Remove confog.php bootstrap
This commit is contained in:
parent
6a5bd17d78
commit
c42491a388
8
Dockerfile
Normal file
8
Dockerfile
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
FROM osixia/phpldapadmin
|
||||||
|
ENV DEBIAN_FRONTEND=noninteractive
|
||||||
|
RUN apt update && \
|
||||||
|
apt install --no-install-recommends -y ca-certificates dnsutils iputils-ping && \
|
||||||
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
COPY ldap.conf /etc/ldap/ldap.conf
|
||||||
|
COPY startup.sh /container/service/phpldapadmin/startup.sh
|
||||||
|
|
@ -1,2 +1,7 @@
|
|||||||
# phpldapadmin
|
Extendded from Osixia/phpldapadmin
|
||||||
|
|
||||||
|
- Adds ca-certificates package
|
||||||
|
- Points ldap.conf TLS_CACERT to the ISRG Root X1 CA (allows using let's Encrypt certificates for ldaps)
|
||||||
|
- Rips out the config.php bootstrap from startup
|
||||||
|
- Expects an existing config (ie a volume mounted configMap) present at /container/service/phpldapadmin/assets/config/config.php
|
||||||
|
- The read-only config mount will be copied to /var/www/phpldapadmin/config/config.php at startup and chowned to www-data
|
||||||
|
72
startup.sh
Executable file
72
startup.sh
Executable file
@ -0,0 +1,72 @@
|
|||||||
|
#!/bin/bash -e
|
||||||
|
|
||||||
|
# set -x (bash debug) if log level is trace
|
||||||
|
# https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/log-helper
|
||||||
|
log-helper level eq trace && set -x
|
||||||
|
|
||||||
|
FIRST_START_DONE="${CONTAINER_STATE_DIR}/docker-phpldapadmin-first-start-done"
|
||||||
|
|
||||||
|
#
|
||||||
|
# HTTPS config
|
||||||
|
#
|
||||||
|
if [ "${PHPLDAPADMIN_HTTPS,,}" == "true" ]; then
|
||||||
|
|
||||||
|
log-helper info "Set apache2 https config..."
|
||||||
|
|
||||||
|
# generate a certificate and key if files don't exists
|
||||||
|
# https://github.com/osixia/docker-light-baseimage/blob/stable/image/service-available/:ssl-tools/assets/tool/ssl-helper
|
||||||
|
ssl-helper ${PHPLDAPADMIN_SSL_HELPER_PREFIX} "${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/certs/$PHPLDAPADMIN_HTTPS_CRT_FILENAME" "${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/certs/$PHPLDAPADMIN_HTTPS_KEY_FILENAME" "${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/certs/$PHPLDAPADMIN_HTTPS_CA_CRT_FILENAME"
|
||||||
|
|
||||||
|
# add CA certificat config if CA cert exists
|
||||||
|
if [ -e "${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/certs/$PHPLDAPADMIN_HTTPS_CA_CRT_FILENAME" ]; then
|
||||||
|
sed -i "s/#SSLCACertificateFile/SSLCACertificateFile/g" ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/https.conf
|
||||||
|
fi
|
||||||
|
|
||||||
|
ln -sf ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/https.conf /etc/apache2/sites-available/phpldapadmin.conf
|
||||||
|
#
|
||||||
|
# HTTP config
|
||||||
|
#
|
||||||
|
else
|
||||||
|
log-helper info "Set apache2 http config..."
|
||||||
|
ln -sf ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/http.conf /etc/apache2/sites-available/phpldapadmin.conf
|
||||||
|
fi
|
||||||
|
|
||||||
|
#
|
||||||
|
# Reverse proxy config
|
||||||
|
#
|
||||||
|
if [ "${PHPLDAPADMIN_TRUST_PROXY_SSL,,}" == "true" ]; then
|
||||||
|
echo 'SetEnvIf X-Forwarded-Proto "^https$" HTTPS=on' > /etc/apache2/mods-enabled/remoteip_ssl.conf
|
||||||
|
fi
|
||||||
|
|
||||||
|
a2ensite phpldapadmin | log-helper debug
|
||||||
|
|
||||||
|
#
|
||||||
|
# phpLDAPadmin directory is empty, we use the bootstrap
|
||||||
|
#
|
||||||
|
if [ ! "$(ls -A -I lost+found /var/www/phpldapadmin)" ]; then
|
||||||
|
|
||||||
|
log-helper info "Bootstap phpLDAPadmin..."
|
||||||
|
|
||||||
|
cp -R /var/www/phpldapadmin_bootstrap/* /var/www/phpldapadmin
|
||||||
|
rm -rf /var/www/phpldapadmin_bootstrap
|
||||||
|
rm -f /var/www/phpldapadmin/config/config.php
|
||||||
|
fi
|
||||||
|
|
||||||
|
# if there is no config
|
||||||
|
if [ ! -e "/var/www/phpldapadmin/config/config.php" ]; then
|
||||||
|
|
||||||
|
log-helper debug "copy ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/config/config.php to /var/www/phpldapadmin/config/config.php"
|
||||||
|
cp -f ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/config/config.php /var/www/phpldapadmin/config/config.php
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
# fix file permission
|
||||||
|
find /var/www/ -type d -exec chmod 755 {} \;
|
||||||
|
find /var/www/ -type f -exec chmod 644 {} \;
|
||||||
|
chown www-data:www-data -R /var/www
|
||||||
|
|
||||||
|
# symlinks special (chown -R don't follow symlinks)
|
||||||
|
chown www-data:www-data /var/www/phpldapadmin/config/config.php
|
||||||
|
chmod 400 /var/www/phpldapadmin/config/config.php
|
||||||
|
|
||||||
|
exit 0
|
Loading…
Reference in New Issue
Block a user