Add missing slapd.sh script from LDAP docs, and convert it to using Docker
Signed-off-by: Martin Heide <martin.heide@faro.com>
This commit is contained in:
parent
62efe7bf07
commit
ce337661b9
@ -13,7 +13,7 @@ The connector executes two primary queries:
|
||||
|
||||
The dex repo contains a basic LDAP setup using [OpenLDAP][openldap].
|
||||
|
||||
First start the LDAP server using the example script. This will run the OpenLDAP daemon and seed it with an initial set of users.
|
||||
First start the LDAP server using the example script. This will run the OpenLDAP daemon in a Docker container, and seed it with an initial set of users.
|
||||
|
||||
```
|
||||
./scripts/slapd.sh
|
||||
|
@ -1,8 +1,10 @@
|
||||
dn: dc=example,dc=org
|
||||
objectClass: dcObject
|
||||
objectClass: organization
|
||||
o: Example Company
|
||||
dc: example
|
||||
# Already included in default config of Docker image osixia/openldap:1.4.0.
|
||||
#
|
||||
# dn: dc=example,dc=org
|
||||
# objectClass: dcObject
|
||||
# objectClass: organization
|
||||
# o: Example Company
|
||||
# dc: example
|
||||
|
||||
dn: ou=People,dc=example,dc=org
|
||||
objectClass: organizationalUnit
|
||||
|
@ -11,7 +11,7 @@ connectors:
|
||||
name: OpenLDAP
|
||||
id: ldap
|
||||
config:
|
||||
host: localhost:10389
|
||||
host: localhost:389
|
||||
|
||||
# No TLS for this setup.
|
||||
insecureNoSSL: true
|
||||
|
50
scripts/slapd.sh
Executable file
50
scripts/slapd.sh
Executable file
@ -0,0 +1,50 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Start an OpenLDAP container and populate it with example entries.
|
||||
# https://github.com/dexidp/dex/blob/master/Documentation/connectors/ldap.md
|
||||
#
|
||||
# Usage:
|
||||
# slapd.sh Kill a possibly preexisting "ldap" container, start a new one, and populate the directory.
|
||||
# slapd.sh --keep Same, but keep the container if it is already running.
|
||||
#
|
||||
set -eu
|
||||
cd -- "$(dirname "$0")/.."
|
||||
|
||||
keep_running=
|
||||
if [ $# -gt 0 ] && [ "$1" = "--keep" ]; then
|
||||
keep_running=1
|
||||
fi
|
||||
|
||||
if [ -z "$keep_running" ] || [ "$(docker inspect --format="{{.State.Running}}" ldap 2> /dev/null)" != "true" ]; then
|
||||
echo "LDAP container not running, or running and --keep not specified."
|
||||
echo "Removing old LDAP container (if any)..."
|
||||
docker rm --force ldap || true
|
||||
echo "Starting LDAP container..."
|
||||
# Currently the most popular OpenLDAP image on Docker Hub. Comes with the latest version OpenLDAP 2.4.50.
|
||||
docker run -p 389:389 -p 636:636 -v $PWD:$PWD --name ldap --detach osixia/openldap:1.4.0
|
||||
|
||||
tries=1
|
||||
max_tries=10
|
||||
echo "Waiting for LDAP container ($tries/$max_tries)..."
|
||||
# Wait until expected line "structuralObjectClass: organization" shows up.
|
||||
# Seems to work more reliably than waiting for exit code 0. That would be:
|
||||
# while ! docker exec ldap slapcat -b "dc=example,dc=org" > /dev/null 2>&1; do
|
||||
while [[ ! "$(docker exec ldap slapcat -b "dc=example,dc=org" 2>/dev/null)" =~ organization ]]; do
|
||||
((++tries))
|
||||
if [ "$tries" -gt "$max_tries" ]; then
|
||||
echo "ERROR: Timeout waiting for LDAP container."
|
||||
exit 1
|
||||
fi
|
||||
sleep 1
|
||||
echo "Waiting for LDAP container ($tries/$max_tries)..."
|
||||
done
|
||||
fi
|
||||
|
||||
echo "Adding example entries to directory..."
|
||||
set -x
|
||||
docker exec ldap ldapadd \
|
||||
-x \
|
||||
-D "cn=admin,dc=example,dc=org" \
|
||||
-w admin \
|
||||
-H ldap://localhost:389/ \
|
||||
-f $PWD/examples/config-ldap.ldif
|
Reference in New Issue
Block a user