HomeLab/ldap-user-manager
2
0
Fork 0
mirror of https://github.com/wheelybird/ldap-user-manager.git synced 2025-01-31 05:59:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'docker_secrets' into next_release

Browse Source
This commit is contained in:
Brian Lycett 2022-03-10 11:27:28 +00:00
commit 6f6dbb09e0
2 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -66,6 +66,11 @@ Configuration is via environmental variables. Please bear the following in mind
* This tool needs to bind to LDAP as a user that has the permissions to modify everything under the base DN. * This tool needs to bind to LDAP as a user that has the permissions to modify everything under the base DN.
* This interface is designed to work with a fresh LDAP server and should only be against existing, populated LDAP directories with caution and at your own risk. * This interface is designed to work with a fresh LDAP server and should only be against existing, populated LDAP directories with caution and at your own risk.
#### Containers: using files/secrets to set configuration variables
When running the user manager as a container you can append `_FILE` to any of the configuration variables and set the value to a filepath. Then when the container starts up it will set the appropriate configuration variable with the contents of the file.
For example, if you're using Docker Swarm and you've set the LDAP bind password as a Docker secret (`echo "myLDAPadminPassword" | docker secret create ldap_admin_bind_pwd -`) then you can set `LDAP_ADMIN_BIND_PWD_FILE=/run/secrets/ldap_admin_bind_pwd`. This will result in `LDAP_ADMIN_BIND_PWD` being set with the contents of `/run/secrets/ldap_admin_bind_pwd`.
### Mandatory: ### Mandatory:

17
entrypoint
View File

@ -4,6 +4,17 @@ set -e
ssl_dir="/opt/ssl" ssl_dir="/opt/ssl"
php_dir="/opt/ldap_user_manager" php_dir="/opt/ldap_user_manager"
env_file_replace() {
for env_file in $(env|grep _FILE=); do
read -a env <<< "$(echo "$env_file" | sed 's/\(.*\)_FILE=\(.*\)/\1 \2/')"
if [ -s "${env[1]}" ]; then
echo Setting "${env[0]}" from "${env[1]}"
export "${env[0]}"="$(cat "${env[1]}")"
else echo "${env[1]} does not exist or is empty. Leaving ${env[0]} unset"
fi
done
}
if [ ! "$SERVER_HOSTNAME" ]; then export SERVER_HOSTNAME="ldapusermanager.org"; fi if [ ! "$SERVER_HOSTNAME" ]; then export SERVER_HOSTNAME="ldapusermanager.org"; fi
if [ ! "$SERVER_PATH" ]; then if [ ! "$SERVER_PATH" ]; then
export SERVER_PATH="/"; export SERVER_PATH="/";
@ -75,7 +86,7 @@ else
echo "Generating openssl configuration" echo "Generating openssl configuration"
cat <<EoCertConf>$confout cat <<EoCertConf >$confout
subjectAltName = DNS:${SERVER_HOSTNAME},IP:127.0.0.1 subjectAltName = DNS:${SERVER_HOSTNAME},IP:127.0.0.1
extendedKeyUsage = serverAuth extendedKeyUsage = serverAuth
EoCertConf EoCertConf
@ -161,6 +172,10 @@ EoHTTPSC
fi fi
########################
#If <env_var>_FILE is set, read and export env_var from the referenced file's contents
env_file_replace
######################## ########################
#Run Apache #Run Apache