysconfig/openldap.example
 # No default domain and standard password ...
 rm /etc/openldap/slapd.conf
 # Fix path so that update-ca-certificates does not complain
 # [bsc#1175340]
 rm /etc/ssl/certs && ln -sf /var/lib/ca-certificates/pem /etc/ssl/certs
--- a/entrypoint.tar.gz
+++ b/entrypoint.tar.gz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:731c4a9b3ae55f5f54396c5d0da49dcee67e84efada7bc040d3debc6102c4658
+oid sha256:3e574daadc1537e89403e5473ed55f49cf3d52f2b5b24fb7e8882d9f98d502b7
-size 8427
+size 8730
--- a/opensuse-openldap-image.changes
+++ b/opensuse-openldap-image.changes
@ -1,3 +1,20 @@
 -------------------------------------------------------------------
 Mon Oct 26 12:42:00 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
 - Check for errors when importing ldif files
 - Add support to import ldif files for mailserver setup
 -------------------------------------------------------------------
 Mon Sep 28 18:50:23 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
 - Add timezone package 
 -------------------------------------------------------------------
 Thu Aug 27 08:16:26 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
 - Load postfix.ldif by default, delete duplicate file
 - Pre-process mailserver/*.ldif files
 -------------------------------------------------------------------
 Wed Aug 26 15:57:24 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
--- a/opensuse-openldap-image.kiwi
+++ b/opensuse-openldap-image.kiwi
@ -54,6 +54,7 @@
    <package name="openldap2-client"/>
    <package name="openldap2-ppolicy-check-password"/>
    <package name="openssl"/>
    <package name="timezone"/>
    <package name="mandoc"/>
    <package name="ca-certificates"/>
    <package name="ca-certificates-mozilla"/>