bingen
/
rpi_docker_home_server
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
82 Commits
6 Branches
Branch: gogs2gitea
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'gogs2gitea'
${ noResults }
rpi_docker_home_server/images/openldap/startup.sh

107 lines
4.1KB
Raw Permalink Blame History 

  1. #!bin/bash

  2. 

  3. # if [ -f "${BKP_FILE}" ]; then

  4. #     rm -f /var/lib/ldap/*

  5. #     /usr/sbin/slapadd -l "${BKP_FILE}"

  6. #     chown -R openldap:openldap /var/lib/ldap/*

  7. # else

  8. #     echo "Warning: No LDAP backup file found!"

  9. # fi

  10. 

  11. # https://github.com/moby/moby/issues/8231#issuecomment-63871343

  12. ulimit -n 1024

  13. 

  14. # Passwords

  15. if [ ! -z $LDAP_ADMIN_PWD_FILE -a -f $LDAP_ADMIN_PWD_FILE ]; then

  16.     LDAP_ADMIN_PWD=`cat $LDAP_ADMIN_PWD_FILE`;

  17. fi

  18. if [ ! -z $LDAP_MAIL_PWD_FILE -a -f $LDAP_MAIL_PWD_FILE ]; then

  19.     LDAP_MAIL_PWD=`cat $LDAP_MAIL_PWD_FILE`;

  20. fi

  21. if [ ! -z $LDAP_NEXTCLOUD_PWD_FILE -a -f $LDAP_NEXTCLOUD_PWD_FILE ]; then

  22.     LDAP_NEXTCLOUD_PWD=`cat $LDAP_NEXTCLOUD_PWD_FILE`;

  23. fi

  24. if [ ! -z $LDAP_GITEA_PWD_FILE -a -f $LDAP_GITEA_PWD_FILE ]; then

  25.     LDAP_GITEA_PWD=`cat $LDAP_GITEA_PWD_FILE`;

  26. fi

  27. 

  28. echo slapd slapd/internal/generated_adminpw password ${LDAP_ADMIN_PWD} | debconf-set-selections \

  29.     && echo slapd slapd/internal/adminpw password ${LDAP_ADMIN_PWD} | debconf-set-selections \

  30.     && echo slapd slapd/password2 password ${LDAP_ADMIN_PWD} | debconf-set-selections \

  31.     && echo slapd slapd/password1 password ${LDAP_ADMIN_PWD} | debconf-set-selections \

  32.     && echo slapd slapd/dump_database_destdir string /var/backups/slapd-VERSION | debconf-set-selections \

  33.     && echo slapd slapd/domain string ${DOMAIN} | debconf-set-selections \

  34.     && echo slapd shared/organization string ${LDAP_ORGANIZATION} | debconf-set-selections \

  35.     && echo slapd slapd/purge_database boolean true | debconf-set-selections \

  36.     && echo slapd slapd/move_old_database boolean true | debconf-set-selections \

  37.     && echo slapd slapd/allow_ldap_v2 boolean false | debconf-set-selections \

  38.     && echo slapd slapd/no_configuration boolean false | debconf-set-selections \

  39.     && echo slapd slapd/dump_database select when needed | debconf-set-selections \

  40.     && dpkg-reconfigure -f noninteractive slapd

  41. 

  42. 

  43. echo "Starting server"

  44. /usr/sbin/slapd -h 'ldap:/// ldapi:///' -g openldap -u openldap -F /etc/ldap/slapd.d & # -d 7 &

  45. #pid="$!"

  46. #echo $pid

  47. for i in {30..0}; do

  48.     ldapsearch -x -w ${LDAP_ADMIN_PWD} -D cn=admin,dc=${DOMAIN},dc=${LDAP_EXTENSION} -b dc=${DOMAIN},dc=${LDAP_EXTENSION} -LLL # &> /dev/null

  49.     r="$?"

  50.     echo result $r

  51.     # TODO: it returns 49, Bad Credentials,

  52.     # but as long as it's not 255 (Can't contact), it's started

  53.     #if [ "$r" -eq 0 ]; then

  54.     if [ "$r" -ne 255 ]; then

  55.         break

  56.     fi

  57.     echo 'LDAP init process in progress...'

  58.     sleep 1

  59. done

  60. if [ "$i" = 0 ]; then

  61.     echo >&2 'LDAP init process failed.'

  62.     exit 1

  63. fi

  64. 

  65. function replace {

  66.     echo $1

  67.     sed -i "s/\${LDAP_ORGANIZATION}/${LDAP_ORGANIZATION}/g" $1

  68.     sed -i "s/\${LDAP_EXTENSION}/${LDAP_EXTENSION}/g" $1

  69.     sed -i "s/\${DOMAIN}/${DOMAIN}/g" $1

  70.     sed -i "s/\${VOLUMES_PATH}/${VOLUMES_PATH//\//\\/}/g" $1

  71.     sed -i "s/\${LDAP_MAIL_UID}/${LDAP_MAIL_UID}/g" $1

  72.     sed -i "s/\${LDAP_NEXTCLOUD_UID}/${LDAP_NEXTCLOUD_UID}/g" $1

  73.     sed -i "s/\${LDAP_GITEA_UID}/${LDAP_GITEA_UID}/g" $1

  74.     sed -i "s/\${LDAP_MAIL_PWD}/${LDAP_MAIL_PWD}/g" $1

  75.     sed -i "s/\${LDAP_NEXTCLOUD_PWD}/${LDAP_NEXTCLOUD_PWD}/g" $1

  76.     sed -i "s/\${LDAP_GITEA_PWD}/${LDAP_GITEA_PWD}/g" $1

  77. }

  78. ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/data/_postfix-book.ldif

  79. for i in `ls /tmp/data/[^_]*.ldif`; do

  80.     replace $i

  81.     #echo ldapadd -w ${LDAP_ADMIN_PWD} -D "cn=admin,dc=${LDAP_ORGANIZATION},dc=${LDAP_EXTENSION}" -f $i

  82.     ldapadd -w ${LDAP_ADMIN_PWD} -D "cn=admin,dc=${LDAP_ORGANIZATION},dc=${LDAP_EXTENSION}" -f $i

  83. done;

  84. # Del 3 ACLs

  85. for i in 1 2 3; do

  86.     ldapmodify  -Y EXTERNAL -H ldapi:/// -f /tmp/data/_acl_del.ldif;

  87. done

  88. # Add 2 ACLs

  89. replace /tmp/data/_acl_add_0.ldif;

  90. ldapmodify  -Y EXTERNAL -H ldapi:/// -f /tmp/data/_acl_add_0.ldif

  91. replace /tmp/data/_acl_add_1.ldif;

  92. ldapmodify  -Y EXTERNAL -H ldapi:/// -f /tmp/data/_acl_add_1.ldif

  93. 

  94. echo "Stopping server"

  95. pid=$(ps -U openldap -o pid=)

  96. #echo $pid

  97. if [ ! -z "$pid" ] && ! kill -s TERM "$pid" ; then

  98.     echo >&2 'LDAP stop process failed.'

  99.     #exit 1

  100. fi

  101. #ps -e -o user,pid,command

  102. 

  103. rm -Rf /tmp/data

  104. 

  105. echo "Restarting server"

  106. /usr/sbin/slapd -h 'ldap:/// ldapi:///' -g openldap -u openldap -F /etc/ldap/slapd.d -d${DEBUG_LEVEL}